Shulou(Shulou.com)06/01 Report--

This article mainly explains "the process of installation and configuration of vsftpd". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Now let the editor take you to learn "the process of installing and configuring vsftpd".

1. Brief introduction of VSFTPD

What kind of FTP server is the most secure? So in UNIX and Linux, the first is VSFTP (Very Secure FTP Daemon, a very secure FTP server). As the name implies, the starting point of VSFTPD design is security. At the same time, with the continuous upgrade of the version, VSFTPD has made great progress in performance and stability. Some large sites, such as RedHat, SUSE, Debian, GNU, GNOME, KDE and so on, use VSFTPD as their FTP server. You can go to http://vsftpd.beasts.org/ to learn about its latest situation.

2. Installation of VSFTPD

2.1. installation of RHL9+vsftpd-.1.1.3-8.i386.rpm package

The installation of VSFTPD is simple. In RHL9, execute "Main Menu"-"System Settings"-"Add/Remove Applications"-select FTP server-"update" in the graphical interface, or execute the following command in the character interface to complete the installation.

Rpm-ivh vsftpd-1.1.3-8.i386.rpm

2.2.The installation of vsftpd-1.2.0.tar.gz

⑴ preparation condition

The "nobody" user is required in the default configuration of VSFTPD. Add this user to the system, and the useradd command prompts you if the user already exists.

[root@hpe45 root] # useradd nobody

Useradd: user nobody exists

The "/ usr/share/empty" directory is required in the default configuration of VSFTPD. On the system, if this directory already exists, the mkdir command prompts you accordingly.

[root@hpe45 root] # mkdir / usr/share/empty/

Mkdir: cannot create directory'/ usr/share/empty': File exists

When VSFTPD provides anonymous FTP services, you need a "ftp" user and a valid anonymous directory.

[root@hpe45 root] # mkdir / var/ftp/

[root@hpe45 root] # useradd-d / var/ftp ftp

The next action is useful as to whether the ftp user already exists.

[root@hpe45 root] # chown root.root / var/ftp

[root@hpe45 root] # chmod og-w / var/ftp

⑵ compiling VSFTPD

Download from the official site to the / root directory and execute the following command:

[root@hpe45 root] # tar zxvf vsftpd-1.2.0.tar.gz

[root@hpe45 root] # cd vsftpd-1.2.0

[root@hpe45 vsftpd-1.2.0] # make

⑶ installs compiled VSFTPD

Execute "make install" to copy the compiled binaries, manuals, etc., to the appropriate directory. On RHL9, you may need to manually perform the following replication:

[root@hpe45 vsftpd-1.2.0] # cp vsftpd / usr/local/sbin/vsftpd

[root@hpe45 vsftpd-1.2.0] # cp vsftpd.conf.5 / usr/local/share/man/man5

[root@hpe45 vsftpd-1.2.0] # cp vsftpd.8 / usr/local/share/man/man8

In addition, "make install" does not copy a simple configuration file, it is recommended that you execute the following command:

[root@hpe45 vsftpd-1.2.0] # cp vsftpd.conf / etc

⑷ sets PAM for local users

If local users are allowed to log in to VSFTPD, do the following:

[root@hpe45 vsftpd-1.2.0] # cp RedHat/vsftpd.pam / etc/pam.d/ftp

3. The file structure of VSFTPD

The file structure of VSFTPD is very concise, mainly including:

/ usr/sbin/vsftpd-the main program of VSFTPD

/ etc/rc.d/init.d/vsftpd-start script

/ etc/vsftpd/vsftpd.conf-main configuration file

/ etc/pam.d/vsftpd-PAM certification document

/ etc/vsftpd.ftpusers-prohibit the use of VSFTPD user list files

/ etc/vsftpd.user_list-user list files that prohibit or allow the use of VSFTPD

/ var/ftp-Anonymous user home directory

/ var/ftp/pub-the download directory of anonymous users

In addition, there are some documentation and manual files.

In addition, the log file for VSFTPD is located in / etc/logrotate.d/vsftpd.log.

4. Start and stop of VSFTPD

VSFTPD can be run separately (Standalone), like servers like httpd and named, which is the default in RHL9, or xinetd, which is the default in RHL7.x, 8. The specific operation mode is determined by the parameter listen. From the operation mode of VSFTPD in RHL, we can also see the gradual development of VSFTPD.

When the listen parameter value is YES, the default value in RHL9, VSFTPD runs alone, and we can use the script / etc/rc.d/init.d/vsftpd to start, shut down, and restart VSFTPD. The command is as follows:

/ etc/rc.d/init.d/vsftpd start | stop | restart

If you also want to use Xinetd to start the way VSFTPD works on RHL9, first change the listen parameter value in the vsftpd.conf configuration file to NO. Second, generate a / etc/xinetd.d/vsftpd file with the following contents:

Service vsftpd

{

Disable = no

Socket_type = stream

Wait = no

User = root

Server = / usr/sbin/vsftpd

Port = 21

Log_on_success + = PID HOST DURATION

Log_on_failure + = HOST

}

Start or stop VSFTPD by changing the VSFTPD value to no or yes and restarting xinetd.

Because VSFTPD's stand-alone mode already has enough capabilities, the applications discussed in the next 6 are run in separate mode rather than Xinetd mode.

Note: you can also execute vsftpd directly to start the FTP service, using the "kill" command when shutting down.

[root@hpe45 root] # / usr/local/sbin/vsftpd &

5. Setting options for VSFTPD

The configuration file / etc/vsftpd/vsftpd.conf for VSFTPD is a text file. The line that begins with the "#" character is the comment line. Each option is set to one line and formatted as "option=value". Note that there is no space on both sides of the "=" sign. In addition to this main profile, you can also set personal profiles for specific users, as described later.

The vsftpd.conf file that comes with the VSFTPD package is relatively simple to configure and very paranoid (the document calls itself: -). We can set it up according to the actual situation to make VSFTPD more available.

5.1, connection options

At this point, I believe you have a deeper understanding of the "installation and configuration process of vsftpd". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.