Starting with version 2.2.21 of TUX and version 2.4.2-U7 of the TUX patched kernel, TUX can be configured to run as an anonymous FTP server.
To configure TUX as an FTP server, use the following commands:
echo 1 > /proc/sys/net/tux/application_protocol echo 21 > /proc/sys/net/tux/serverport echo 0 > /proc/sys/net/tux/nonagle service tux restart
After executing these commands, the TUX FTP server will be running on port 21, serving files from the document root.
To have it display directory listings, run the generatetuxlist script from the FTP docroot. This script creates the files .TUX-LIST and .TUX-NLIST files that cache the directory listing. Everytime the FTP docroot directory changes, the script must be re-run to generate an updated directory listing.
The TUX FTP server has been through numerous stresstests and FTP-client compatibility tests. However, it is still early software. TUX/FTP has no known bugs or security holes at the moment. It has not been tested with a wide number of FTP clients yet (only the most obvious ones).
The following are security features of the TUX FTP Server:
Because TUX does not start per-client processes, the memory allocation overhead for each FTP client logged in is less than 10 KB. This allows thousands of parallel connections.
Paranoid parser and paranoid command-evaluation.
Chroots to docroot.
Never starts any external userspace process. All FTP functionality is done in a approximately 900 lines C module, in the kernel.
Even in kernel mode the TUX FTP Server drops all priviledges and switches to uid and group nobody.
Only the most trivial globbing (mget *) supported, and no recursion support.