Experimental environment: CentOS Linux release 7.3.1611 (Core)
Kernel version: Linux version 3.10.0-514.el7.x86_64
1. Check the version of the vsftpd package that comes with the system
# yum list vsftpd Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.cn99.com Installed Packages vsftpd.x86_64 3.0.2-21.el7 @base
2. Start the installation
# yum install -y vsftpd Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.njupt.edu.cn Resolving Dependencies –> Running transaction check —> Package vsftpd.x86_64 0:3.0.2-21.el7 will be installed –> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: vsftpd x86_64 3.0.2-21.el7 base 169 k Transaction Summary ================================================================================ Install 1 Package Total download size: 169 k Installed size: 348 k Downloading packages: vsftpd-3.0.2-21.el7.x86_64.rpm | 169 kB 00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Warning: RPMDB altered outside of yum. Installing : vsftpd-3.0.2-21.el7.x86_64 1/1 Verifying : vsftpd-3.0.2-21.el7.x86_64 1/1 Installed: vsftpd.x86_64 0:3.0.2-21.el7 Complete!
Successful installation!
3. View the vsftpd configuration file directory
# ll /etc/vsftpd/ /etc/vsftpd/vsftpd.conf //Main configuration file, core configuration file /etc/vsftpd/ftpuusers //Blacklist, users in this are not allowed to access the FTP server /etc/vsftpd/user_list //whitelist, list of users allowed to access the FTP server /etc/vsftpd/vsftpd_conf_migrate.sh //Some variables and setting scripts for vsftpd operation
4. Rename the original vsftpd.conf configuration file
# mv /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak
5. Create a new vsftpd.conf and insert the following parameters to save and exit
# vi /etc/vsftpd/vsftpd.conf anonymous_enable=NO //Reject anonymous users local_enable=YES //Accept local users write_enable=YES //Can upload (global control) local_umask=022 //The umask of files uploaded by local users dirmessage_enable=YES //whether a static prompt is given after the user enters a directory. The default is YES, the default is OK xferlog_enable=YES //Indicates that the recorded upload and download conditions are written in the file specified by xferlog_file connect_from_port_20=YES //FTP PORT uses port 20 (ftp-data) for data transmission in active mode. YES is used, NO is not used. xferlog_std_format=YES //Whether logs are recorded in standard format chroot_local_user=YES //All users cannot switch to other directories. chroot_list_enable=YES //All users cannot switch to other directories chroot_list_file=/etc/vsftpd/chroot_list //Any user who joins vsftpd.chroot_list is not restricted, that is, can browse the parent directory of its home directory. listen=NO listen_ipv6=YES pam_service_name=vsftpd //Virtual users use PAM authentication. userlist_enable=YES //Whether to enable the vsftpd.user_list file. tcp_wrappers=YES //Set whether vsftpd is combined with tcp wrapper for host access control allow_writeable_chroot=YES //solve 500 OOPS error
Note: Please remove "//" and "the following text" or the ftp server may fail to start.
6. Create the file chroot_list file
# touch /etc/vsftpd/chroot_list //leave blank by default
7. Start the ftp service
# systemctl enable vsftpd.service //Set boot auto-start # systemctl start vsftpd.service //Start ftp service # ss -antup | grep ftp //View ftp service port tcp LISTEN 0 32 :::21 :::* users:((“vsftpd”,pid=6354,fd=3))
Displaying port 21 indicates that it has been successfully started
8. Create a new ftp user, where /home/renwole is my own ftp directory, which can be changed accordingly as needed
# useradd -g ftp -d /home/renwole -s /sbin/nologin renwole -g //User group specifies the additional group to which the user belongs -d //Directory specifies the user's home directory. If this directory does not exist, use the -m option at the same time to create the home directory. -s /sbin/nologin //The specified user can only be used for ftp login, refusing to log in to the system
9. Set the ebadu user password to "renwoletest123"
# passwd renwole
Enter the same password twice and press Enter to set successfully
10. Set up a firewall, otherwise you cannot connect to the ftp server. Of course, you can also close the firewall.
# firewall-cmd –permanent –zone=public –add-service=ftp //Add the ftp server service to the firewall # firewall-cmd –reload //Do not restart the firewall to make the reload take effect
11. Set up SELinux:
# getsebool -a | grep ftp # setsebool -P ftpd_full_access on
The vsftpd server has been configured and installed, and now you can test the connection to the ftp server.
The original text comes from: https://www.linuxprobe.com/linux-install-vsftpd.html