Shulou(Shulou.com)06/02 Report--

1 basic environment

2 ftp working mode

2.1 ftp Channel

Ftp work starts two channels:

Control channel

In the ftp protocol, control connections are initiated by the client, while data connections have two modes: port mode (active mode) and pasv (passive mode).

2.2 port mode

When the client needs to receive data, ftp_client (random port greater than 1024)-port command-ftp_server (21) sends a port command, which port command includes what port the client uses to receive data (random port greater than 1024). When transmitting data, ftp_server will establish a new connection between its own tcp 20 port and the port contained in port to transmit data.

2.3 pasv mode

When transmitting data, the ftp_client---pasv command-ftp_server (21) sends the pasv command, ftp_server automatically opens a random port between 1024 ftp_server 5000 and informs ftp_client to transmit data on this port, and then the client sends a request connection to the designated port to establish a data link for data transmission.

3 install vsftp

# rpm-qa vsftpd# checks whether # yum-y install vsftpd# chkconfig-- level 35 vsftpd on # sets boot self-boot # chkconfig-- list | grep vsftpd# checks whether boot starts automatically

4 ftp file description

# rpm-ql vsftpd/etc/logrotate.d/vsftpd # vsftpd log file / etc/pam.d/vsftpd # PAM authentication file / etc/rc.d/init.d/vsftpd # startup script / etc/vsftpd # vsftpd configuration file storage directory / etc/vsftpd/ftpusers # prohibit the use of vsftpd user list file / etc/vsftpd/user_list # prohibit or allow users using vsftpd List file / etc/vsftpd/vsftpd.conf # ftp's main configuration file / etc/vsftpd/vsftpd_conf_migrate.sh # vsftpd operation some variables and settings / var/ftp # anonymous user directory / var/ftp/pub anonymous user download directory

5 configure ftp

5.1 vsftpd.conf file parameter description

The yellow part is added and red is modified.

Anonymous_enable=NO # whether to enable anonymous login local_enable=YES # whether to allow local users to log in to write_enable=YES # whether to allow uploading local_umask=022 # default umask code dirmessage _ enable=YES # whether to display the directory description file xferlog_enable=YES # whether to record the ftp transfer process connect_from_port_20=YES # whether to determine whether the port transfer is from 20xferlog_std_format=YES # whether to use Whether the standard ftp xferlog mode chroot_list_enable=YES # restricts system users to their own home directories chroot_list_file=/etc/vsftpd/chroot_list # lists unrestricted users listen=YES # whether to enable snooping pam_service_name=vsftpd # service name userlist_enable=YEStcp_wrappers=YES

5.2 shut down selinux

# setenforce sed-I's setting SELINUXFORCING / etc/selinux/config

6 create a virtual user

6.1 create a user

After creating a user, change the user's shell to nologin, so that the user cannot log in to the system and can only use the services within the ftp.

# useradd-d / home/ftp/test-g ftp-s / sbin/nologin test# echo 123456 | passwd-- stdin test# sets the password

6.2 add user test to chroot_list

# touch / etc/vsftpd/chroot_list # echo test > > / etc/vsftpd/chroot_list

6.3 start the vsftp service

# / etc/init.d/vsftpd start

6.4 Log in to ftp

6.4.1 folder login

Enter: ftp://10.0.0.8 in the folder path box and press enter to log in.

6.4.2 browser login

Enter ftp://10.0.0.8/ in the browser and enter the user name test and password 123456 to test.

6.4.3 cmd command line login

Open the windows cmd window and enter: ftp 10.0.0.8 press enter to enter the user name and password to log in

6.4.4 third-party client login

For example, xftp client login

7 description of other parameters

Max_client=100 # vsftpd supports a maximum of 100links ipmax_per=5 # five links per ip local_max_rate=81920 # limit the transfer speed listen_address=ip # bind an ip to vsftpd, only the ip is allowed to access the xferlog_file=/var/log/vsftpd.log # log storage location

8 common errors reported

8.1 error 1

[root@oldboyedu45-wang ~] # service vsftpd start

Start vsftpd:500 OOPS: bad bool value in config file for: chroot_list_enable for vsftpd [failed]

This error is caused by a space after chroot_list_enable.

Summary

The above is the method of building FTP server in CentOS6.9 introduced by the editor. I hope it will be helpful to you. If you have any questions, you are welcome to leave a message, and the editor will reply you in time!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.