Centos7 install vsftpd

Others 2022-05-18 23:45:47 views: 0

ftp server installation
1. Check whether the ftp server is installed
[root@localhost mail]# rpm -qa | grep vsftp
[root@localhost mail]# rpm -qa | grep ftp
2. Use yum to install the ftp server
[root@localhost mail] # yum install vsftpd
2.1. View dependencies
[root@localhost mail]# yum install vsftpd
Loaded plugins: fastestmirror, langpacks
base | 3.6 kB 00:00    
extras | 3.4 kB 00:00    
updates | 3.4 kB 00:00    
updates/7/x86_64 /primary_db | 3.2 MB 00:02    
Loading mirror speeds from cached hostfile
 * base: centos.ustc.edu.cn
 * extras: mirrors.aliyun.com
 * updates: mirrors.btte.net
Resolving Dependencies
--> Running transaction check
---> Package vsftpd.x86_64 0:3.0.2-10.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package          Arch             Version                 Repository      Size
================================================================================
Installing:
 vsftpd           x86_64           3.0.2-10.el7            base           167 k

Transaction Summary
================================================================================
Install  1 Package
2.2安装成功
Downloading packages:
vsftpd-3.0.2-10.el7.x86_64.rpm                             | 167 kB   00:00    
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : vsftpd-3.0.2-10.el7.x86_64                                   1/1
  Verifying  : vsftpd-3.0.2-10.el7.x86_64                                   1/1

Installed:
  vsftpd.x86_64 0:3.0.2-10.el7        
3.查看vsftp安装位置
[root@localhost mail]# rpm -ql vsftpd.x86_64 0:3.0.2-10.el7
/etc/logrotate.d/vsftpd
/etc/pam.d/vsftpd
/etc/vsftpd
/etc/vsftpd/ftpusers
/etc/vsftpd/user_list
/etc/vsftpd/vsftpd.conf
/etc/vsftpd/vsftpd_conf_migrate.sh
/usr/lib/systemd/system-generators/vsftpd-generator
/usr/lib/systemd/system/vsftpd.service
/usr/lib/systemd/system /vsftpd.target
/usr/lib/systemd/system/[email protected]
/usr/sbin/ vsftpd
/usr/share/doc/vsftpd-3.0.2
/usr/share/doc/vsftpd-3.0.2/AUDIT/
usr/share/doc/vsftpd-3.0.2/BENCHMARKS 
4. Start, stop, restart service
[root@localhost mail]# service vsftpd start
Redirecting to /bin/systemctl start vsftpd.service
start ftp command #service vsftpd start
stop ftp Command #service vsftpd stop
Restart ftp Command #service vsftpd restart
[root@localhost mail]# service vsftpd status
Redirecting to /bin/systemctl status vsftpd.service
5. Create a combined user
5.1 Create a user
groupadd ftpgroup
useradd ftpuser -g ftpgroup -d /home/ftpuser -M #Create a group as ftpgroup, the home directory as /home/ftpuser, and -M for the system not to create a home directory, because before Usermod -s /usr/sbin/nologin has been specified
ftpuser #Set ftpuser to not be able to log in as a normal user
[root@localhost mail]# groupadd ftpgroup
[root@localhost mail]# useradd ftpuser -g ftpgroup -d /home/ftpuser
[ root@localhost mail]# cd /
[root@localhost /]# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
[root@localhost /]# cd home/
[root@localhost home ]# ls
ftpuser svnuser
[root@localhost home]# usermod -s /usr/sbin/nologin ftpuser
5.2 set password
[root@localhost vsftpd]# passwd ftpuser
Changing password for user ftpuser.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
6.vsftpd configuration
[root@localhost home]# cd /etc/vsftpd/
[ root@localhost vsftpd]# ls
ftpuusers user_list vsftpd.conf vsftpd_conf_migrate.sh
There are three main ftp configuration files, located in the /etc/vsftpd/ directory, they are:
ftpusers This file is used to specify those users who cannot access the ftp server.
user_list This file is used to indicate that the default account cannot access ftp by default
vsftpd.conf vsftpd's main configuration file
6.1 Let's talk about the more important options
anonymous_enable=NO #Do not allow anonymous users
local_enable=YES #Allow the use of local users Account login
write_enable=YES #Allow ftp users to write data
dirmessage_enable = YES #Activate directory information - message to remote users
chown_uploads=YES #If you want, you can arrange to upload files anonymously to a different user.
connect_from_port_20=YES #Transfer data through port 20
idle_session_timeout = 600 #You can change the default value to an idle session timeout
data_connection_timeout = 120 #You can change the default value of a data connection timeout
chroot_local_user=YES #Lock users in their home directory, Such as /home/ftpuser, so that the user ftpuser cannot access directories other than this directory
chroot_list_enable=YES #Enable the list of unlocked users in the home directory
chroot_list_file=/etc/vsftpd.chroot_list #When chroot_list_enable is enabled, this list takes effect , the users in the list will not be restricted by locking, the format is one username per line

local_root=/game/feng/lan #Specify the directory address
7. Check whether the ftp port is open
[root@localhost vsftpd]# netstat -ntlp



 
8.防火墙放开ftp21和20端口
[root@localhost vsftpd]# iptables -A INPUT -p tcp --dport 21 -j ACCEPT
[root@localhost vsftpd]# iptables -A INPUT -p tcp --dport 20 -j ACCEPT
[root@localhost init.d]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]

9. Window command verification



 If you do not close the firewall of the window, you can log in but cannot perform other operations and report a 425 error



 

Just turn off the firewall



 The short answer below compares the full name

1, according to your prompt question is relatively simple.
First of all, under the windows command, the port mode is generally used, so the firewall of the client blocks the exit of some high-end ports.
In this case, you can open the Windows 7 client firewall, open some ports 1025 and 65500 to achieve normal access.

Second, you can use FTP tools to download, such as Filezilla, FlashFTp. Such tools, they will have the function of directly opening the passive mode.
2. In the configuration method you suggested below, if you want to open the Linux firewall, the client must be able to access it in passive mode, and the following ports are also added: these ports are added according to the settings in your configuration, the following command is just an assumption
iptables -t filter -I INPUT -p tcp --dport 21 -j ACCEPT
iptables -t filter -I INPUT -p tcp --dport 65400:64100 -j ACCEPT
service iptables save && service iptables restart.
iptables -nL
This allows users to access in passive mode.

PASV_enable=YES enable passive mode
PASV_min_port=%number% passive mode minimum port
PASV_max_port=%number% passive mode maximum port

 

 

 

 



 

 

 

Guess you like

Origin http://10.200.1.11:23101/article/api/json?id=326708901&siteId=291194637
Recommended
LFOSSA Yuanlaisusu Open Course | Mastering the Cloud Native Future: Comprehensive Guide to CNCF Certification and Exam Preparation Tips
Ranking
C++ Basic Syntax
bootstrapTable hides a column based on a condition
Why is reentrant lock recommended instead of Synchronized when dynamic high concurrency?
hexo create a blog
[Fully open source and non-encrypted version] Imitation of the eighth district distribution/online signature/multiple sets of download templates/APP distribution hosting/APP packaging and packaging
Polymerization combination
https://www.flysnow.org/2017/05/06/go-in-action-go-log.html
From the perspective of Flutter and the front-end, talk about how to ensure UI fluency under the single-threaded model
nginx-301, 302 redirect
Geolocation by IP Address in ASP.NET
Daily
More
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)
2024-04-17(31)

Code World

© 2018 codetd.com