Shulou(Shulou.com)06/02 Report--

Today's simple configuration of anonymous access and user authentication is based on the configuration of virtual users. Please look forward to the next article.

The first thing to build a vsftp server is to make sure that the firewall and seLinux firewall of the virtual machine are turned off

I. ftp file transfer service

Port number of the 1.ftp connection

21: transmission control is used for authentication and authorized access

20: transfer data for use

2.ftp connection mode

Active mode: the server transmits data to the client through port 20. The POST instruction indicates an active connection. The default works in active mode.

Passive mode: the server opens a specified range of port numbers to wait for the client to establish a data connection, and the pasv instruction indicates the passive mode.

3.ftp transmission mode

Text mode: text mode does not support the transmission of streaming media data, but supports text files

Binary mode: widely supported for transferring text file streaming data

The method of 4.ftp authentication

Anonymous: authentication using ftp users or anonymous accounts does not require a password

Local authentication: you need to use an account password to access data after authentication

Virtual account authentication: map multiple users to a system account for authentication

Second, simple configuration of FTP services based on system users

1. Anonymous access to the FTP service

1) Virtual machine connection CD, mount system CD, install server and client

2) Edit the ftp main configuration file, enter the "vim / etc/vsftpd/vsftpd.conf" command, and then esc exit and enter the ":% g / ^ # / d" command to delete the line starting with #

3) create the host directory, write the test data, give the host directory permission, and start the ftp server

4) Test the anonymous FTP server, open a win7, configure the same network card and static IP address of the same network segment, ensure connectivity with the ftp server, and then access FTP

5) Anonymous common profile options

Anonymous_enable=YES: enable anonymous access to FTPanon_upload_enable=YES; whether anonymous users are allowed to upload files anon_umask=022: upload data directory file permissions reverse code, directory 777, file 666anon_root=/benet: set the FTP root directory of anonymous users, default is var/ftp/pubanon_mkdir_write_enable=YES: allow creation of directories or files anon_other_write_enable=YES: allow deletion or overwrite of file directories

two。 Configure FTP services based on user authentication

1) Edit the ftp server master configuration file

2) create authentication ftp root directory, add test data, and set root directory full control permissions

3) the client accesses the ftp verified by the user

Common options for user authentication ftp local_enable=YES: enable local authentication local_umask=022: local authentication upload file directory reverse local_root=/accp: local authentication ftp root directory chroot_local_user=YES: fixed ftp access in the user's host directory allow_writeable_chroot=YES: allow authentication users to write data to the host directory

4) Editing the user_list list prevents tom from logging in

3. Modify the monitoring and port number security settings of the ftp server

1) enter the "vim / etc/vsftpd/vsftpd.conf" command to edit

2) Test the modified listening port number

4. Global configuration file option listen=NO: whether to monitor the service listen_address=IP address independently: set the ip address to listen on the ftp service, and listen on all IP addresses by default listen_port=21: set the port number to listen on the ftp service write_enable=YES: enable write permission download_enable=YES: allow download permission dirmessage_enable=YES: display the contents of the ".message" file (if it already exists) when the user switches to the directory xferlog_enable=YES: enable xferlog log Default record to / var/log/xferlogxferlog_std_format=YES:ftp log format connect_from_port_20=YES: data connection port number default 20pasv_enable=NO: disable passive mode connection Default allows passive mode connection pasv_max_port=21600: start port number pasv_min_port=21700: end port number pam_service_name=vsftpd: enable PAM authentication userlist_enable=YES: allow user_list list users to log on ftpuserlist_deny=YES: do not allow user_list list users to log on ftpmax_clients=0: restrict multiple clients to connect at the same time (0 is unlimited) max_per_ip=0: allow the same IP address to access ftp connections (0 is none) Restrict) tcp_wrappers=YES:ftp 's access control lists to improve security use

The following anonymous ftp and user authentication ftp are simply configured, and the next article configures the virtual user ftp

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.