Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how to build FTP server vsftpd under CentOS system", in daily operation, I believe many people have doubts on how to build FTP server vsftpd under CentOS system, Xiaobian consulted all kinds of information, sorted out simple and easy to use operation method, hope to answer "how to build FTP server vsftpd under CentOS system" doubts help! Next, please follow the small series to learn together!

vsftpd is one of the most respected FTP server programs in Linux distributions. Features are compact and light, safe and easy to use.

FTPD packages commonly used in open source operating systems include ProFTPD, PureFTPd, and wuftpd, while vsftpd supports many features that other FTP servers do not support. For example: very high security requirements, bandwidth constraints, good scalability, can create virtual users, support IPv6, high speed.

vsftpd Features

①vsftpd is a general identity to start the service, so the use of Linux system permissions are low, the harm to the Linux system is relatively reduced. In addition, vsftpd also uses chroot() to change the root directory so that system tools are not misused by vsftpd;

(2) Any vsftpd instruction requiring higher execution privileges is controlled by a special parent process, which has been restricted to a relatively low level of higher execution privileges and does not affect the Linux system itself;

③ All requests from clients to use the vsftpd command with higher execution privileges provided by this upper program are treated as "untrusted requests" and must be verified to a certain extent before they can use the functions of this upper program. For example, chown(), Login request, etc. actions;

In addition, in the upper programs mentioned above, the chroot() function is still used to limit the user's execution permissions.

installation steps

compile and install

The code is as follows:

# mkdir -p /usr/local/man/man8

# mkdir -p /usr/local/man/man5

# yum -y install tcp_wrappers*

# yum -y install pam*

# yum -y install db4*

# yum -y install libcap*

# wget -c http://down1.chinaunix.net/distfiles/vsftpd-2.3.4.tar.gz

# tar -xvzf vsftpd-2.3.4.tar.gz

# cd vsftpd-2.3.4

Supported certification types

The code is as follows:

# vim builddefs.h

#define VSF_BUILD_TCPWRAPPERS

#define VSF_BUILD_PAM

#define VSF_BUILD_SSL

# make

# make install

# mkdir /etc/vsftpd

# cp vsftpd.conf /etc/vsftpd

startup script

The code is as follows:

# vim /etc/init.d/vsftpd

# chmod +x /etc/init.d/vsftpd

# chkconfig --level 235 vsftpd on

log directory

The code is as follows:

# mkdir -p /data3/ftp_logs

# vi /etc/vsftpd/vsftpd.conf

# touch /data3/ftp_logs/vsftpd.log

# touch /etc/vsftpd/chroot_list

# touch /etc/vsftpd.user_list

# mkdir /etc/vsftpd/vconf

Create a user list [user name for the first behavior, password for the second behavior]

The code is as follows:

# vi /etc/vsftpd/virtusers

blaze

123456789

Create a user database file

The code is as follows:

# db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db

# chmod 600 /etc/vsftpd/virtusers.db

Create PAM certification file

The code is as follows:

# vim /etc/pam.d/vsftpd

Note: Under x64 environment, paths are different.

Create profiles for blaze users

The code is as follows:

# vim /etc/vsftpd/vconf/blaze

local_root=/data1/www

anonymous_enable=NO

write_enable=YES

local_umask=022

anon_upload_enable=NO

anon_mkdir_write_enable=NO

idle_session_timeout=600

data_connection_timeout=120

max_clients=10

max_per_ip=5

local_max_rate=50000

firewall settings

The code is as follows:

# iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# iptables -I INPUT -p tcp --dport 21 -j ACCEPT

# iptables -I OUTPUT -p tcp --dport 21 -j ACCEPT

# modprobe ip_conntrack_ftp

# modprobe ip_nat_ftp

# vi /etc/sysconfig/iptables

-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

-I INPUT -p tcp --dport 21 -j ACCEPT

-I OUTPUT -p tcp --dport 21 -j ACCEPT

# vi /etc/sysconfig/iptables-config

IPTABLES_MODULES="ip_conntrack_ftp"

IPTABLES_MODULES="ip_nat_ftp"

At this point, the study on "how to build FTP server vsftpd under CentOS system" is over, hoping to solve everyone's doubts. Theory and practice can better match to help you learn, go and try it! If you want to continue learning more relevant knowledge, please continue to pay attention to the website, Xiaobian will continue to strive to bring more practical articles for everyone!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.