Things are coming along nicely.

We now have a VPS that can only be accessed as a non privileged user, needing a key-file and a very long random-char passphrase.

Now, I’m the kind of guy that wants to be really secure, but then, can I really get mad at someone who successfully beats my security efforts? So I created a banner aimed at the hacker that manages to log in. We’ll see if I get an email some day.

Currently, the VPS is not doing anything. So how about we make it a file server? I would like a fileserver for three specific things:

1. Tightly passworded and encrypted FTP for long term storage.
2. Lightly passworded and preferably encrypted FTP for securely sharing or accessing files from a random machine. Preferably from a browser and without needing any special software.
3. Public, browser accessible, download-only FTP

Sadly. My VPS does not have much storage space so big long term storage is no-go.

The first it turns out comes along with SSH for free! So that was already set up and ready.

The second will have to wait for now…

The third then. When looking around I find a lot of recommendations for vsftp for being easy to set up and secure enough for when you “must use FTP”.

It’s old…

Installing was easy. But configuring it was actually harder than it needed to be. Many flags depend on others being switched on, or were modified greatly by others, so a lot of time was wasted chasing trivial problems.

I spent a few hours getting this working without a password. Then I disabled it. I may turn it on at some point in the future, but for now I do not need it and it would be unwise to leave such access unattended.

But it is there. And if I ever want to publicaly share a file with everyone, no strings attached, then i just need to switch it back on!