How to install vsftpd in CentOS7 server environment 04/04 Update SLTechnology News&Howtos

How to install vsftpd in CentOS7 server environment

2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/01 Report--

This article is about how to install vsftpd in a CentOS7 server environment. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

The details are as follows:

0x: uninstall vsftpd

[root@localhost ~] # yum remove vsftpd [root@localhost ~] # find /-name "vsftpd*" / etc/vsftpd/etc/vsftpd/vsftpd.conf.bak [root@localhost ~] # rm-fr / etc/vsftpd/

1x: reinstall

[root@localhost home] # yum-y install vsftpd [root@localhost home] # systemctl start vsftpd.service [root@localhost home] # systemctl status vsftpd.service ● vsftpd.service-Vsftpd ftp daemon Loaded: loaded (/ usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled) Active: active (running) since Thu 2017-11-09 21:15:18 EST 8s ago Process: 5716 ExecStart=/usr/sbin/vsftpd / etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS) Main PID: 5717 (vsftpd) CGroup: / system.slice/vsftpd.service └─ 5717 / usr/sbin/vsftpd / etc/vsftpd/vsftpd.confNov 09 21:15:18 localhost.localdomain systemd [1]: Starting Vsftpd ftp daemon...Nov 09 21:15:18 localhost.localdomain systemd [1]: Started Vsftpd ftp daemon.Hint: Some lines were ellipsized, use-l to show in full.

Active: active (running) indicates that the installation is complete

2x: local user configuration

[root@localhost vsftpd] # useradd test1 [root@localhost vsftpd] # passwd test1Changing password for user test1.New password:BAD PASSWORD: The password is shorter than 8 charactersRetype new password:passwd: all authentication tokens updated successfully.

Add a test1 local account. The following is the user query local account and blacklist

[root@localhost vsftpd] # cat / etc/passwd [root@localhost vsftpd] # vi / etc/vsftpd/ftpusers [root@localhost vsftpd] # vi / etc/vsftpd/user_ list [root @ localhost vsftpd] # cat / etc/passwdroot:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp : x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltmail:x:8:12:mail:/var/spool/mail:/sbin/nologinoperator:x:11:0:operator:/root:/sbin/nologingames:x:12:100:games:/usr/games:/sbin / nologinftp:x:14:50:FTP User:/var/ftp:/sbin/nologinnobody:x:99:99:Nobody:/:/sbin/nologinsystemd-network:x:192:192:systemd Network Management:/:/sbin/nologindbus:x:81:81:System message bus:/:/sbin/nologinpolkitd:x:999:997:User for polkitd:/:/sbin/nologinpostfix:x:89:89::/var/spool/postfix:/sbin/nologinchrony:x:998:996::/var/lib / chrony:/sbin/nologinsshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologinmysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bashwww:x:1000:1000::/home/www:/bin/bashnginx:x:997:995:nginx user:/var/cache/nginx:/sbin/nologinvirtual:x:1001:1001::/home/ftpsite:/bin/bashvirtual1:x:1002:1002::/home/ftpsite:/ Bin/bashvsftpd:x:1003:1003::/home/vsftpd:/sbin/nologinoverlord:x:1004:1004::/home/overlord:/sbin/nologintest1:x:1005:1005::/home/test1:/bin/bash [root@localhost vsftpd] # vi / etc/vsftpd/ftpusers# Users that are not allowed to login via ftprootbindaemonadmlpsyncshutdownhaltmailnewsuucpoperatorgamesnobody [root@localhost vsftpd] # vi / etc/vsftpd/user_list# vsftpd userlist# If userlist_deny=NO Only allow users in this file# If userlist_deny=YES (default), never allow users in this file, and# do not even prompt for a password.# Note that the default vsftpd pam config also checks / etc/vsftpd/ftpusers# for users that are denied.rootbindaemonadmlpsyncshutdownhaltmailnewsuucpoperatorgamesnobody

Now use Windows ftp to log in and test

C:\ Users\ xiaor > ftp 192.168.5.147 connects to 192.168.5.147. 220 (vsFTPd 3.0.2) 200 Always in UTF8 mode. User (192.168.5.147: (none)): test1331 Please specify the password. Password: 230Login successful.ftp > pwd257 "/ home/test1" ftp > ls200 PORT command successful. Consider using PASV.150 Here comes the directory listing.226 Directory send OK.ftp > [root@localhost vsftpd] # touch / home/test1/showme.txtftp > ls200 PORT command successful. Consider using PASV.150 Here comes the directory listing.showme.txt226 Directory send OK.ftp: 15 bytes received, 0.00 seconds 15.00 kilobytes / second. Ftp > ftp > get showme.txt200 PORT command successful. Consider using PASV.150 Opening BINARY mode data connection for showme.txt (0 bytes) .226 Transfer complete.ftp > ftp > put winfile1.txt200 PORT command successful. Consider using PASV.150 Ok to send data.226 Transfer complete.ftp: send 9 bytes in 0.00 seconds and 4.50 kilobytes per second. Ftp > [root@localhost vsftpd] # ls / home/test1/showme.txt winfile1.txt

Firmly believe that vsftp installation without any changes to / etc/vsftpd/vsftpd.conf can be accessed through the new Linux users (local users) to download and upload files.

Others have nothing to do with the second.

Cat / etc/vsftpd/chroot_listuserlist_enable=YESuserlist_deny=NOuserlist_file=/etc/vsftpd/user_listtcpdump-I eth0 src host hostname (clear text) touch / home/test1/test1.txtlocal_root=/tmp/test1_root/local_max_rate=0groupadd tggpasswd-a test1 tgchown root:tg / tmp/test1_root/chmod 775 / tmp/test1_root/ll / temp/chroot_local_user=YESchroot_list_enable=YES# (default follows) chroot_list_file=/etc/vsftpd/chroot_list

3x: anonymous user configuration

[root@localhost vsftpd] # vi / etc/vsftpd/vsftpd.confanonymous_enable=YESanon_upload_enable=YESanon_mkdir_write_enable= YES [root @ localhost vsftpd] # systemctl restart vsftpd [root@localhost vsftpd] # touch / var/ftp/pub/lm.txt [root@localhost vsftpd] # chown ftp/ var/ftp/pub

The server configuration above can access and upload files to the pub directory

Problems that may arise:

1. Take it for granted that there are the following problems in giving permissions to the ftp user / var/ftp/ directory

[root@localhost vsftpd] # chown ftp/ var/ftp/ [root@localhost vsftpd] # ll-d / var/ftp/drwxr-xr-x. 3 ftp root 4096 Nov 10 17:03 / var/ftp/C:\ Users\ xiaor > ftp 192.168.5.147 connect to 192.168.5.147. 220 (vsFTPd 3.0.2) 200 Always in UTF8 mode. User (192.168.5.147: (none)): anonymous331 Please specify the password. Password: 500 OOPS: vsftpd: refusing to run with writable root inside chroot () the remote host closes the connection.

Solution:

[root@localhost vsftpd] # chown root / var/ftp [root@localhost vsftpd] # chown ftp/var/ftp/pub

2. Windows CMD (command line) will make the following errors and handling

C:\ Users\ xiaor > ftp 192.168.5.147 connects to 192.168.5.147. 220 (vsFTPd 3.0.2) 200 Always in UTF8 mode. User (192.168.5.147: (none)): anonymous331 Please specify the password. Password: 230Login successful.ftp > ftp > ls200 PORT command successful. Consider using PASV.425 Failed to establish connection.ftp >

Solution:

You can use the command: quote PASV under ftp.

4x: virtual user configuration (highlight, most recommended)

1. Add virtual user password file and generate authentication file

[root@localhost vsftpd] # vi / etc/vsftpd/vuser.txt [root@localhost vsftpd] # yum-y install db4-utils [root@localhost vsftpd] # db_load-T-t hash-f / etc/vsftpd/vuser.txt / etc/vsftpd/vuser.db

2. Edit the PAM authentication file of vsftpd

[root@localhost vsftpd] # vi / etc/pam.d/vsftpd adds the following two lines to its file And comment on the other lines auth required / lib64/security/pam_userdb.so db=/etc/vsftpd/vuseraccount required / lib64/security/pam_userdb.so db=/etc/vsftpd/vuser#%PAM-1.0#session optional pam_keyinit.so force revoke#auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed#auth required pam_shells.so#auth include password-auth#account include password-auth#session required pam_loginuid.so#session include password-authauth Required / lib64/security/pam_userdb.so db=/etc/vsftpd/vuseraccount required / lib64/security/pam_userdb.so db=/etc/vsftpd/vuser

3. Set up local mapping users and set host directory permissions

[root@localhost vsftpd] # useradd-d / home/vftproot-s / sbin/nologin vuser [root@localhost vsftpd] # ll / home/ [root@localhost vsftpd] # chmod 555 / home/vftproot/ [root@localhost vsftpd] # ll / home/

4. Modify the configuration file, restart the vsftpd service, and test

[root@localhost vsftpd] # vi / etc/vsftpd/vsftpd.confguest_enable=YESguest_username=vuserpam_service_name= vsftpd [root @ localhost vsftpd] # systemctl restart vsftpd.service

5. Adjust the virtual user permissions and continue to set up: download here, but upload is not OK.

[root@localhost vsftpd] # vi / etc/vsftpd/vsftpd.confanonymous_enable=NOlocal_enable=YESanon_upload_enable=YESanon_mkdir_write_enable=YESanon_other_write_enable= YES [root @ localhost_centos vsftpd] # systemctl restart vsftpd.service [root@localhost vsftpd] # mkdir / home/vftproot/pub [root@localhost vsftpd] # chmod 777 / home/vftproot/pub [root@localhost vsftpd] # ll-d / home//vftproot/pub drwxrwxrwx. 2 root root 4096 Nov 12 16:33 / home//vftproot/pub

At this point, virtual user upload is also OK!

C:\ Users\ xiaor > ftp 192.168.5.147 connects to 192.168.5.147. 220 (vsFTPd 3.0.2) 200 Always in UTF8 mode. User (192.168.5.147: (none)): ftpxrl331 Please specify the password. Password: 230Login successful.ftp > ls200 PORT command successful. Consider using PASV.150 Here comes the directory listing.pubt1.txt226 Directory send OK.ftp: 16 bytes received, 16000.00 kilobytes per second in 0.00 seconds. Ftp > cd pub250 Directory successfully changed.ftp > put abc.txt200 PORT command successful. Consider using PASV.150 Ok to send data.226 Transfer complete.ftp >

6. Problems that may be encountered in setting up

A, 500 OOPS: vsftpd: refusing to run with writable root inside chroot ()

C:\ Users\ xiaor > ftp 192.168.5.147 connects to 192.168.5.147. 220 (vsFTPd 3.0.2) 200 Always in UTF8 mode. User (192.168.5.147: (none)): ftpxrl331 Please specify the password. Password: 500 OOPS: vsftpd: refusing to run with writable root inside chroot () the remote host closes the connection. [root@localhost vsftpd] # chmod 555 / home/vftproot/C:\ Users\ xiaor > ftp 192.168.5.147 connects to 192.168.5.147. 220 (vsFTPd 3.0.2) 200 Always in UTF8 mode. User (192.168.5.147: (none)): ftpxrl331 Please specify the password. Password: 230 Login successful.ftp >

B 、 530 Login incorrect

Solution: change the / lib in the vsftpd under / etc/pam.d/ to / lib64

5x: firewall settin

3. Configure ftp

Open etc/vsftpd.conf

Change chroot_list_enable=NO to chroot_list_enable=YES

Set passive mode port

Pasv_min_port=30000pasv_max_port=30000

5. Firewall settings

Add port 30000 for passive mode, and port 20 for active mode

Firewall-cmd-zone=public-add-port=30000/tcp-permanent firewall-cmd-reload

View the opened ports by command: firewall-cmd-- list-ports

Thank you for reading! This is the end of the article on "how to install vsftpd in the CentOS7 server environment". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it out for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.