using SSH. See the “Telnet Versus SSH” section in Chapter 19, “Remote
Access with SSH, Telnet, and VNC,” and replace Telnet with FTP for an idea
about why this would be a good move.
Controlling Anonymous Access
You can toggle anonymous access features for your FTP server by editing the
vsftpd.conf file and changing related entries to YES or NO in the file.
Settings to control how the server works for anonymous logins include the
following:
anonymous_enable—Disabled by default. Use the setting YES and
then restart the server to turn on anonymous access.
anon_mkdir_write_enable—Allows or disallows creation of new
directories.
anon_other_write_enable—Allows or disallows deletion or
renaming of files and directories.
anon_upload_enable—Controls whether anonymous users can
upload files (which also depends on the global write_enable
setting). This is a potential security and liability hazard and should rarely
be used; if it is enabled, consistently monitor any designated upload
directory.
anon_world_readable_only—Allows only anonymous users to
download files with world-readable (444) permission.After making any changes to your FTP server configuration file, make sure to
restart the server; this forces vsftpd to reread its settings.
Other vsftpd Server Configuration Files
You can edit vsftpd.conf to enable, disable, and configure many features
and settings of the vsftpd server, such as user access, filtering of bogus
passwords, and access logging. Some features might require the creation and
configuration of other files, such as the following:
/etc/vsftpd.user_list—Used by the userlist_enable and
the userlist_deny options, this file contains a list of usernames to
be denied access to the server.
/etc/vsftpd.chroot_list—Used by the