When the Wanwang server is set up, there will be a phenomenon that the connection cannot be timed out because port 21 is not opened. It is necessary to open port 21 in the security group and security group rules of Wanwang.
It can be successfully connected
This article test environment
1, CentOS 7
2, test server IP 192.168.1.170
1. Install and start the FTP service
1.1 Install VSFTPD
yum Install using vsftpd
yum install -y vsftpd1.2 Start VSFTPD
After the installation is complete, start the FTP service:
service vsftpd startAfter startup, you can see that the system has listened to port 21:
netstat -nltp | grep 21At this point, visit ftp://192.168.1.170 to browse the /var/ftp directory on the machine.
2. Configure FTP permissions
2.1 Understanding VSFTP Configuration
The configuration directory of vsftpd is /etc/vsftpd, which contains the following configuration files:
- vsftpd.conf is the main configuration file
- ftpuusers Configure the list of users who are forbidden to access the FTP server
- user_list configure user access control
2.2 Block anonymous access and switch root directories
Anonymous access and switching root directories both bring security risks to the server, and we turn off these two features.
Edit /etc/vsftpd/vsftpd.conf, find the following two configurations and modify them:
# 禁用匿名用户 12 YES 改为NO
anonymous_enable=NO
# 禁止切换根目录 101 行 删除#
chroot_local_user=YESAfter editing, save the configuration and restart the FTP service
service vsftpd restart2.3 Create FTP user
create a user ftpuser
useradd ftpuserSet password for user ftpuser
echo "javen205" | passwd ftpuser --stdin2.4 Restrict the user to access only through FTP
Restrict users ftpuserto access the server only through FTP, and not directly log in to the server:
usermod -s /sbin/nologin ftpuser2.5 Assign home directories to users
ftpuserCreate a home directory for the user and agree:
/data/ftp Main directory, this directory cannot upload files and /data/ftp/pub files can only be uploaded to this directory
/dataCreate the relevant directory in
mkdir -p /data/ftp/pub2.5.1 Create a login welcome file
echo "Welcome to use FTP service." > /data/ftp/welcome.txtSet access rights
chmod a-w /data/ftp && chmod 777 -R /data/ftp/pubSet to the user's home directory:
usermod -d /data/ftp ftpuser3. Access FTP
According to your personal working environment, choose a way to access the FTP service that has been built
Note: Remember to close the firewall or open the FTP default port (21)
# 关闭SELinux服务
setenforce 0
# 关闭防火墙
iptables -F - Access via Windows Explorer
Windows users can copy the link below
to access the Explorer's address bar:
ftp://ftpuser:javen205@192.168.1.170 where ftpuseris the username javen205for logging in to FTP, and is the password for logging in to FTP
- Access via FTP client tool
There are many FTP client tools, two commonly used ones are recommended below:
WinSCP - FTP and SFTP connection client for Windows
FileZilla - Cross-platform FTP client, supports Windows and Mac