rajendrajaiswal | 6823ae7 | 2018-09-07 15:23:18 +0100 | [diff] [blame^] | 1 | #!/bin/bash |
| 2 | #This scritt will simulate xNF ftpes functionality. |
| 3 | #This script will automatic install vsftpd and it will make necessary changes to vsftpd.conf |
| 4 | sudo apt-get install vsftpd -y |
| 5 | sudo useradd -m -u 12345 -g users -d /home/ftpuser -s /bin/bash -p "$(echo ftpuser | openssl passwd -1 -stdin)" ftpuser |
| 6 | sudo chown root:root /home/ftpuser |
| 7 | sudo mkdir -p /tmp/ftp/rop |
| 8 | sudo chown nobody:nogroup /tmp/ftp/rop |
| 9 | sudo openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem -subj "/C=IE/ST=ftp/L=Springfield/O=Dis/CN=www.onap.org" |
| 10 | sudo sed -i -e '/anonymous_enable=/ s/=.*/=NO/' /etc/vsftpd.conf |
| 11 | sudo sed -i -e '/local_enable=/ s/=.*/=NO/' /etc/vsftpd.conf |
| 12 | sudo sed -i -e '/write_enable=/ s/=.*/=YES/' /etc/vsftpd.conf |
| 13 | sudo sed -i -e '/#write_enable=/ s/#write_enable=.*/write_enable=YES/' /etc/vsftpd.conf |
| 14 | sudo sed -i -e '/chroot_local_user=/ s/=.*/=YES/' /etc/vsftpd.conf |
| 15 | sudo sed -i -e '0,/#chroot_local_user=/ s/#chroot_local_user=.*/chroot_local_user=YES/' /etc/vsftpd.conf |
| 16 | sudo sed -i -e '/ssl_enable=/ s/=.*/=YES/' /etc/vsftpd.conf |
| 17 | sudo sed -i -e "/ssl_enable=YES/a\\allow_anon_ssl=YES" /etc/vsftpd.conf |
| 18 | sudo sed -i -e "/allow_anon_ssl=NO/a\\force_local_data_ssl=NO" /etc/vsftpd.conf |
| 19 | sudo sed -i -e "/force_local_data_ssl=NO/a\\force_local_logins_ssl=NO" /etc/vsftpd.conf |
| 20 | sudo sed -i -e "/force_local_logins_ssl=NO/a\\ssl_tlsv1=YES" /etc/vsftpd.conf |
| 21 | sudo sed -i -e "/ssl_tlsv1=YES/a\\ssl_sslv2=NO" /etc/vsftpd.conf |
| 22 | sudo sed -i -e "/ssl_sslv2=NO/a\\ssl_sslv3=NO" /etc/vsftpd.conf |
| 23 | sudo sed -i -e "/ssl_sslv3=NO/a\\require_ssl_reuse=NO" /etc/vsftpd.conf |
| 24 | sudo sed -i -e "/require_ssl_reuse=NO/a\\ssl_ciphers=HIGH" /etc/vsftpd.conf |
| 25 | sudo sed -i -e "/ssl_ciphers=HIGH/a\\hide_ids=YES" /etc/vsftpd.conf |
| 26 | sudo sed -i -e "/ssl_ciphers=HIGH/a\\anon_root=/var/ftp/" /etc/vsftpd.conf |
| 27 | sudo sed -i -e "/ssl_ciphers=HIGH/a\\no_anon_password=YES" /etc/vsftpd.conf |
| 28 | sudo service vsftpd restart |