Shulou(Shulou.com)06/02 Report--

This article mainly introduces the case of using vsftp to build a FTP server under Linux, which has a certain reference value. Interested friends can refer to it. I hope you will gain a lot after reading this article.

Knowledge point

The FTP used in linux is vsftp

There are three login methods for FTP:

Anonymous login method: no user password is required

Local user login: login with local user and password

Virtual user mode: also login with a user and password, but this user is not a user created in linux

Install FTP

Install using YUM

Yum-y install vsftpd

File configuration

After installation, there will be three configuration files under the / etc/vsftpd/ path.

Vsftpd.conf: main profile

Ftpusers: specify which users cannot access the FTP server, including some important users such as root.

User_list: whether the specified user can access the ftp server, through the configuration of userlist_deny in the vsftpd.conf file to determine whether the user in the configuration can access, userlist_enable=YES, userlist_deny=YES, userlist_file=/etc/vsftpd/user_list these three configurations allow users in the file to access FTP.

View the default configuration of the main profile

Cat / etc/vsftpd/vsftpd.conf | grep-v'^ #'

Anonymous_enable=YES # allows anonymous users

Local_enable=YES # allows login using local user accounts

Write_enable=YES # allows ftp users to write data

Connect_from_port_20=YES # transmits data over port 20

Anonymous_enable=YES

Local_enable=YES

Write_enable=YES

Local_umask=022

Dirmessage_enable=YES

Xferlog_enable=YES

Connect_from_port_20=YES

Xferlog_std_format=YES

Listen=YES

Pam_service_name=vsftpd

Tcp_wrappers=YES

Chroot_local_user=yes

Other parameter descriptions include:

Ftpd_banner=welcome to ftp service: sets the welcome information after connecting to the server

Idle_session_timeout=60: after the remote client connection is restricted, the control connection established will be interrupted without doing anything (seconds)

Data_connection_timeout=120: sets the idle data interruption time when the client transfers data.

How long does accept_timeout=60 set up to establish a connection automatically?

Connect_timeout=60 sets the maximum activation time of the data connection, how long it will take to disconnect, and will be used by others

Max_clients=200 indicates that the total number of customer concurrent connections to the server is 200

Max_per_ip=3 indicates that the maximum number of connections per client is 3.

Local_max_rate=50000 (50kbytes/sec) maximum transfer rate limit for local users

Maximum transfer rate limit for anon_max_rate=30000 anonymous users

Pasv_min_port= port

The pasv-max-prot= port number defines the maximum and minimum ports, and a value of 0 indicates any port; indicates the port for client connections

Listen_address=IP address sets the address that the ftp service listens to, and which address the client can use to connect

Listen_port= port number sets the port number on which FTP works. The default is 21.

Local_root=path A user who can log in regardless of which user can log in. Define the home directory of the login account. If not specified, each user enters the personal user home directory.

Whether chroot_local_user=yes/no locks the local system account user's home directory (all); after locking, the user can only access the user's home directory / home/user

Chroot_list_enable=yes/no enables the list of unlocked users in the home directory

Chroot_list_file=/etc/vsftpd/chroot_list specifies the list file

Whether userlist_enable=YES/NO loads the user list file

Userlist_deny=YES indicates that the user loaded above is allowed to log in.

Userlist_file=/etc/vsftpd/user_list specifies the list file

Create a FTP connection user

Create user ftpuser

Useradd ftpusr

Users can only log in to ftp.

Usermod-s / sbin/nologin ftpuser

Set user password

Passwd ftpusr

The user's default home directory is under / home, so the current user can only access the home directory.

Modify the user's home directory bit / mnt

Usermod-d / mnt ftpuser

Start the FTP service

Service vsftpd start

test

Create a test file in the / mnt directory

Touch / mnt/test

Connect ftp

Solve the problem of ordinary FTP unable to login

Linux comes with a security mechanism by default. You can't connect to the ftp server using the normal ftp 21 port. You can use sftp. At this point, you need to shut down selinux and restart the server to modify the configuration file.

Vim / etc/sysconfig/selinux

Change it to selinux=disabled

Method of not restarting the server:

Setenforce 0

Setenforce 1: set SELinux to enforcing mode

Setenforce 0: set SELinux to permissive mode

View SELinux status

/ usr/sbin/sestatus-v

Thank you for reading this article carefully. I hope the article "the case of using vsftp to build FTP server under Linux" shared by the editor will be helpful to you. At the same time, I also hope that you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.