Article directory
1 Introduction to vsftpd
FTP is the abbreviation of File Transfer Protocol file transfer protocol.
VSFTP is the abbreviation of Very Security FTP, that is, a very secure file transfer protocol.
The implementation of VSFTP server users has the following three forms:
Anonymous user mode: When installed by default, the system supports anonymous user access, the default is FTP user, the user entered when the client logs in is anonymous, and the corresponding server working directory is /var/ftp.
Local user mode: user logins in the file /etc/passwd.
Virtual user mode: The user name and password are stored in the database file, and can only access the resources provided by the FTP server.
FTP file transfer mode:
ASCII mode: suitable for text transmission. If the file contains simple ASCII code text, it will be parsed into a text file format that the client can store when transferring across operating systems; if it is a non-text file, parsing errors are likely. To switch this mode, enter ascii on the client command line.
Binary mode: suitable for transfer of programs, databases, word processing files and compressed files. To switch this mode, enter bin on the client command line.
Two working modes of FTP:
Active mode: the client sends a request through the command port M to establish a connection with port 21 of the server; when the client needs to transmit data, it sends a PORT command to the server through the channel M, and PORT includes the data port N for the client to receive data ; The server connects to the data port N designated by the client through data port 20 to send data.
Passive mode: the client sends a request through the command port M to establish a connection with port 21 of the server; when the client needs to transmit data, it sends a PASV command to the server through the channel M; the server randomly opens a data port X, and Use the PORT command to tell the client to connect to the X port; the client opens the data port N to connect to the data port X of the server, and then performs data transmission.
It can be seen that the active mode and passive mode are for the server. The former is that the server actively opens port 20 for data transmission; the latter is that the server randomly opens ports, waits for the active connection of the client, and passively accepts data transmission.
Second environment preparation
| parameter | first host | second host |
|---|---|---|
| IP | 10.0.0.100 | 10.0.0.101 |
| CPU name | canway | canway02 |
| operating system version | CentOS Linux release 7.9.2009 (Core) | CentOS Linux release 7.9.2009 (Core) |
| kernel | 3.10.0-1160.el7.x86_64 | 3.10.0-1160.el7.x86_64 |
| effect | VSFTP server | VSFTP client |
| selinux | closure | closure |
| firewall firewalld | closure | closure |
Three service deployment
3.1 Install the software
Choose the simplest yum installation method here, provided that you check whether the yum source configuration is correct.
yum install -y vsftpd
3.2 Writing configuration files
First, back up the original configuration file to prevent it from being restored after misuse.
[root@canway ~]# cd /etc/vsftpd/
[root@canway vsftpd]# cp vsftpd.conf vsftpd.conf.bak
Then enable the logging of FTP upload and download.
Delete the # in front of the following two parameters and remove the comment to make it take effect.
xferlog_enable=YES
xferlog_file=/var/log/xferlog
Then allow anonymous users to upload files to the server, create directories and write files.
anon_upload_enable=YES
anon_mkdir_write_enable=YES
3.3 User Authorization
In the anonymous user login mode, after the client logs in to the server, the user accessed by the server is the ftp user, and the default home directory of the ftp user is /var/ftp/pub, and the owner of this directory is root, so ftp Users do not have permission to access and create (transfer) files in this directory, so authorization is required.
chown -R ftp /var/ftp/pub
3.4 Start the service
Then start the vsftpd service, make it start automatically at boot, and check the service status.
[root@canway vsftpd]# systemctl start vsftpd
[root@canway vsftpd]# systemctl enable vsftpd
[root@canway vsftpd]# systemctl status vsftpd
After checking, the service started successfully.
3.5 File transfer test
Then try to transfer files through anonymous user mode.
3.5.1 Windows to Linux
On the local Windows host, use the Windows+R key to open the cmd command
Then put the file that needs to be uploaded to the 10.0.0.100 server in the current directory, the file name I want to transfer is test.txt
Then enter the username anonymous and an empty password to log in to the server.
After an anonymous user logs in to the system, the default initial location is in the /var/ftp directory.
Then enter the /var/ftp/pub directory, and transfer the Windows test.txt file to this directory.
Check if the file transfer was successful.
3.5.2 filezilla
In Windows, in addition to the cmd command, it can also be transmitted through the third-party software filezilla.
Here, ordinary users are used to connect to the server for file transfer.
First create user user01 and set password 123456.
[root@canway pub]# useradd user01
[root@canway pub]# echo 123456|passwd user01 --stdin
Changing password for user user01.
passwd: all authentication tokens updated successfully.
Then authorize the user to create files in the /var/ftp/pub directory.
[root@canway pub]# chown -R user01 /var/ftp/pub/
Then open the filezilla software, enter the host IP, user name, and password to connect.
Then use the mouse to drag and drop the file to the corresponding directory to transfer the file.
3.5.3 From Linux to Linux
It is basically the same as the command from Windows to Linux, but first check whether the client has the ftp command.
If there is no such command, only yum installation is required.
yum install -y ftp
Then use the ftp command to establish a connection with the server and transfer files.
