Shulou(Shulou.com)06/01 Report--

This article introduces the knowledge of "how to configure WU-FTP server in LINUX environment". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

In many network applications, FTP (File Transfer porotocol) has a very important position. One of the most important resources in Internet is software resources. And most of the various software resources are placed in the FTP server. It can be said

FTP and WEB services account for more than 80% of all Internet applications.

FTP services can be divided into two categories according to different service objects: one is the system FTP server, which is only allowed to be used by legitimate users on the system; the other is the anonymous FTP server, Anonymous FTP Server, which uses anyone to log in to the FTP server to obtain files.

Select and install FTP server software

If you choose "ftpd" when you choose to start the process when you install the LINUX system, it has installed a default FTP server on the system after installing the LINUX system. We can already use it to realize the function of the system FTP server. We just need to make some personalized settings according to our needs on this basis.

WashingtonUniversity FTP is chosen in the vast majority of LINUX distributions, which is a well-known FTP server software, generally referred to as wu-ftp. It is powerful and can run well in many UNIX operating systems, such as IBM AIX, FreeBSD, HP-UX, NeXTstep, Dynix, SunOS, Solaris and so on. So more than half of the FTP servers on Internet use it. Wu-ftp has many powerful features that are well suited to the management requirements of FTP servers with high throughput:

1) the file can be compressed or decompressed automatically when the user downloads the file

2) different access restrictions can be imposed on machines on different networks

3) record the time of file upload and download

4) it can display the relevant information during transmission, which is convenient for users to understand the current transmission trends in time.

5) the maximum number of connections can be set, the efficiency is improved and the load is controlled effectively.

II. The composition of wu-ftp

After installing wu-ftp, you will see the following five executables in the / bin directory:

Ftpd FTP server program

Ftpshut is used to close the FTP server program

Ftpcount shows the current number of people online

Ftpwho to view the current connection of the FTP server

Ckconfig checks whether the settings of the FTP server are correct

In addition to these executables, it generates seven configuration files in the / etc and / var directories:

/ etc/ftpusers

/ etc/ftpaccess

/ var/run/ftp.pids

/ etc/ftpconversions

/ var/log/xferlog

/ etc/ftpgroups

/ etc/ftphosts

After the system installs wu-ftp, it creates a special user ftp and a ftpd directory under the / home directory, which will be automatically located when the user logs in anonymously. Several subdirectories are usually created under this directory.

/ home/ftpd/bin stores some executable files for FTP users

/ home/ftpd/etc stores some configuration files for FTP users

/ home/ftpd/pub stores information for download

/ home/ftpd/incoming storage space for uploading information

III. Configuration of wu-ftp

1. View, modify / etc/inetd.conf file

The / etc/inetd.conf file is the configuration file for the super server inetd of the LINUX system. It is responsible for * multiple TCP/IP ports. When it receives a request, it spawns a corresponding server according to the configuration file. By using super servers, other services can be derived only when needed, resulting in significant savings in system resources. And wu-ftp uses the hyperserver inetd to request. When the super server inetd receives a FTP request from the client, it opens a FTP service process according to the configuration file. So if we want to use wu-ftp, we must make sure that there is a sentence in the configuration file inetd.conf of the super server inetd:

Ftp stream tcp nowait root / usr/sbin/tcpd wu.ftpd so that when the super server receives a FTP request, it can derive a wu-ftp FTP service process. (note: to confirm whether there is such a line, you can use the file contents lookup command to confirm:

Cat / etc/inetd.conf | if grep ftp is not available, it will be added or modified manually.

2. The command option wu-ftpd of wu-ftpd is the service process of wu-ftp. It can be executed without parameters or with parameters. Here is a brief introduction to the execution parameters of wu-ftpd.

-d put the error into the syslog of the system when there is an error in the FTP server

-l put each FTP client connection into the syslog of the system

-t set the FTP client connection for a few minutes to disconnect without operation

-a setting that enables wu-ftp to use / etc/ftpaccess

-A setting so that wu-ftp does not use / etc/ftpaccess

-L records the program executed after the FTP client is connected in the syslog of the system

-I log files uploaded by FTP clients in / usr/adm.xferlog file

-o logging files downloaded by the FTP client

In the / usr/adm/xferlog file.

Based on the understanding of the above parameters, we recommend that the default configuration of the above system installation be changed to: ftp stream tcp nowait root / usr/sbin/tcpd wu.ftpd-a-I.

3. Provide automatic compression and decompression function

If you want the FTP server to have the function of automatic compression and decompression, you must first put some command files such as tar, gzip,

Gunzip, compress, uncompress and other command files are copied to the / home/ftpd/bin directory.

4. About the setting of / etc/ftpaccess

This configuration file is the most important configuration file on the FTP server, it is directly related to whether your FTP server is working properly, and there are many permission settings. The following is a typical configuration example.

Loginfails 3

Class local real *

Class remote anonymous guest *

Limit remote 100 Any / etc/ftpd/toomany.msg

Message / etc/ftpd/welcome.msg login

Compress yes local remote

Tar yes local remote

Private yes

Passwd-check rfc822 warn

Log commands real

Log transfer anonymous guest inbound outbound

Log transfer real inbound

Shutdown / etc/ftpd/shut.msg

Delete no anonymous,guest

Overwrite no anonymous,guest

Rename no anonymous

Chmod no anonymous,guest

Umask no anonymous

Upload / home/ftpd * no

Upload / home/ftpd / bin no

Upload / home/ftpd / etc no

Upload / home/ftpd / pub yes real 0644 dirs

Upload / home/ftpd / incoming yes real guest anonymous 0644 dirs

Alias in / incoming

Email guest@xxx.net

Email guest@yyy.net

Deny * .com.tw / etc/ftpd/deny.msg

Below we explain sentence by sentence, and give the meaning of each setting, so that we can follow the analogy, so that we can make reasonable settings according to the specific conditions of their own FTP server.

1. Format: loginfails [times]

Function: set the number of times the user is allowed to enter the wrong password when logging in to the FTP server.

Example: loginfails 3: disconnect the connection after entering the password incorrectly for three times.

2. Format: class [class name] [real/guest/anonymous] [IP address]

Function: the function of this directive sets the category of users on the FTP server. And the client's IP address can be restricted to allow some part of the IP address or all the IP address to access. Users on FTP servers can basically be divided into the following three categories:

Real users who have legitimate accounts on this FTP server

Anonymous users with a record in guest

Anonymous user with the lowest anonymous privilege

Example: class local real *: defines a class called local that contains real users who log in anywhere (* represents all IP addresses).

Class remote anonymous guest *: define a class called remote that contains anonymous and guest users who log in anywhere.

3. Format: limit [category] [number of people] [time] [file name]

Function: the function of this instruction is to set the maximum number of connections allowed for a specified category within a specified period of time. When the maximum number of people is reached, the contents of the specified file are displayed.

Example: limit remote 100Any / etc/ftpd/toomany.msg: at any time, when the number of remote users reaches 100, it will no longer be allowed to generate a new connection, when the 101st customer wants to connect, the connection will fail and the user will show the contents of the file / etc/ftpd/toomany.msg.

4. Format: message [file name] [directive]

Function: when the user executes the specified instruction, the system displays the contents of the specified file.

Example: message / etc/ftpd/welcome.msg login: when the user executes the login command, that is, when he logs in to the FTP server, the system will display the contents of the file / etc/ftpd/welcome.msg.

5. Format: compress [yes/no] [category]

Function: sets which category of users can use the compress (compression) function.

Example: compress yes local remote: allows users in both local and remote categories to use the compress (compression) feature.

6. Format: tar [yes/no] [category]

Function: sets which category of users can use the tar (archiving) function.

Example: tar yes local remote: allows both local and remote users to use the tar feature.

7. Format: private [yes/no]

Function: set whether group access to files is supported.

Example: private yes: supports group access to files.

8. Format: passwd-check [none/trivial/rfc822] [enforce/warn]

Function: set the password for anonymous user anonymous.

None means no password verification. Any password can be logged in.

Trival means that you can log in as long as the password you enter contains the character "@".

Rfc822 indicates that the password must conform to the E-Mail format specified in RFC822 before you can log in.

Enfore indicates that login is not allowed if the password entered does not conform to the format specified above.

Warn indicates that only a warning message appears when the password does not comply with the rules, and you can still log in.

Example: passwd-check rfc822 warn: you want to get the specified E-Mail as the password, but if not, you are allowed to log in.

9. Format: log command [real/guest/anonymous]

Function: sets which users' actions after login are recorded in the file / usr/adm/xferlog.

Example: log command real: when a real user logs in, record his actions. Because other users have lower privileges, the operation will not cause too much security risks, so you only need to write down the actions of real users.

10. Format: log transfers [real/guest/anonymous] [inbound/outbound]

Function: set which users' upload (inbound) and download (outbound) operations do log.

Example: log transfer anonymous guest inbound outbound: pay more attention to their file operations for anonymous users

Therefore, both uploads and downloads are recorded.

Log transfer real inbound: for legitimate users, only their upload records are recorded.

11. Format: shutdown [file name]

Function: the shutdown time of the FTP server can be set in the file specified later. When the set time is up, you will not be able to log in to the FTP server. If you want to restore, you can only delete this file. This file must be generated by the instruction / bin/ftpshut.

Example: shutdown / etc/ftpd/shut.msg

12. Format: delete [yes/no] [real/anonymous/guest]

Function: sets whether the specified user is allowed to delete files using the delete command. The default is allowed.

Example: delete no anonymous,guest: in order to better manage the FTP server, we generally do not allow anonymous users to execute delete commands.

13. Format: overwrite [yes/no] [real/anonymous/guest]

Function: sets whether the specified user is allowed to overwrite the file with the same name. The default is allowed.

Example: overwrite no anonymous,guest: in order to better manage the FTP server, we generally do not allow anonymous users to overwrite files with the same name.

14. Format: rename [yes/no] [real/anonymous/guest]

Function: sets whether the specified user is allowed to use the rename command to rename the file. The default is allowed.

Example: delete no anonymous: in order to better manage the FTP server, we generally do not allow anonymous users to change the file name by executing the rename command. On the other hand, the anonymous users with records are appropriately relaxed to allow them to use the renaming command.

15. Format: chmod [yes/no] [real/anonymous/guest]

Function: sets whether the specified user is allowed to change file permissions using the chmod command. The default is allowed.

Example: delete no anonymous,guest: in order to better manage the FTP server, in general, we do not allow anonymous users to execute chmod commands to change file permissions.

16. Format: umask [yes/no] [real/anonymous/guest]

Function: sets whether the specified user is allowed to use the umask command. The default is allowed.

Example: delete no anonymous: in order to better manage the FTP server, we generally do not allow anonymous users to execute umask commands.

This is the end of the content of "how to configure WU-FTP server in LINUX environment". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.