multiple ftp servers on one centos 7 machine
multiple ftp servers on one centos 7 machine
Hi, I run vsftpd on my server will SSL enabled for ftp to the outside world via port 21. No problem.
I have webcams on my internal network that transfer webcam shots to this server via ftp. As the webcam doesn't support SSL via FTP, I cannot use vsftpfd in SSL mode when vsftpd handles both internal webcam traffic and outside world ftp traffic. Not a good solution for the outside traffic!
Can I run another ftp server in parallell with vsftpd, which listens on different port (not 21 as this is used by vsftpd), say 9876, and tell the webcam to use this port only?
Which ftp program should I install side by side of vsftpd, or can I run two instances of vsftpd, each with their own settings? If yes, how do I do this?
Any help is appreciated!
Thanks
Ralf
I have webcams on my internal network that transfer webcam shots to this server via ftp. As the webcam doesn't support SSL via FTP, I cannot use vsftpfd in SSL mode when vsftpd handles both internal webcam traffic and outside world ftp traffic. Not a good solution for the outside traffic!
Can I run another ftp server in parallell with vsftpd, which listens on different port (not 21 as this is used by vsftpd), say 9876, and tell the webcam to use this port only?
Which ftp program should I install side by side of vsftpd, or can I run two instances of vsftpd, each with their own settings? If yes, how do I do this?
Any help is appreciated!
Thanks
Ralf
-
- Posts: 68
- Joined: 2018/12/08 21:46:22
- Location: Italy
Re: multiple ftp servers on one centos 7 machine
Hi you can run multiple ftp instances on same server like this:
cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd2.conf
edit vsftp2.conf whit another port not used by vsftpd.conf and disable ssl.
cp /usr/lib/systemd/system/vsftpd.service /usr/lib/systemd/system/vsftpd2.service
edit vsftpd2.service
from:
ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
to:
ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd2.conf
Systemctl start vsftpd2.service
systemctl enable vsftpd2.service
Bye
cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd2.conf
edit vsftp2.conf whit another port not used by vsftpd.conf and disable ssl.
cp /usr/lib/systemd/system/vsftpd.service /usr/lib/systemd/system/vsftpd2.service
edit vsftpd2.service
from:
ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
to:
ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd2.conf
Systemctl start vsftpd2.service
systemctl enable vsftpd2.service
Bye
Re: multiple ftp servers on one centos 7 machine
I'm afraid that ftp is a very odd protocol and doesn't like being redirected to a different port number. Your best bet would be to run two instances and listen on port 21 on two different ip addresses. That would be much easier to implement and manage.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: multiple ftp servers on one centos 7 machine
Thanks mashiro2004 and Trevor !
The solution presented by Mashiro should be feasible though, inspite of ftp being an odd protocoll?
I checked that one can add to vsftpd.conf:
which seem to facilitate a function to change the ftp port number?
So, am I correct when I conclude, I need to have two A's and two B's, one set for the outside word ftp traffic and one for the internal network (webcam).
My webcam FTP interface has only one port to be set, 21 being default - which I keep. Then I can use 2021 (A) and 2020 (B) for the outside world and forward them from the router to the server.
Should the above work in your view?
My second question: the vsftpd.conf file also includes a line:
Do I need to modify this line in the conf file for other vsftpd process?? If yes, in which way?
Using two IP addresses is probably a more neater way as Trevor says, but requires an extra network card, which I prefer to avoid just now.
I appreciate your comments again!
Ralf
The solution presented by Mashiro should be feasible though, inspite of ftp being an odd protocoll?
I checked that one can add to vsftpd.conf:
Code: Select all
# /etc/vsftp/vsftpd.conf
listen_port=A
ftp_data_port=B
So, am I correct when I conclude, I need to have two A's and two B's, one set for the outside word ftp traffic and one for the internal network (webcam).
My webcam FTP interface has only one port to be set, 21 being default - which I keep. Then I can use 2021 (A) and 2020 (B) for the outside world and forward them from the router to the server.
Code: Select all
# Make sure PORT transfer connections originate from port 20 (ftp-data).
#connect_from_port_20=YES
listen_port=2021
ftp_data_port=2020
My second question: the vsftpd.conf file also includes a line:
Code: Select all
pam_service_name=vsftpd
Using two IP addresses is probably a more neater way as Trevor says, but requires an extra network card, which I prefer to avoid just now.
I appreciate your comments again!
Ralf
-
- Posts: 68
- Joined: 2018/12/08 21:46:22
- Location: Italy
Re: multiple ftp servers on one centos 7 machine
Hi, for the pam conf you can
cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd2
and modify the conf file...
If the binding on a single ip and differents ports give you some problems, i think you can bind on 2 different ip on same network card configuring alias interface (i think but i'm not sure )
cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd2
and modify the conf file...
If the binding on a single ip and differents ports give you some problems, i think you can bind on 2 different ip on same network card configuring alias interface (i think but i'm not sure )
Re: multiple ftp servers on one centos 7 machine
Thanks mashiro!
The /etc/pam.d/vsftpd file reads:
So the only thing to modify (when needed) is the /etc/vsftpd/ftpusers . The rest should be the same. Correct?
Thanks again!
Ralf
The /etc/pam.d/vsftpd file reads:
Code: Select all
#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
auth required pam_shells.so
auth include password-auth
account include password-auth
session required pam_loginuid.so
session include password-auth
Thanks again!
Ralf
-
- Posts: 68
- Joined: 2018/12/08 21:46:22
- Location: Italy
Re: multiple ftp servers on one centos 7 machine
yesralf wrote: ↑2019/01/09 07:10:09Thanks mashiro!
The /etc/pam.d/vsftpd file reads:
So the only thing to modify (when needed) is the /etc/vsftpd/ftpusers . The rest should be the same. Correct?Code: Select all
#%PAM-1.0 session optional pam_keyinit.so force revoke auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed auth required pam_shells.so auth include password-auth account include password-auth session required pam_loginuid.so session include password-auth
Thanks again!
Ralf