Security and the FreePBX vsftpd provisioning server
I am upgrading to FreePBX from an older Elastix server where I had configured my Polycom phones to pull their provisioning from an ftp server on the Elastix box.
Because it is possible to see the ftp username and password from the Polycom phones, I had set up the login that the phones used so that the username would not be able to login and so that ftp user was chroot’ed to the directory with the provisioning info only (and thus could not snoop around the server).
In FreePBX, I enabled the ftp server in System Admin / Provisioning Protocols, and after I created a username and password, the /etc/vsftpd/vsftpd.conf file was created. However, when I use ftp to connect using my username and password, I am not chroot’ed, and I can roam around the entire file system using the ftp client.
That seems way too obvious to have been overlooked. Is that really the way the ftp server is configured on FreePBX?
Also, the vsftpd.conf that is created by FreePBX includes userlist_deny=no, which would seem to allow, rather than deny, the users in user_list (which includes, e.g. root, bin, and daemon), to log in using the ftp server. Is that what is intended? Wouldn’t we want to exclude the root user from logging in using ftp?
I can manually configure the ftp server to work the way I want (which I had done on the Elastix box), but I doubt that would match the way the Polycom portion of the Endpoint Manager is configured. However, if I set up that user to chroot into /tftpboot, it might work.
Am I missing something? Is there a better way to configure the ftp server?
Thanks!