Setup a secure ftp server for remote access on OS X

Written by Waruna on May 26, 2009 2 Comments

Recently quite a number of forum members asked about how to transfer large file between remote locations. The online services such as DropBox and Wuala do a good job but if you already have a Mac or a Linux machine, it is so much easier and also secure to setup your own FTP (File Transfer Protocol) server using vsftpd (Very Secure File Transfer Protocol Daemon). In this article I will try to guide you through the entire setup process. Lets get started, shall we?

  1. First you need to install the vsftpd using Mac Ports. Open the Terminal.app, enter the following command and hit Enter. If you don’t have Mac Ports installed, get it from here.
    2. sudo port install vsftpd
  2. Now you have to create a vsftpd.config file which defines the rules to secure your ftp server. Fortunately, when you install vsftpd using Mac Ports, it will create a sample config file at /opt/local/etc/ directory. Use the following command to create a config file from the sample file.
    3. sudo cp /opt/local/etc/vsftpd.config.sample /opt/local/etc/vsftpd.config
  3. Open the vsftpd.config file on any editor and make the following changes.
    4. sudo vim /opt/local/etc/vsftpd.config

    To deny access to anonymous users, activate
    anonymous_enable=NO

    To allow local users to access their home directories
    local_enable=YES

    Add a welcome message
    ftpd_banner=Welcome to my FTP service!

    Lock the users in their root directories
    chroot_local_user=YES

    There are several other settings you could activate/deactivate on the config file. Do as it fits.

  4. To run the server, use the following command
    5. sudo /opt/local/sbin/vsftpd

    If you have done everything correctly so far the server should be up and running.

  5. To do an initial test try the following command in a separate tab.
    6. ftp 192.168.1.2

    Replace the ip address with your local ip address.
    This should ask you for a user name and password. Try the user name and the password you use for log-in to your Mac.

  6. Next step is to enable users to access your newly setup FTP server from a remote location. For this you need a service such as DynDNS or No-IP. You can sign-up for a free account with both providers. Once the registration is completed, go ahead and add a new host as shown in the following example.

    7. dyndns

    Do not forget to activate the service.

    If you have done everything correctly, you should be able to connect to the newly set up ftp server from any remote location.

    In case if you have a router in your home network don’t forget to do a port forward.

    That’s all. ;)
    Let me know how it went.

Share and Enjoy:
  • Digg
  • del.icio.us
  • MisterWong
  • Reddit
  • Slashdot
  • StumbleUpon
  • Technorati
Posted in Tips & Tricks, Unix | Tagged , ,

2 Comments to Setup a secure ftp server for remote access on OS X

You can follow all the replies to this entry through the comments feed.

  1. Bob's Gravatar Bob
    November 4, 2009 at 4:59 pm | Permalink

    Thanks for the tutorial. I haven’t done it yet, but will be following it to setup sftp on my mac leopard client machine that I’m setting up as a server.

    One question, what would be the command to have vsftpd automatically load at start-up/restart?

    Bob

  2. Waruna's Gravatar Waruna
    January 12, 2010 at 1:07 am | Permalink

    @Bob
    You can add a cronjob to run the vsftpd daemon at reboot by adding

    @reboot /opt/local/sbin/vsftpd

    To edit/create crontab, use the following command.

    crontab -e

Leave a Reply

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«
»