The server is migrated from AXX cloud to Txx cloud. If it is migrated, the image server needs to be migrated as well. I used VSFTPD before, and I still use this this time. Here is a record of the FTP server installation and problems encountered.
1: Install the VSFTP component
Use the yum command to install. The installation command is as follows:
yum -y install vsftpd
After the installation is complete, there will be an additional vsftp directory under the /etc directory. As shown below:
2: Create a user corresponding to the ftp server
We know that the ftp server may be provided (although Kaige will not provide it here) for use by other third-party personnel. From the perspective of data and server security, we provide a separate user for ftp. This user is used to log in to the ftp server.
Users can do whatever they want. Here we call this user ftpuser, the command formula for adding users in Linux: useradd username . Then, we apply the formula, and the corresponding command to add users is:
useradd ftpuser
Add a password for the newly added user ftpuser. The command formula for adding a password to a user in Linux: passwd username. So, after we apply this formula for adding users, the command is:
passwd ftpuser
After entering the password twice, the password change is successful.
In this way, the user is newly created. Once created, you can log in with this username and password. The default access path after login is: /home/ftpuser
3: Open the corresponding port
Because the cloud server is used here, find the corresponding security policy group and release ports 21 and 22.
In the corresponding server details, find the security group A cloud) or find the firewall (T cloud), because Kaige uses T cloud here. So it is as shown in the figure below. Click to add a rule.
If it is your own local, you can open ports 21 and 22 of the firewall. I won't go into details here.
4: Modification of selinux
Generally, if it is a new server, selinux is automatically closed. Not enabled. Use the following command:
getsebool -a |grep ftp
As you can see, SElinux is disabled.
If SElinux is enabled on your server, it may appear that the external network can be accessed, but no directory is returned, and it cannot be uploaded. This is the reason for SElinux. Solution:
After executing the above command, if you see that the two highlighted in the above figure are off in the returned result, it means that the external network access is not enabled. Use the following command:
setsebool -P allow_ftpd_full_access on setsebool -P ftp_home_dir on
Set both of these to on.
5: Configuration of vsftpd.conf
Turn off anonymous access
Found in the /etc/vsftpd/vsftpd.conf file: anonymous_enable=YES. Change this YES to NO.
After modification, restart the ftp service. Restart command:
service vsftpd restart
6: Start passive mode
This passive is enabled by default. However, passive ports may be random. So, we need to specify a port range. Similarly, modify it in the vsftp.conf file. Add at the end of this file:
pasv_min_port=30000 pasv_max_port=30999
This port range can be specified at will, and attention should be paid, 1: It cannot conflict with other ports; 2: After adding, remember to restart the vsftp service.
Because the port range is newly added, it is also necessary to open the corresponding port in the security group policy or firewall.
7: Set the FTP service of VSFTPD to start at boot
If you can't, the FTP service cannot be accessed after the server restarts, or if you need to manually start VSFTPD every time you restart the server, you can set VSFTPD to start randomly. Use the command:
chkconfig vsftpd on
8: Verify
After the above steps are completed, the verification can be carried out. Add a jpg file in the ftp directory. Then, if you use ip or configure Nginx reverse proxy, you can try to access it through domain name or Nginx ip.
Hello everyone, I am kaigejava (kaigejava), and I am happy to share technical articles. Welcome everyone to pay attention to "kaigejava" or "kaigejava" (G**Z**H) and learn more in time. Let's learn Java together. You are also welcome to come and chat with Brother Kai if you have anything to do~~~
During operation, the problems encountered are as follows:
①: Use the code to upload
Normally, the default is port 21. If port 21 fails to upload, you can try switching to port 22.
②: After the picture is uploaded, it cannot be accessed:
Modify /etc/vsftpd/ftpuser
In ftpusers, there are users rejected by ftp by default. If you want a system user, delete this user from the ftpusers file.
Be careful here, do not change the deny in /etc/pam.d/vsftpd to allow, otherwise the user you created will report 530 Login incorrect