Bootcamp notes-build FTP service based on ECS
1. Create ECS resources:
(1) Create an ECS instance of centos7.7, the resources used this time are free experimental server resources provided by Alibaba Cloud
2. Remote connection
(1) Use the Windows command line or other tools to connect. I use the putty tool for SSH connection.
(2) The user name and password are given in the resource, use it directly to connect
3. Install vsftpd
(1) Use the yum package management tool to install on ECS, add -y to the parameter to save the confirmation process
(2) Set vsftpd to start automatically, through
systemctl enable vsftpd.service
Command set self-start
(3) Start vsftpd, use
systemctl start vsftpd.service
(4) View the listening port, use to
netstat -antup | grep ftp
view the port monitored by vsftpd
4. Configure vsftpd
(1)
Modify /etc/vsftpd/vsftpd.conf in anonymous mode , the editor is arbitrary, here I am using nano (in fact, I don’t know vim), so I need to install nano first, put the "#" in the anonymous upload permission line Remove
(ie anon_upload_enable) and
then chmod o+w /var/ftp/pubadd write permission, and then use the systemctl
command to restart the ftp service
(2) Local user mode
The user name and password here are the users who can log in to the server.
Create a new user and specify the password.
Create a directory in /var/ftp/, and change the folder owner through chown to modify vsftpd for the
newly created user
.conf
prohibits anonymous login, monitors ipv4, does not monitor ipv6, change chroot_local_user to
yes, enable the exception user list, specify the exception user list file so that it will not be locked
Set the directory where the local user is located after logging in, there are comments in the conf file
If passive mode is configured
pasv_enable=YES
pasv_address=公网IP
pasv_min_port=数据传输最小端口
pasv_max_port=数据传输最大端口
Create the chroot.list file in /etc/vsftpd
without exception, users should also create the file,
use systemctl to restart ftp
5. Security Group
(1) Log in to the console with the RAM account that the instance belongs to, edit the instance security group, and release the required ports
(there is no permission to change this experiment, and all ports can be accessed by default)
6. Actual test
Use a browser or filezilla and other tools to try to connect to the ftp server, the experiment is over
Alibaba Cloud University plans to accompany more than 2,000 college students to practice and grow on the cloud. Here you can get free cpu resources, and you can also participate in free training camps to improve your practice: https://developer.aliyun.com/adc/student/