Shulou(Shulou.com)05/31 Report--

This article will explain in detail what the vsftp setting is, and the content of the article is of high quality, so the editor will share it for you as a reference. I hope you will have a certain understanding of the relevant knowledge after reading this article.

1. Install vsftpd

Yum install vsftpd

two。 Start / restart / shut down the vsftpd server

[@ more@]

[root@localhost ftp] # / sbin/service vsftpd restart

Shutting down vsftpd: [OK]

Starting vsftpd for vsftpd: [OK]

OK indicates that the restart was successful.

Just change restart to start/stop for startup and shutdown respectively.

If it is installed by source code, go to the installation folder to find the start.sh and shutdown.sh files and execute them.

3. Files and folders related to the vsftpd server

The configuration file for the vsftpd server is: / etc/vsftpd/vsftpd.conf

The root directory of the vsftpd server, which is the home directory of the FTP server:

[root@localhost ftp] # more / etc/passwd | grep ftp

Ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin

So you can see the directory of FTP's server at / var/ftp.

If you want to change the path of the server directory, all you have to do is modify / var/ftp somewhere else.

4. Add FTP local user

(sometimes it's best to create new users and groups instead of ftp groups and users)

Some FTP servers need a user name and password to log in because the FTP user and permissions are set.

FTP users generally can not log in to the system, can only enter the FTP server's own directory, this is for security. Such users are called virtual users. In fact, it is not a real virtual user, just can not log on to SHELL, do not have the ability to log on to the system.

/ usr/sbin/adduser-d / opt/ftp-g ftp-s / sbin/nologin ftpuser

This command means:

Use the command (adduser) to add ftpuser users. You cannot log in to the system (- s / sbin/nologin). Your own folder is in (- d / opt/ftp). It belongs to the group ftp (- g ftp).

Then you need to set the password passwd ftp for it.

This adds a FTP user. The following example can help you access the FTP server.

To make sure you can read and write your own directory, you can read and write by setting it in the configuration file vsftpd.conf.

Local_enable=yes

Write_enable=yes

Local_umask=022

5. Upload and download anonymously

Modify the configuration file can vsftpd.conf, make sure there are the following lines, do not add their own on it.

Anonymous_enable=yes

Anon_upload_enable=yes

Anon_mkdir_write_enable=yes

Anon_umask=022

Then you can create a new folder, change its permissions to fully open, and any user can log in to the folder and upload and download files:

Mkdir / var/ftp/guest

Chmod 777 / var/ftp/guest

6. Customize the welcome message to enter the FTP server

Set up in the vsftpd.conf file:

Dirmessage_enable=yes

Then go to the user directory to create a .message file and enter the welcome message.

7. Implement virtual path

Mounting a directory to a FTP server for users to use is called a virtual path.

For example, to mount the directory of gxl users to the FTP server for use by FTP server users, you can use the following command:

[root@localhost opt] # mount-bind / home/gxl / var/ftp/pub # use the mount command

[root@localhost opt] # ls / var/ftp/pub

LumaQQ Screenshot.png Desktop

8. Turn on the logging function of vsFTPd

Add the following line to the vsftpd.conf file, which usually has this line, just remove the previous comment symbol #, add it or modify it if not:

Xferlog_file=/var/log/vsftpd.log

9. Limit the number of links and the maximum number of links per IP

Modify the configuration file, for example, vsftp supports a maximum of 100 links, and each IP can support 5 links:

Max_client=100

Max_per=5

10. Limit the transmission speed

Modify the configuration file, such as letting anonymous users and users on vsftd (that is, virtual users) download at the speed of 80KB=1024*80=81920

Anon_max_rate=81920

Local_max_rate=81920

11. Restrict users (usually virtual users) to their own directory

Modify the configuration file so that users can only access their own home directory:

Chroot_local_user=yes

If you only want some users to have access to their own directories, and other users do not have this restriction, you need to add this user to the chroot_list file (which is usually in / etc/vsftpd/).

Edit this file, such as adding test users to this file, then write it. Generally speaking, one user occupies one line.

[root@localhost vsftpd] # cat chroot_list

Ftpuser

twelve。 Bind an IP to vsFTPd

Sometimes you want to restrict some IP access to the server and only allow certain IP access, for example, only 192.168.0.33 access to this FTP, and also modify the configuration file:

Listen_address=192.168.0.33

Configure vsftpd.conf

Anonymous_enable=NO # prohibits anonymity

Local_enable=YES # allow local login

Write_enable=YES # allows you to write. If you need to upload, you must

Local_umask=027 # sets the permission to upload files to: 777-local_umask

Anon_upload_enable=YES # allows virtual and anonymous users to upload

Anon_other_write_enable=YES # allows virtual and anonymous users to modify file names and delete files

Dirmessage_enable=YES

Xferlog_enable=YES # turn on logging

Connect_from_port_20=YES

Xferlog_file=/var/log/vsftpd.log # Log location

Xferlog_std_format=YES # standard log format

Idle_session_timeout=600 # idle connection timed out

Data_connection_timeout=120

Ftpd_banner=Welcome to ChinaRise FTP service # Welcome message

Guest_enable=yes # allow virtual users

Guest_username=vsftpdguest # system account used by virtual users

Virtual_use_local_privs=YES # Virtual user has local system privileges

Chroot_local_user=NO

Chroot_list_enable=YES

# the above two lines restrict virtual users to their directories and cannot access other directories, or directly use the

Chroot_local_user=YES

Listen=yes # snooping / passive mode

Listen_port=21 # listening port

Chroot_list_file=/etc/vsftpd/vsftpd.chroot_list # Virtual user list is saved in the file / etc/vsftpd/vsftpd.chroot_list

User_config_dir=/etc/vsftpd/vsftpd_user_conf # more detailed cultivation of each virtual user name is saved in / etc/vsftpd/vsftpd_user_conf

Other settings for virtual user

Write the virtual user name allowed to log in in the / etc/vsftpd/vsftpd.chroot_list file, one per line

Create a file named after the virtual user name in the / etc/vsftpd/vsftpd_user_conf folder

Write: local_root = / var/FTP/ subdirectory name

Then create a corresponding directory under / var/FTP

About how the vsftp settings are shared here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.