How to Install and Configure FTP and Web Server with Ubuntu 15.10 - Part Three

We're almost done. You could actually stop now and tell people you've successfully installed and configured a UNIX web and file server. But wouldn't it be more fun if you actually had a webpage on your web server? And wouldn't it be AMAZING if there was another user besides you who could actually create new files and webpages for your server?

Of course it would! I thought you seemed like a fun person.

It doesn't actually matter what order you do these last steps, unless you want to experience the thrill of using one of the users you created to add files or webpages to your server. If you want that, then do the section on "chmod" first, since that will grant your user access to the server.

8. Change Permissions to the File and Web Server Directories

We're going to use the "chmod" command to "change mode" on the file and web server directories, so that other users have permission to read, write, and execute files on the server. Fully describing chmod is beyond the scope of this guide, but there is some great information out there already on the subject. Here's a great place to learn more:
https://en.m.wikibooks.org/wiki/A_Quick_Introduction_to_Unix/Permissions

We're just going to use chmod 777 to change the permissions on this file. This is almost certainly not what you would choose in an actual organization, since this makes the file accessible to everyone, but it works for this project and for you to learn how to change permissions to a file.

From the command line:

     sudo chmod 777 /srv/ftp

Now your created user should be able to place files onto the file server. To test this, go to another machine on your network. I'm using a Windows 7 machine to do this - here are the commands I'm using to test:

• Press Windows button and type "run" (without quotation marks)
• Select "Run" application from list
• Type "cmd" into the prompt
• Type "ftp your.server.ip.address" 
• Enter added user's username and password at the prompts
• Enter "bin" to ensure binary mode (always do this when you're accessing an ftp server to avoid headaches from ASCII)
• Create and save a document on the desktop of the Windows machine outside of the terminal.
• Back at the terminal, type "put C:\Users\username\Desktop\filename.extension
• You can access the file name under "properties" by right clicking on the file icon on the desktop.
• The message "226 Transfer complete" lets you know that you've successfully added a file!

Nice work!

9. Create a Web Page and Save to USB Drive

There are so many ways you can do this. I'm not going to teach you any html here - there are plenty of places to learn that elsewhere online. You have many easy options at your disposal. You will probably want to use a computer with a GUI to do this, though, if you're not planning on learning the basics of HTML programming. Easy options:

• Open a document in a text editor like Notepad. Edit it however you like, and save it as an HTML file by replacing the default .txt extension with .html.
• Use a free website generator to make a webpage. Right click on the page and select "View page source". Copy and paste the source code into a text document and save as an HTML file.
• Go to a website you like and copy the source code, save into HTML file.
• Leave the default "index" file listed on your web server - there's already a (boring) page there, haha. Although it does have some good information about Apache...

Then save your HTML file onto a USB drive. I'm guessing that if you're this far into this guide, you probably don't need instructions on how to do that, but if you do, there are plenty of instructions online. It's not complicated if you're using a computer with a GUI.

10. Place Your HTML File onto the Apache2 Server and Test Accessibility

Although you could simply adjust the settings on /srv/ftp/www so that your user can upload a webpage to the server, we're going to do this from the terminal for the opportunity to learn an additional skill: mounting a USB drive and moving information from a USB device to the local drive using the command line.

First, you need to find out where your USB drive is located. Place the USB with the HTML file you created into one of the USB slots. Then go to the command line, and type:

     sudo fdisk -l

You will need to exercise a little critical thinking in reading the output - you should see your media listed as something like "/dev/sdb1". You will know it's the correct one by identifying the size of the volume, which should be different from other volumes the system lists, such as your hard drive. Removing any other plugin media you have will make this easier.

Next, you're going to create a directory for your media and mount the USB drive. Type:

     sudo mkdir /media/usb

Then:

     sudo mount /dev/sdb1 /media/usb

The second command allows you to access the USB files from your local directory. Next, you will use the move command to move the HTML file to the web server. Enter:

     sudo mv /media/usb/yourHTMLfilename.html /srv/ftp/www/yourHTMLfilename.html

When you're finished moving files to your web server, unmount the USB drive:

     sudo umount /media/usb

Then reboot your server machine entirely, by typing:

     sudo reboot

After it restarts, go check to see if your webpage appears on your server, either by pulling it up in a web browser on another computer on your network, or by looking at the file directory by accessing /srv/ftp/www and entering either the ls or dir commands.

Final Notes:
If you've learned what I hope for you to have learned and sufficiently tested out this method, you will probably notice that the admin user on the server does not have access to the FTP server on any machine except the server itself, but does have access to the HTML file, and the user chrooted to the FTP directory has access to the FTP file, but only the original index page from Apache. However, you should have a much more functional understanding of a number of UNIX commands and navigating the file system.

Creating groups or using the symlink commands would likely make for a more functional server for multiple users in an enterprise application. I will post additional links as I find more information about the subject.

I hope this was of use to you. If you have any comments, questions, or suggestions, I would love to hear from you. Thanks for stopping by!

How to Install and Configure FTP and Web Server with Ubuntu 15.10 - Part Two

Now that we have successfully installed the operating system, anti-virus, FTP and web servers, it's time to start creating users and configuring the system so that it works the way we want it to. Well, the way I need it to for this particular project - and if you're just learning how to set up such  server as this, maybe how you want it to work as well.

3. Add Users

First we're going to add the users. We will be adding them as potential users for the entire system, and then restricting their access later. My instructor has specified that I name my users "wsc1", "wsc2", et cetera. You can choose more creative names for your users, obviously - just replace "wsc#" with whatever username you prefer. Here's how to do it:

     sudo adduser wsc1

If you're logged in as root, you won't need to use the "sudo" command. After pressing enter, you should be prompted to enter the root or admin password. Then they will ask you for information about the user you're adding - I've left this part blank since it's not relevant to making my project work. If I were doing this for a company, I would be entering user information to specify who the user account was made for.

Once you've added all the users you would like to add, move on to the next step.

***Please note that if you are creating more than one user, and you want all of your users to be able to easily access the servers, you would then also need to add a group, and add the users to that group. I do not need to do this for this project, so I am not describing that process here.***

4. Backup Passwd File and Change User's Home Directory

Now we're going to make sure your newly created users can't access the rest of the system and wreak unimagineable havoc for other users, should you ever implement such a thing at work with actual human users.

First, copy the /etc/passwd file in case you make a mistake. This way, you still have access to your original file and can just reverse the copying process to restore the original settings. The command "cp" means copy. Here's how I did it:
   
     cp /etc/passwd /etc/passwd.original

When you edit files, you will need to use editor software of some sort. Ubuntu 15.10 comes with "Nano" preinstalled. I prefer to use something called "Vim", which is what I'll be using here. If you're using a different editor than "Vim", you'll need to adjust your commands accordingly. For example:

• To open the configuration file in Nano:
• sudo nano /etc/vsftpd.conf
• To open the configuration file in Vim:
• sudo vim /etc/vsftpd.conf

Note that entering the name of the editor specifies which one you want to use. And be aware that commands for saving and exiting the editor are different in different editors, so if you're not using Vim, you'll need to use the appropriate commands for the one you choose. If you want to make sure you have Vim installed so you can follow along with me directly, type the following into the prompt to install:

     sudo apt-get install vim

Type the following into the command line (and again, note the differences for your preferred editor):

     sudo vim /etc/passwd

Now you should see a colourful series of lines of text. At or near the bottom of the list, you should see the names of your new users at the far left of the screen. Each colon (:) separates a different field. First, the username. Then the "x" is sort of a throwback to the old days, when a hash of the password would appear in this file. I can't tell you exactly what the next two numbers mean, but they are used to identify your user in the system one way or another. If you did not enter user information, like me, you'll see three commas, then something like "/home/username:/bin/bash".

If you're using Vim, use the arrow keys to navigate the cursor where you want to edit, and press <insert> to begin editing. You're going to change the end of the line for your user(s) that we were just discussing, like so:

Original:
     :/home/username:/bin/bash

New:
     :/srv/ftp:/bin/bash

When you are finished editing, press the <Esc> key a couple of times for good measure - this will take you out of editing mode in Vim. Then use one of the following commands:
     To save:
          :w <Enter>
     To exit:
          :x <Enter>
     To exit WITHOUT SAVING:
          :q! <Enter>

In other FTP servers, you would use /bin/false instead, but VSFTPD requires bash to run in the background as an oddity.

***I chose to only change the home directory for one of my users since I will not be creating a group. You could still restrict all of them to the FTP server this way without making a group and using the command "symlink" instead to redirect them, but applying that is beyond the scope of this tutorial.***

5. Configure VSFTPD

On with the configuration! Remember the note earlier about your preferred editor. You may also want to make a backup copy in case of errors, using the same method as above and just changing to the appropriate file names. To configure VSFTPD, enter:

     sudo vim /etc/vsftpd.conf

When the file loads, you'll see that the configuration file consists of many lines of text. Most of these lines have a hashtag at the beginning of the line; this is used to indicate a comment, which is not an applied setting in configuration. Anything that is a complete sentence (with grammatically correct capitalization and punctuation) needs to remain as a commented file, since your computer cannot understand English (or whatever your preferred natural language is). The statements with the equal sign indicate a setting, and you can delete the hashtag to apply the setting.

There are many, many different ways that VSFTPD can be configured to work, even with the same functional goal in mind. This is simply how I have it set up so that it works for me. If you want to learn more about VSFTPD configuration settings, you can find some excellent documentation by typing the following into the command line - but be sure you've exited the configuration file and accessed the command line, first:

     man vsftpd.conf

That will bring up the "manual" file for vsftpd configuration. If you choose to look at it, you'll notice that there are many settings listed here that don't appear in your default configuration file. You add them simply by adding them in in the .conf file, as we will do with one setting momentarily (assuming your default configuration file is the same as mine).

Anyway, back to the configuration file. Here are the uncommented settings I have applied to my system, and they do work on the setup I have in place:

• listen=NO
• listen_ipv6=YES
• anonymous_enable=NO
• local_enable=YES
• write_enable=YES
• dirmessage_enable=YES
• use_localtime=YES
• xferlog-enable=YES
• connect_from_port_20=YES
• chroot_local_user=YES
• allow_writeable_chroot=YES
• secure_chroot_dir=/var/run/vsftpd/empty
• pam_service_name=vsftpd
• rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
• rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
• ssl_enable=NO

The bit about "allow_writeable_chroot=YES" is in a larger font because you will need to enter it manually if you are setting up with the same versions of Ubuntu and VSFTPD that I am. I put it on the line immediately below "chroot_local_user" so it would be easy to find, but you can put it anywhere in the file as long as it has its own uncommented line.

Once you've finished editing your configuration file, save and exit. After you've saved the changes, you'll need to restart VSFTPD for them to be applied. To do this, type:

     sudo service vsftpd restart

Great! You should have a working file server now. 

6. Add a Touch File and Test User Access to File Server

First, we'll put a touch (empty) file on the file server. Here's how to do it, from the command line. First, access the file server:

     cd /srv/ftp

Next, add the touch file;

     sudo touch FTPfile

The final word in that string is the name you wish to give your file - choose whatever you like best. If you want to edit that file, you can open it using your editor and enter in anything you like, save, and exit.

Now it's time to make sure your user can access the file server. To do this, first find your server machine's IP address. Type the following into the command line:

     ifconfig

The string of numbers following "inet addr:" will be your IP address. In my case, it's 10.153.10.53 - there will be four numbers separated by periods.

Now, go to a different computer on your network, one that has a GUI installed. Pull up Chrome or another web browser, and type the following into the address bar:

     ftp://your.server.ip.address

(This looks like ftp://10.153.10.53 on my machine.)

A window should appear requesting you to enter your username and password. Enter the name and password of a user you've allowed access to your FTP server in the appropriate fields, then press <Enter>.

You should see "Index of/" at the top of the page, with your newly created file underneath. If you don't receive an error message, you have successfully connected to to the FTP server, and should be able to view the file you've placed on the server. However, your user cannot yet place files on the server - we'll get to that in Part Three.

For now, go back to your server machine.

7. Move Web Server Index to FTP Server Directory

Since we jailed our user to the directory where the FTP server is located, it makes things easier for that user to access if we put the Apache server into the same directory. In an enterprise situation, it's *possible* that you might want some people to have access to only one or the other, but it seems a fairly unlikely scenario - if that is the case, though, this guide simply will not provide you with the information you need.

First, we need to make a directory in the FTP server to hold the web server. To do this, enter the following at the command line:

     sudo mkdir /srv/ftp/www

Now that you have somewhere for your web server to go, let's put it there!

***PLEASE NOTE THAT WE WILL BE ENTERING A VERY SENSITIVE FILE ON YOUR SYSTEM THAT GOVERNS HOW THE COMPUTER BEHAVES. IF YOU THINK FOR ANY REASON THAT YOU HAVE ACCIDENTALLY CHANGED ANY OF THE PRE-EXISTING TEXT, EXIT WITHOUT SAVING!!!

OTHERWISE, YOU WILL NEED TO START OVER WITH RE-INSTALLING THE OS!!!***

To move the web server contents, we are going to use a file called "/etc/fstab". As mentioned above, you do NOT want to make any changes to the existing text. Before you press the <Insert> key, use the arrow keys to go to the very end of the existing block of text. Press the down and right arrow keys a few extra times just to be sure. Then, press <Insert> and hit the <Enter> key a few times so that you're far away from the existing text and therefore unlikely to accidentally edit it. Now, let's get into this dangerous place and do some work. Enter the following at the command line:

     sudo vim /etc/fstab

On your new line, enter the following string of text. Do not use the <spacebar> key between any section - instead, use the <Tab> key.

     /var/www/html     /srv/ftp/www     none     rw,bind     0     0

Check, double check, triple check, however many times you need to - and make sure that you've correctly entered this string of text. The first field represents the old location of your web server, the second one is where you want it to go, and the rest are beyond the scope of this guide, but necessary for proper implementation.

If at any point you're unsure if you might have accidentally changed anything in the original text, just close without saving.

When you're satisfied that you've added the new line correctly without changing anything else, save, and exit.

Congratulations, you should now have a working FTP server - and you're really close to having a functional web server, too! Ok, the web server already works, it just doesn't have anything on it yet. :)

How to Install and Configure FTP and Web Server with Ubuntu 15.10 - Part One

In my UNIX class, I've been tasked with the following:

"Create a file and web server using Ubuntu 15.10, VSFTPD, and Apache2. Install antivirus. Upload a file on VSFTPD and a webpage on Apache2. Create 5 users, and make sure your users are able to access both the file and web server."

First, I will note that I have been working on this in the lab at my school - you will certainly need to have a network set up for this to work, whether it's simply a hard wired connection or a more sophisticated setup.

Let's start. :)

1. Install Ubuntu

I am using Ubuntu 15.10 server edition in 64 bit. Using server edition means that the GUI will not be installed on the server itself, which saves time and resources (GUIs are usually not installed on servers for this exact reason). Using a different Linux/UNIX distribution will be very similar.

1.1 Create a LiveCD or LiveUSB. Documentation on how to do this is abundant through the Ubuntu website.

1.2 Once you've created your installation media, place the CD or USB into the appropriate drive, and restart the computer you are using for the server.

1.3 Options selected during the installation process - obviously, change the options based on your preferred language and location:

• English
• Install Ubuntu
• English - English
• United States
• Do not auto detect keyboard! (For me, the keyboard was incorrectly identified.)
• English (US) X2
• Enter Hostname (This will be the name of your server on the internal network.)
• Enter user account name (This will be the name of the default administrative user on your server - BE SURE TO REMEMBER THIS! YOU WILL NEED TO ENTER IT TO LOGIN LATER.)
• Select a password (the longer, the better!)
• Do NOT encrypt the home directory (Although you would want to do this in an enterprise setting to improve security, for the purposes of exploring the environment here, we're keeping things simple for now.
• Select Timezone (local is usually the way to go)
• Select YES to unmount partitions. This allows your newly installed operating system to use all the resources available on the machine.
• Select "Guided - use entire disk". Again, we're keeping things simple. No manual installation, no LVM, etc.
• Enter to select your primary disk.
• YES to write changes to disk (otherwise, it won't install!)
• Enter your proxy if you use one, otherwise leave it blank.
• I selected to perform manual updates to get more practice using command line and checking for updates. Your call.
• Use <Spacebar> to select OpenSSH Server, <Enter> to finish.
• Select YES to use GRUB.
• Remove media to continue, reboot your computer.

2. Run updates, Install Anti-Virus, Install VSFTPD and Apache2

If you're new to this stuff, the installation process is much easier than it sounds. Configuration is where things get interesting. :)

• Login to your server using the user account name and you chose during installation, press enter.
• Enter the password you selected during installation.
• Wait a moment for the system to initialize. You will be given a command line prompt that will look like this:
• username@hostname

2.1 Go to the root of the directory. By default, you will login to the "home" directory, which is not the same as the root directory. To access the root directory, type the following command and press enter, twice:

     cd ..

This means "change directory", and takes you to the directory next closest to the root directory each time you enter it.

When you have successfully reached the root directory, your prompt will appear as username@hostname:/$. The prompt gives you clues to let you know where you are in the directory.

2.2 Apply updates to the OS. This includes patches to known security issues, so it's pretty important. To do so, type the following command:

     sudo apt-get update

You will be asked to enter your password at times when you use the sudo command. The most important thing to note here is that "sudo" means "super user do". This command allows you to perform administrative tasks on your system without logging in as root, and is slightly safer to use than root for novices.

2.3 Install antivirus. Even though Linux is less targeted by viruses, it still happens. I don't recommend running any system without some kind of anti-malware. Here, we're using ClamAV.

     sudo apt-get install clamav clamav-daemon

2.2 Install VSFTPD. This is your file server. VSFTPD stands for Very Secure File Transfer Protocol Daemon. It's the most secure FTP server I'm aware of at the time of this writing.

     sudo apt-get install vsftpd

2.3 Install Apache2. Apache web servers have been around for quite a while, and there is excellent documentation available at www.apache.org.

     sudo apt-get install apache2

Voila! You have now created a web and file server! Unless you have some very unusual computing needs, it almost certainly doesn't actually do what you will want or need it to do. But take a moment to enjoy your accomplishment. :)

Introduction

Hi!

I'm a student in Computer Information Systems, and this blog is here to document the tech projects I work on, both in class and outside of class. You can read more about me on my profile, or if you have questions, feel free to ask!

*Please note that I may not know the answer to your question - but I will say so if that is the case, and I will give you my best effort in answering your question. Cheers!