table of Contents
ftp function
It is used for file upload and download. It
belongs to the TCP protocol. Port number: 20
,
21. Port number: Data layer, used for file upload and download. 21 Port number: Control layer, used for account password verification and permission verification.
ftp three accounts
Anonymous, system, virtual account.
Anonymous account: login name: ftp, anonymous. You can log in without verifying the password.
System account: The account and password that already exist in the system are verified.
Virtual account
Ways of identifying:
- Verified /etc/passwd and /etc/shadow
- The verification is the user list (the user must be created by the system), which is equivalent to a white list. The
default root account does not allow login.
Virtual account: a predefined list of accounts. (The system has not been created before)
Anonymous account ftp creation:
[root@server ~]# yum -y install vsftpd
Configuration file
[root@server ~]# vi /etc/vsftpd/vsftpd.conf
Modify and add according to the above content;
Enable vsftpd service
[root@server ~]# systemctl start vsftpd
Create 2 test files
[root@server pub]# echo "abc123" > a.txt
[root@server pub]# echo "bcd123" > b.txt
Set permissions
[root@server ~]# chown -R ftp.ftp /var/ftp/pub/
[root@server ~]# chown -R 755 /var/ftp/pub
Login client authentication
client also needs to install ftp
[root@server ~]# ftp 20.0.0.10
System account ftp creation
[root@server ~]# vi /etc/vsftpd/vsftpd.conf
Configure according to the above.
Use the client for authentication, the steps are similar to anonymous users
Virtual account ftp creation
Set up virtual account list
[root@server ~]# vi/etc/vsftpd/vusers.list
mike
123
john
234
Create a new virtual user account database
[root@server ~]# cd /etc/vsftpd
[root@server vsftpd]# db_load -T -t hash -F vusers.list vusers.db
[root@server ~]# file vusers.db
Configuration file has been generated
Grant permissions
[root@server ~]# chmod 600 /etc/vsftpd/vusers.*
Create virtual accounts and grant permissions
[root@server ~]# useradd -d /var/ftproot -s /sbin/nologin virtual
[root@server ~]# chmod 755 /var/ftproot
Configure it
[root@server ~]# vi /etc/pam.d/vsftpd.vu
The configuration content is as above
Enter vsftpd for configuration
[root@server ~]# vi /etc/vsftpd/vsftpd.conf
Modify the configuration according to the above content
Set up virtual account configuration file
[root@server ~]# mkdir /etc/vsftpd/vusers_dir/
[root@server ~]# cd /etc/vsftpd/vusers_dir/
Configure content
[root@server vusers_dir]# vi mike
anon_upload_enable=YES
anon_mkdir_write_enable=YES
The content of john is empty and will not be configured.
Then restart vsftpd
[root@server ~]# systemctl restart vsftpd
Use the client to verify
[root@server ~]# ftp 20.0.0.10
Verified successfully