Shulou(Shulou.com)06/01 Report--

This article mainly shows you "how to install vsftpd and configure FTP virtual users under Linux", the content is easy to understand, clear, hope to help you solve your doubts, the following let Xiaobian lead you to study and learn "how to install vsftpd and configure FTP virtual users under Linux".

* how to build a FTP server

Install vsftpd

# check the current system version cat / etc/redhat-release CentOS release 6.6 (Final) # to see if vsftpd rpm-qa has been installed | grep vsftpd # if not, install it and set boot yum-y install vsftpd chkconfig vsftpd on

Virtual user-based configuration

The so-called virtual user is not using a real account, just by mapping to a real account and setting permissions. Virtual users cannot log in to the CentOS system.

Modify the configuration file

Vi / etc/vsftpd/vsftpd.conf # server runs independently listen=YES # setting does not allow anonymous access anonymous_enable=NO # sets local users to access Note: if a virtual host user is used, all virtual users will not be able to access local_enable=YES # so that users cannot leave the home directory chroot_list_enable=YES # to set the upload and download function ascii_upload_enable=YES ascii_download_enable=YES # PAM that supports ASCII mode to authenticate the file name when the project is set to NO. PAM will authenticate pam_service_name=vsftpd # according to / etc/pam.d/vsftpd. Enable the virtual user function guest_enable=YES # to specify the host user of the virtual user. There is already a built-in ftp user in CentOS. Guest_username=ftp # sets the CentOS FTP service file storage path of the virtual user's personal vsftp. Store the CentOS FTP service file of the virtual user's personality (configuration file name = virtual user name) user_config_dir=/etc/vsftpd/vuser_conf # configure vsftpd log (optional) xferlog_enable=YES xferlog_std_format=YES xferlog_file=/var/log/xferlog dual_log_enable=YES vsftpd_log_file=/var/log/vsftpd.log

Carry out authentication

# when installing the Berkeley DB tool, the problem that many people cannot find db_load is that the package yum install db4 db4-utils # creates the user password text. Note that the odd line is the user name, and the even line is the password vi / etc/vsftpd/vuser_passwd.txt test 123456 # generate the virtual user authentication db file db_load-T-t hash-f / etc/vsftpd/vuser_passwd.txt / etc/vsftpd/vuser_passwd.db # Edit the authentication file Comment out the original statement completely, and then add the following two sentences vi / etc/pam.d/vsftpd auth required pam_userdb.so db=/etc/vsftpd/vuser_passwd account required pam_userdb.so db=/etc/vsftpd/vuser_passwd # to create a virtual user profile mkdir / etc/vsftpd/vuser_conf/ # file name equal to the account name in vuser_passwd.txt Otherwise, set the invalid vi / etc/vsftpd/vuser_conf/test # virtual user root directory below and modify local_root=/data/ftp write_enable=YES anon_umask=022 anon_world_readable_only=NO anon_upload_enable=YES anon_mkdir_write_enable=YES anon_other_write_enable=YES according to the actual situation

Set FTP root permissions

# * vsftpd requires no write permission to the home directory, so ftp is 755, and the subdirectories under the home directory set 777 permissions mkdir / data/ftp chmod-R 755 / data chmod-R 777 / data/ftp # to establish an empty file touch / etc/vsftpd/chroot_list # that restricts user access to the directory. If you enable vsftpd logging, you need to manually establish the log file touch / var/log/xferlog touch / var/log/vsftpd.log

Configure PASV mode (optional)

Vsftpd does not enable PASV mode by default. Now FTP can only be connected through PORT mode. To enable PASV, you need to go through the following configuration by default.

Open / etc/vsftpd/vsftpd.conf and add at the end # enable PASV mode pasv_enable=YES # minimum port number pasv_min_port=40000 # * * Port number pasv_max_port=40080 pasv_promiscuous=YES # Open ports 40000 to 40080 in the firewall configuration-An INPUT-m state-- state NEW-m tcp-p-dport 40000pasv_min_port=40000-j ACCEPT # restart iptabls and vsftpd service iptables restart service vsftpd restart can now use PASV mode to connect to your FTP server ~

Selinux and Firewall

The closure of the shutdown, the release of the release.

Service vsftpd start

common problem

If it appears when logging in

500 OOPS: priv_sock_get_result. Connection closed by remote host.

For such an error, you need to upgrade pam.

Yum update pam above is all the contents of the article "how to install vsftpd and configure FTP Virtual users under Linux". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.