In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
Install the ftp server on CentOS7 to save the pictures uploaded by the server.
1. The method of uninstalling vsftpd by CentOS
If the vsftpd service is already installed on the server, the configuration error requires you to uninstall the vsftpd service.
1.1 find vsftpd services
[root@localhost /] # rpm-aq vsftpd
The returned result shows:
Vsftpd-3.0.2-21.el7.x86_64 # here is the result of finding vsftpd
Indicates that the vsftpd service has been installed before this service period.
1.2 Delete found vsftpd service
Note: stop vsftpd before uninstalling vsftpd
[root@localhost /] # / sbin/service vsftpd stop
Uninstall vsftpd:
[root@localhost /] # rpm-e vsftpd-3.0.2-21.el7.x86_64
The returned result shows:
Warning: / etc/vsftpd/vsftpd.conf saved as / etc/vsftpd/vsftpd.conf.rpmsave # the user list file of vsftp will be backed up when deleted
1.3 enter a validation command to verify that the vsftpd service has been deleted
[root@localhost /] # / sbin/service vsftpd stopRedirecting to / bin/systemctl stop vsftpd.serviceFailed to stop vsftpd.service: Unit vsftpd.service not loaded. # can't find vsftpd [root @ localhost /] # / sbin/service vsftpd startRedirecting to / bin/systemctl start vsftpd.serviceFailed to start vsftpd.service: Unit not found. # vsftpd not found
If neither of the above commands shows that the vsftpd service can be found, it proves that the uninstall has been successful.
2. Install vsftpd components
[root@localhost /] # yum-y install vsftpd
2.1 start ftp
[root@localhost home] # systemctl start vsftpd.service
2.2 release port 21
[root@localhost /] # firewall-cmd-- zone=public-- add-port=21/tcp-- permanent [root@localhost /] # firewall-cmd-reload
3. Detailed configuration of vsftpd service
3.1 turn off anonymous users
[root@localhost vsftpd] # vim / etc/vsftpd/vsftpd.conf
Modify the following three items in the vsftpd.conf configuration file:
Anonymous_enable=NO#anon_upload_enable=YES#anon_mkdir_write_enable=YES
Then restart the ftp service:
[root@localhost vsftpd] # systemctl restart vsftpd.service
After restarting through configuration, anonymous users can no longer log in.
3.2 establish a ftp virtual hosting account
Create a new user who cannot log in to the system. It is only used to log in to the ftp service, if the user directory is not set here. The default is under home:
[root@localhost vsftpd] # useradd ftpuser-s / sbin/nologin
Set the password for the ftpuser user:
[root@localhost /] # passwd ftpuser
3.3View the status of ftp
[root@localhost /] # getsebool-a | grep ftp
Display the results:
Ftpd_anon_write-- > offftpd_connect_all_unreserved-- > offftpd_connect_db-- > offftpd_full_access-- > offftpd_use_cifs-- > offftpd_use_fusefs-- > offftpd_use_nfs-- > offftpd_use_passive_mode-- > offhttpd_can_connect_ftp-- > offhttpd_enable_ftp_server-- > offtftp_anon_write-- > offtftp_home_dir-- > off
Set the above two red states to on:
[root@localhost vsftpd] # setsebool-P allow_ftpd_full_access on [root@localhost vsftpd] # setsebool-P tftp_home_dir on
3.4 configure vsftpd.conf
Restrict system users from locking in the / home/ftpuser directory
If set to
Chroot_local_user=YESchroot_list_enable=YES (this line may not have, can also have) chroot_list_file=/etc/vsftpd.chroot_list
Then, all the users added to the file vsftpd.chroot_list are unlimited users.
That is, you can browse the parent directory of its home directory.
So, if you do not want a user to be able to browse the contents of the parent directory of his home directory, you can set it as above, and then in the
The user is not added to the file vsftpd.chroot_list (at this point, all users in the file can browse to a directory other than their home directory).
Or, the settings are as follows
Chroot_local_user=NOchroot_list_enable=YES (this line must be present, otherwise the file vsftpd.chroot_list will not work) chroot_list_file=/etc/vsftpd.chroot_list
Then add all users who do not want this permission to browse each directory above their home directory to the file vsftpd.chroot_list (at this point, users in the file are not allowed to browse directories outside their home directory)
You can (one user name per line).
[root@localhost vsftpd] # vim / etc/vsftpd/vsftpd.conf
There are two options here. I use the second one, and the configuration is as follows:
Chroot_local_user=NOchroot_list_enable=YES # (this line must be present, otherwise the file vsftpd.chroot_list will not work) chroot_list_file=/etc/vsftpd/chroot_list
Default chroot_list does not exist
[root@localhost vsftpd] # vim / etc/vsftpd/chroot_list
Then add ftpuser, which means that only ftpuser cannot access the parent directory, and restart vsftpd.
3.5 modify permissions
Modify the permission of / home/ftpuser to be unwritable
[root@localhost vsftpd] # chmod Amurw / home/ftpuser/taotao
This is because we changed the permissions of the / home/ftpuser/taotao file to be unwritable, so we created an images folder in this directory to upload the file. And assign permissions to ftpuser users
[root@localhost taotao] # mkdir images [root@localhost images] # chown ftpuser images
4. Enable PASV (passive mode)
Add at the bottom of / etc/vsftpd/vsftpd.conf
Pasv_enable=YESpasv_min_port=30000pasv_max_port=30999
And add after the userlist_enable=YES file
Userlist_deny=NOuserlist_file=/etc/vsftpd/user_list
Turn on the firewall:
[root@localhost taotao] # firewall-cmd-zone=public-add-port=30000-30999/tcp-permanent [root@localhost taotao] # firewall-cmd-reload
This allows you to upload files using the ftp server.
The above CentOS 7 installation of vsftpd server specific operating steps is the editor to share with you all the content, I hope to give you a reference, but also hope that you support more.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.