1. What can FTP do?
1. Your own computer can connect to FTP servers around the world through FTP client and the Internet to realize file sharing and resource sharing.
2. Others can also access the FTP server built on your computer through the Internet, so that your information can be spread all over the world.
3. Files can be exchanged between computers of different types, systems and formats
Second, FTP users
Different levels of user identities, three main identities
real user
guest
anonymous (anonymous user)
Restrict or Unlock User Active Directory
chroot(change root)
Types of FTP users
Anonymous users: anonymous or ftp
local user:
Account name, password and other information are saved in passwd and shadow files
3. FTP connection method
Control connection: The standard port is 21, which is used to send FTP command information
Data connection: The standard port is 20 for uploading and downloading data
The establishment type of the data connection:
Active mode: The server actively initiates a connection to the client from port 20
Passive mode: The server passively waits for the client to initiate a connection on a port within the specified range
Fourth, the vsftpd package
The initial development concept of vsftpd is to build a security-oriented FTP server.
(installed on the server side)
Main program: /usr/sbin/vsftpd
Service name: vsftpd
Main configuration file: /etc/vsftpd.conf
User Control List file:
/etc/vsftpd/ftpusers List of FTP users that are prohibited from logging in
/etc/vsftpd/user_list only provides a list of FTP users, whether to prohibit login depends on the settings in the main configuration file
Five, analyze the main configuration file vsftpd.conf
Common global configuration items
listen=YES: Whether to listen to the service in a stand-alone mode
listen_address=192.168.4.1: Set the listening IP address
listen_port=21: Set the port number for listening to the FTP service
write_enable=YES: whether to enable write permission
download_enable=YES: whether to allow downloading files
userlist_enable=YES: whether to enable the user_list list file
userlist_deny=YES: whether to disable users in user_list
max_clients=0: limit the number of concurrent client connections
max_per_ip=0: Limit the number of concurrent connections to the same IP address
Common anonymous FTP configuration items
anonymous_enable=YES: Enable anonymous access
anon_umask=022: Permission mask for files uploaded by anonymous users
anon_root=/var/ftp: FTP root directory for anonymous users
anon_upload_enable=YES: allow uploading of files
anon_mkdir_write_enable=YES: Allow creation of directories
anon_other_write_enable=YES: Open other write rights (if you want to delete uploaded files, you need to add this)
anon_max_rate=0: limit the maximum transfer rate, in bytes
Commonly used local user FTP configuration items
local_enable=YES: whether to enable the local system user
local_umask=022: Permission mask for files uploaded by local users
local_root=/var/ftp: Set the FTP root directory of the local user
chroot_local_user=YES: Whether to lock the user in the home directory
local_max_rate=0: limit the maximum transfer rate (bytes/sec)
Sixth, configure an FTP server and verify it on Linux and windows (close the firewall)
server configuration
1. Install vsftpd.conf on the server.
yum install -y vsftpd.conf
2. Adjust the owner or permissions of the upload directory
Make sure the anonymous user ftp has permission to write to the file
chown ftp /var/ftp/pub
3. Modify the main configuration file vsftpd.conf (configured as needed, this time according to the general configuration)
dirmessage_enable=YES Display information when logging in
xferlog_enble=YES record log file
xferlog_file=/var/log/xferlog log file location
xferlog_std_format=YES use standard format to log
These three lines are not recommended to be modified.
chroot_local_user=YES locks the system local user in the home directory. If you remove the #, you can switch to the root directory. Here the home directory is mapped to the root directory
The last two lines are to allow some people to switch the root directory. The configuration file is in /etc/vsftpd/dhroot_list. The added user cannot switch the root directory.
4. Create a new directory test under /var/ftp and give it 777 permissions.
(Here is to change the upload directory when logging in anonymously to test, because when ftp is logged in, files cannot be uploaded under pub.)
5. Restart the vsftpd service.
service vsftpd restart
Client configuration
1. Install ftp.
yum install -y ftp
2, ftp server ip address (password is empty)
3, part of the operation of ftp. (upload a file)
View on the server side
4. View on the window side
So far, the simple construction of the ftp server has been completed.
Seven, add some knowledge points
dirmessage_enable=YES To display information when entering test. It is necessary to create a new file .message in the test directory
Then vim .message enter what you want to enter
