File Transfer Protocol (FTP)

The File Transfer Protocol (FTP) provides users with a simple way to transfer files to and from an FTP server. FreeBSD includes FTP server software, ftpd, in the base system.

FreeBSD provides several configuration files for controlling access to the FTP server. This section summarizes these files. Refer to ftpd(8) for more details about the built-in FTP server.

Configuration

The most important configuration step is deciding which accounts will be allowed access to the FTP server. A FreeBSD system has a number of system accounts which should not be allowed FTP access. The list of users disallowed any FTP access can be found in /etc/ftpusers. By default, it includes system accounts. Additional users that should not be allowed access to FTP can be added.

In some cases it may be desirable to restrict the access of some users without preventing them completely from using FTP. This can be accomplished be creating /etc/ftpchroot as described in ftpchroot(5). This file lists users and groups subject to FTP access restrictions.

To enable anonymous FTP access to the server, create a user named ftp on the FreeBSD system. Users will then be able to log on to the FTPserver with a username of ftp or anonymous. When prompted for the password, any input will be accepted, but by convention, an email address should be used as the password. The FTP server will call chroot(2) when an anonymous user logs in, to restrict access to only the home directory of the ftpuser.

There are two text files that can be created to specify welcome messages to be displayed to FTP clients. The contents of /etc/ftpwelcome will be displayed to users before they reach the login prompt. After a successful login, the contents of /etc/ftpmotd will be displayed. Note that the path to this file is relative to the login environment, so the contents of ~ftp/etc/ftpmotd would be displayed for anonymous users.

Once the FTP server has been configured, set the appropriate variable in /etc/rc.conf to start the service during boot:

ftpd_enable="YES"

To start the service now:

# service ftpd start

Test the connection to the FTP server by typing:

% ftp localhost

The ftpd daemon uses syslog(3) to log messages. By default, the system log daemon will write messages related to FTP in /var/log/xferlog. The location of the FTP log can be modified by changing the following line in /etc/syslog.conf:

ftp.info      /var/log/xferlog

Note: 

Be aware of the potential problems involved with running an anonymous FTP server. In particular, think twice about allowing anonymous users to upload files. It may turn out that the FTP site becomes a forum for the trade of unlicensed commercial software or worse. If anonymous FTP uploads are required, then verify the permissions so that these files can not be read by other anonymous users until they have been reviewed by an administrator.

https://www.freebsd.org/doc/handbook/network-ftp.html

Create user ftp only freebsd

FTP masih sering digunakan sebagai protokol untuk sharing file antar satu host ke host dengan menggunakan jaringan berbasis TCP semisal internet.

Berikut tutorial cara membuat account ftp pada server FreeBSD 9

1. Pertama kita aktifkan terlebih dahulu server ftp yang ada, pd kesempatan kali ini penulis gunakan ftpd
   • edit file /etc/inetd.conf hilangkan tanda pagar untuk ftpd :
   #vi /etc/inetd.conf
   ftp     stream  tcp     nowait  root    /usr/libexec/ftpd       ftpd -l
   ftp     stream  tcp6    nowait  root    /usr/libexec/ftpd       ftpd -l
   • tambahkan inetd_enable=”YES” dan ftpd_enable=”YES” pada /etc/rc.conf supaya bisa diload setiap kali booting
   • Jalankan inetd dengan perintah
   #/etc/rc.d/inetd start
   • Jalankan server ftpd dengan perintah
   #service ftpd start
2. 2. Membuat script untuk membatasi user account supaya tidak bisa login ke shell (via ssh)
   #vi /usr/sbin/ftponly
   #!/bin/sh -p
   echo ‘Account ini hanya untuk akses ftp saja.’
   exit 1
3. membuat user ftp dengan perintah adduser

# adduser
Username: bagus
Full name: Bagus Setiawan
Uid (Leave empty for default):
Login group [bagus]:
Login group is bagus. Invite bagus into other groups? []:
Login class [default]:
Shell (sh csh tcsh ftponly nologin) [sh]: ftponly
Home directory [/home/bagus]:
Home directory permissions (Leave empty for default):
Use password-based authentication? [yes]:
Use an empty password? (yes/no) [no]:
Use a random password? (yes/no) [no]:
Enter password:
Enter password again:
Lock out the account after creation? [no]:
Username   : bagus
Password   : *****
Full Name  : Bagus Setiawan
Uid        : 1005
Class      :
Groups     : bagus
Home       : /home/bagus
Home Mode  :
Shell      : /usr/sbin/ftponly
Locked     : no
OK? (yes/no): yes

Sumber : http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ftp.html