Shulou(Shulou.com)06/01 Report--

This article mainly introduces "the common profile parameters of ftp". In the daily operation, I believe that many people have doubts about the common profile parameters of ftp. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful for you to answer the doubts of "common profile parameters of ftp"! Next, please follow the editor to study!

Ftp users:

System user

Anonymous user-> system user

Virtual user-> system user

Default access directory for ftp users:

Anonymous user access directory: / var/ftp

System user's access directory: user's home directory

Secure communication mode

Ftps: ftp+ssl/tls

Sftp: OpenSSH,SubSystem,sftp (SSH)

1 install the software

[root@CnBJYwz01QNmoSmokepingL01 ~] # yum-y install vsftpd

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

* base: mirrors.btte.net

* epel: mirrors.aliyun.com

* extras: mirrors.btte.net

* updates: mirrors.btte.net

Setting up Install Process

Resolving Dependencies

-> Running transaction check

-> Package vsftpd.x86_64 0RU 2.2.2-21.el6 will be installed

-> Finished Dependency Resolution

Dependencies Resolved

=

Package Arch Version Repository Size

=

Installing:

Vsftpd x8631 64 2.2.2-21.el6 base 155k

Transaction Summary

=

Install 1 Package (s)

Total download size: 155 k

Installed size: 340 k

Downloading Packages:

Vsftpd-2.2.2-21.el6.x86_64.rpm | 155 kB 00:00

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Installing: vsftpd-2.2.2-21.el6.x86_64 1 Compact 1

Verifying: vsftpd-2.2.2-21.el6.x86_64 1 Compact 1

Installed:

Vsftpd.x86_64 0VOR 2.2.2-21.el6

Complete!

[root@CnBJYwz01QNmoSmokepingL01 ~] # rpm-ql vsftpd

/ etc/logrotate.d/vsftpd

/ etc/pam.d/vsftpd

/ etc/rc.d/init.d/vsftpd

/ etc/vsftpd

/ etc/vsftpd/ftpusers

/ etc/vsftpd/user_list

/ etc/vsftpd/vsftpd.conf

/ etc/vsftpd/vsftpd_conf_migrate.sh

/ usr/sbin/vsftpd

/ usr/share/doc/vsftpd-2.2.2

.

/ var/ftp / / the root directory of the ftp service

/ var/ftp/pub

2 start the service

[root@CnBJYwz01QNmoSmokepingL01 ~] # / etc/init.d/vsftpd start

Starting vsftpd for vsftpd: [OK]

[root@CnBJYwz01QNmoSmokepingL01 ~] # chkconfig vsftpd on

[root@CnBJYwz01QNmoSmokepingL01 ~] #

3 test landing

Log in to the ftp server anonymously

Localhost:~ ray$ ftp 192.168.2.141

Connected to 192.168.2.141.

220 (vsFTPd 2.2.2)

Name (192.168.2.141:ray): anonymous

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

Ftp >

Ftp > help

Commands may be abbreviated. Commands are:

! Features mls prompt site

$fget mlsd proxy size

Account form mlst put sndbuf

Append ftp mode pwd status

Ascii gate modtime quit struct

Bell get more quote sunique

Binary glob mput rate system

Bye hash mreget rcvbuf tenex

Case help msend recv throttle

Cd idle newer reget trace

Cdup image nlist remopts type

Chmod lcd nmap rename umask

Close less ntrans reset unset

Cr lpage open restart usage

Debug lpwd page rhelp user

Delete ls passive rmdir verbose

Dir macdef pdir rstatus xferbuf

Disconnect mdelete pls runique?

Edit mdir pmlsd send

Epsv4 mget preserve sendport

Exit mkdir progress set

Ftp >

System user login

[localhost:~ ray$ ftp 192.168.2.142

Connected to 192.168.2.142.

220 (vsFTPd 2.2.2)

Name (192.168.2.142:ray): ray

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

Ftp >

Ftp >

Ftp > ls

229 Entering Extended Passive Mode (| 59706 |).

150 Here comes the directory listing.

226 Directory send OK.

Ftp >

Ftp > pwd

Remote directory: / home/ray

Ftp >

4 commonly used profile parameters

# Allow anonymous FTP? (Beware-allowed by default if you comment this out)

Does anonymous_enable=YES # allow anonymous users to log in?

# Uncomment this to allow local users to log in.

Does local_enable=YES # allow local system users to log in?

# Uncomment this to enable any form of FTP write command.

Write_enable=YES # whether to allow uploading files

Whether anon_upload_enable=YES # allows anonymous users to upload files and turn on upload permissions. Note: whether the final file can be uploaded successfully depends on file system permissions and file sharing permissions

Does anon_mkdir_write_enable=YES # allow anonymous users to create directories

Does anon_other_write_enable=YES # allow anonymous users to write other actions, such as delete and modify

# Activate directory messages-messages given to remote users when they

# go into a certain directory.

Dirmessage_enable=YES # is used to enter the directory, whether to display the welcome message

# The target log file can be vsftpd_log_file or xferlog_file.

# This depends on setting xferlog_std_format parameter

Xferlog_enable=YES # whether to open the transfer log and record the upload and download operation commands

# The name of log file when xferlog_enable=YES and xferlog_std_format=YES

# WARNING-changing this filename affects / etc/logrotate.d/vsftpd.log

Xferlog_file=/var/log/xferlog # specify the path to transfer logs

# If you want, you can arrange for uploaded anonymous files to be owned by

# a different user. Note! Using "root" for uploaded files is not

# recommended!

# chown_uploads=YES # whether you are allowed to upload files and modify the user's group membership

# chown_username=whoever # after uploading the file, modify it to user attributes

# You may change the default value for timing out an idle session.

# idle_session_timeout=600 # timeout, control connection

#

# You may change the default value for timing out a data connection.

# data_connection_timeout=120 # timeout, data connection

# You may specify an explicit list of local users to chroot () to their home

# directory. If chroot_local_user is YES, then this list becomes a list of

# users to NOT chroot ().

# chroot_local_user=YES # whether to restrict all users to the home directory, YES is disabled to enable NO. (the default value is NO, that is, if there is no configuration after installing vsftpd, ftp users can switch up to outside the desired directory)

# chroot_list_enable=YES # whether to enable restricted user list

# (default follows)

# chroot_list_file=/etc/vsftpd/chroot_list # user list is blocked. Files need to be created actively.

# When "listen" directive is enabled, vsftpd runs in standalone mode and

# listens on IPv4 sockets. This directive cannot be used in conjunction

# with the listen_ipv6 directive.

Whether listen=YES # is a stand-alone daemon

Whether userlist_enable=YES # enables / etc/vsftpd/user_list list

Userlist_deny=YES # yes indicates that / etc/vsftpd/user_list is blacklisted and no is whitelist

# If vsftpd is in standalone mode, this is the maximum number of clients which may be connected. Any additional clients connecting will get an error message. The value 0 switches off the limit.

Max_clients # limit the maximum number of clients

# If vsftpd is in standalone mode, this is the maximum number of clients which may be connected from the same source internet address. A client will get an error message if they go over this limit. The value 0 switches off the limit.

Max_per_ip # limit the number of connected clients with the same IP

Ftp users should be chroot when accessing the ftp service

Imprison users in their home directory

Chroot_local_user= {Yes | No}

Chroot_list_enable= {YES | NO}

Chroot_list_file=/etc/vsftpd/chroot_list

One user per row

Configuration of anonymous users:

Anonymous_enable=YES

Anon_upload_enable=YES

Anon_other_write_enable=YES

Anon_mkdir_write_enable=YES

Note: when the write feature is enabled, ftp users also have corresponding write permissions to the corresponding local file system.

Effective permissions depend on the intersection of file system permissions and service permissions

Definition of welcome message:

Banner_file=/path/to/some_banner_file

Ftp_banner=some string

Dirmessage_enable=yes

Create a .messages file in a directory accessible to ftp

Vsftp controls the mechanism for logged-in users:

Users in / etc/vsftpd/ftpusers are not allowed to use ftp services, which is defined in / etc/pam.d/vsftpd

User_list profiles can be used in two ways:

Blacklist:

Userlist_enable=YES

Userlist_deny=YES

White list

Userlist_enable=YES

Userlist_deny=NO

Connection restrictions:

Max_clients: maximum number of concurrent connections

Max_per_ip: concurrent requests can be initiated simultaneously for each IP

Transmission rate:

Anon_max_rate: the maximum transfer rate for anonymous users, in bytes per second

Local_max_rate: local users …

Umask for uploading files:

Anno_umask: umask of files uploaded by anonymous users

Local_umask:

Modify the owner and group of files uploaded by anonymous users:

Chown_uploads=YES

Chown_username=someuser

Virtual user:

All virtual users will map to a system user, and the file directory when accessed is the home directory of this system user.

Virtual user:

Hash encoded files:

Odd behavior user name, even behavior password

Relational database:

Pam-mysql implements authentication

At this point, the study on the "common profile parameters of ftp" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.