Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Centos7 builds virtual user ftp service

2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/02 Report--

1. Create virtual account file, odd behavior user name, even behavior password

two。 Convert the user name and password file of the stored virtual account to a database, and the database file is vuser.db

3. Configure pam to verify and load the account name password database

4. Create a system account to specify the ftp root location, user name is virtualftp

5. Modify ftp master configuration file to support virtual account

6. Create a storage virtual account to access the ftp directory

7. Set Alice to allow download and upload permissions

8. Set marry download upload create directory delete data overwrite renamed file or directory

9. Create test data startup service setup service boot automatic startup

1) create test data

2) set ftp root directory to 755 permissions, allow other users to download, set 777 permissions, and allow writes

3) Boot service starts automatically

Detailed explanation of global configuration item field

Listen=NO: whether to listen to the service listen_address=IP address independently: set the ip address of the listening ftp service, and listen all IP addresses by default listen_port=21: set the port number of listening ftp service write_enable=YES: enable write permission download_enable=YES: allow download permission dirmessage_enable=YES: display the contents of the ".message" file (if it already exists) when the user switches to the directory xferlog_enable=YES: enable xferlog log Default record to / var/log/xferlogxferlog_std_format=YES:ftp log format connect_from_port_20=YES: data connection port number default 20pasv_enable=NO: disable passive mode connection Default allows passive mode connection pasv_max_port=21600: start port number pasv_min_port=21700: end port number pam_service_name=vsftpd: enable PAM authentication userlist_enable=YES: allow user_list list users to log on ftpuserlist_deny=YES: do not allow user_list list users to log on ftpmax_clients=0: restrict multiple clients to connect at the same time (0 is unlimited) max_per_ip=0: allow the same IP address to access ftp connections (0 is none) Restrict) tcp_wrappers=YES:ftp 's access control lists to improve security use

The anonymous configuration item field details anonymous_enable=YES: whether anonymous access is allowed; anon_umask=022: set the default permission mask value (anti-mask) for files uploaded by anonymous users; anon_root=/var/ftp: set the FTP root directory of anonymous users; whether anon_upload_enable=YES; allows anonymous users to upload files; anon_mkdir_write_enable=YES: whether anonymous users are allowed to write by creating directories Anon_other_write_enable=YES: whether anonymous users are allowed to have other write permissions, such as renaming, overwriting and deleting files, etc.

Local user configuration item local_enable=YES: whether to allow local users to access; local_umask=022: set the default permission mask value (anti-mask) for files uploaded by local users; local_root=/var/ftp: set the FTP root directory of the local user (default is the user's host directory); chroot_local_user=YES: whether to lock the FTP local user in the host directory; allow_writeable_chroot=YES: allow the home directory of the restricted user to have write permission Local_max_rate=0: limits the maximum transfer rate of local users (0 is unlimited), in bytes per second (Bytes)

Virtual user configuration item guest_username=test: specifies the mapped system user name; guest_enable=YES: whether to enable virtual users; allow_writeable_chroot= allows write access to the home directory of restricted users (this must be written, otherwise an error may be reported) anon_world_readable_only=NO: allows users to download directory contents anon_other_write_enable=YES: allows anonymous users to have other write permissions, such as renaming, overwriting and deleting files, etc. User_config_dir=/etc/vsftpd/vusers_dir: specify a separate profile directory for virtual users

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report