Shulou(Shulou.com)06/01 Report--

In this issue, Xiaobian will bring you about how to install RPM software package when CentOS VSFTPD is installed. The article is rich in content and analyzed and described from a professional perspective. After reading this article, I hope you can gain something.

CentOS Linux and RHEL distributions with corresponding version numbers have binary compatibility at the package level, i.e., if an RPM package can be installed and run in RHEL products, it can be installed and run in the corresponding version of CentOS Linux.

1. CentOS VSFTPD is installed in RPM package.

First rpm -qa| grep CentOS VSFTPD Check if it is installed, if not, install it, I use yum

yum install vsftpd

See below:

[root@ftp sbin]# yum install vsftpd

[root@ftp sbin]# service vsftpd status

vsftpd is stopped

[root@ftp sbin]# service vsftpd start

Starting vsftpd for vsftpd: [ OK ]

[root@ftp sbin]#

2. Set it to run automatically every time you power it on and start it manually:

chkconfig vsftpd on

service vsftpd start

netstat -tl can check if ftp port is listening!

The requested URL/etc/vsftpd/vsftpd/was not found on this server.

3. CentOS VSFTPD has been able to FTP has been able to run normally,

4.FTP configuration Refer to the following settings:

Beginners test:(note: anonymous users use ftp this system user, no password)

a. Anonymous server connection (independent server)

Add the following entries to the/etc/vsftp/vsftpd.conf configuration file:

Anonymous_enable=yes

Dirmessage_enable=yes (when switching directories, display the contents of.message under directory)

Local_umask=022 (local file permissions on FTP, default is 077)

Connect_form_port_20=yes (data connection with FTP data port enabled)*

Xferlog_enable=yes (enable upload and download logs)

Xferlog_std_format=yes (use standard log format)

FTpd_banner=XXXXX (welcome message)

Pam_service_name=vsftp *

Listen=yes (standalone CentOS VSFTPD server)*

Function: can only connect FTP server, can not upload and download

Note: All of them associated with log welcome messages are optional, marked with an asterisk no matter what account to add, is a basic option belonging to FTP

b. Enable anonymous FTP server upload permissions

Add the following information to the configuration file:

Anon_upload_enable=yes

Anon_mkdir_write_enable=yes (you can create directories and upload files in this directory)

Write_enable=yes

Anon_other_write_enable=yes

c. Enable anonymous server download permissions

Add the following information to the configuration file:

Anon_world_readable_only=no

Note: Note the properties of the folder, anonymous accounts are other users to enable its read and write execution permissions

(R) Read----Download (W) Write---Upload (X) Execute---If FTP is not opened, the directory cannot be entered.

d. Connection to FTP server for regular users (standalone server)

Add the following information to the configuration file:

Local_enable =yes

Write_enable=no (local account has no right to delete and modify files after logging in)

Features: You can log in to CentOS VSFTPD server with local account, and have download and upload permissions.

Note: Anonymous servers can still log in after blocking anonymous login information, but they cannot upload and download.

e. User login restricted to other directories, only its home directory

Set all local users to chroot

Chroot_local_user=yes (all local accounts can only be in their own directory)

Set specified user to execute chroot

Chroot_list_enable=yes

Chroot_list_file=/arbitrary specified path/vsftpd.chroot_list

Note: vsftpd.chroot_list is not created need to add their own, if you want to control the account directly in the file to add the account

f. Restrict FTP access to local users

Userlist_enable=yes (restrict user access with userlistlai)

Userlist_deny=no

Userlist_file=/Specify the path where the file is stored/(path where the file is placed)

Note: Open userlist_enable=yes Anonymous accounts cannot log in

g. security options

Idle_session_timeout=600(seconds)(10 minutes after the user session is idle)

Data_connection_timeout=120 seconds (leave data connection idle for 2 minutes)

Accept_timeout=60 (seconds)(leave client idle for 1 minute before disconnecting)

Connect_timeout=60 seconds (1 minute break and then reconnect)

Local_max_rate=50000 (bite)(local user transmission rate 50K)

Anon_max_rate=30000 (bite)(anonymous user transmission rate 30K)

Pasv_min_port=50000 (change the client data connection port to

Pasv_max_port=60000 50000-60000)

Max_clients=200 (FTP *** connections)

Max_per_ip=4 (*** connections per IP)

Listen_port=5555 (data connection from port 5555)

h. See who logged on to FTP and killed its process

ps -xf |grep ftp

kill process number

5. Advanced part of the test:

Configure FTP for local group access First create user group test and FTP home directory groupadd test

mkdir /tmp/test

Then create user useradd -G test -d /tmp/test -M usr1

Note: G: The group the user belongs to d: indicates that the location of the user's own directory is given to the specified

M: Do not create default home directory, that is, there is no own directory under/home

useradd -G test -d /tmp/test -M usr2 Then change the owner and permissions of the folder

chown usr1.test /tmp/test ---This means that the owner of/tmp/test is usr1

chmod 750 /tmp/test ----7 means wrx 5 means rx 0 means nothing

The purpose of this experiment is that usr1 has upload, delete and download permissions, and usr2 has download permissions only, not upload and delete permissions.

Of course, don't forget our main configuration file CentOS VSFTPD.conf

Change or add user password Take user name as an example, add user: useradd name, set password: passwd name, and then enter the password twice according to the prompt.

Delete user: userdel name, in fact, is not completely deleted, but the user can not log in, the files under its directory are still preserved.

e.g. useradd username

passwd username

userdel username

Make sure that local_enable=yes, write_enable=yes, chroot_local_usr=yes are available!

6. A brief description of the parameters in CentOS VSFTPD.conf:

Anonymous_enable=yes

Dirmessage_enable=yes (when switching directories, display the contents of.message under directory)

Local_umask=022 (local file permissions on FTP, default is 077)

Connect_form_port_20=yes (data connection with FTP data port enabled)*

Xferlog_enable=yes

Xferlog_std_format=yes (use standard log format)

FTpd_banner=XXXXX (welcome message)

Pam_service_name=vsftpd (authentication method)*

Listen=yes (standalone CentOS VSFTPD server)*

Anon_upload_enable=yes

Anon_mkdir_write_enable=yes (you can create directories and upload files in this directory)

Write_enable=yes

Anon_other_write_enable=yes

Anon_world_readable_only=no

Ascii_upload_enable=yes (ASCII transfer mode for uploads enabled)

Ascii_download_enable=yes

Banner_file=/var/vsftpd_banner_file

Idle_session_timeout=600(seconds)(10 minutes after the user session is idle)

Data_connection_timeout=120 seconds (leave data connection idle for 2 minutes)

Accept_timeout=60 (seconds)(leave client idle for 1 minute before disconnecting)

Connect_timeout=60 seconds (1 minute break and then reconnect)

Local_max_rate=50000 (bite)(local user transmission rate 50K)

Anon_max_rate=30000 (bite)(anonymous user transmission rate 30K)

Pasv_min_port=50000 (change the client data connection port to

Pasv_max_port=60000 50000-60000)

Max_clients=200 (FTP *** connections)

Max_per_ip=4 (*** connections per IP)

Listen_port=5555 (data connection from port 5555)

Local_enable =yes

Write_enable=no (local account has no right to delete and modify files after logging in)

this is a set

Chroot_local_user=yes (all local accounts can only be in their own directory)

Chroot_list_enable=yes

Chroot_list_file=/arbitrary specified path/vsftpd.chroot_list

(provided chroot_local_user=no)

Here's another group.

Userlist_enable=yes (users in the specified file cannot access)

Userlist_deny=yes

Userlist_file=/specified path/CentOS VSFTPD.user_list

CentOS VSFTPD is starting to single again.

Banner_fail=/path/file name (display content in file if connection fails)

Ls_recurse_enable=no

Async_abor_enable=yes

One_process_model=yes

Listen_address=10.2.2.2 (bind virtual services to a port)

Guest_enable=yes

Guest_username= username set (maps virtual users to local users)

User_config_dir=/arbitrary path/folder created for user policy

(Specify paths to different virtual user profiles)

Another group.

Chown_uploads=yes (change the owner of uploaded files to root)

Chown_username=root

Another group.

Deny_email_enable=yes

Banned_email_file=//arbitrary path/xx/

Single again.

Pasv_enable=yes (server-side passive mode)

User_config_dir=/arbitrary path//arbitrary file directory (specify the path where virtual users store configuration files)

The above is how to install RPM package when CentOS VSFTPD is installed. If you happen to have similar doubts, please refer to the above analysis for understanding. If you want to know more about it, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.