1. FTP is used to transfer files between two computers. It is one of the most widely used services on the Internet. It can set the usage permissions of each user according to actual needs. It also has cross-platform features, that is, it can be used in UNIX, FTP clients and servers can be implemented in operating systems such as Linux and Windows, and files can be transferred across platforms. Therefore, FTP service is one of the resource sharing methods often used in the network. The FTP protocol has two working modes, PORT and PASV, namely active mode and passive mode.
2. FTP (File Transfer Protocol) is a file transfer protocol. It is a TCP-based protocol that adopts client/server mode. Through the FTP protocol, users can upload or download files in the FTP server. Although now through HTTP There are many sites for protocol downloading, but because the FTP protocol can well control the number of users and bandwidth allocation, and upload and download files quickly and easily, FTP has become the preferred server for file uploading and downloading on the network. At the same time, it is also a application, users can connect their computers to all servers running the FTP protocol around the world and access a large number of programs and information on the servers.
Install and configure ftp
1. Install vsftpd and dependencies
yum install -y vim net-tools #工具
yum install -y vsftpd* pam* db4* #ftp软件 #pam:认证模块 #DB4支持文件数据库 2. Modify the configuration file
vsftp configuration file
Copy configuration file
cd /etc/vsftpd
ls
cp vsftpd.conf{,.bak}
ls
Edit configuration file
vim vsftpd.confwrite_enable=YES #
anon_umask=022
anonymous_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YESRelevant parameters of ftp configuration file
https://blog.csdn.net/jiance520/article/details/85723550
3. Turn off the firewall and selinux
systemctl stop firewalld #关闭防火墙
systemctl disable firewalld #永久关闭
setenforce 0 #暂时关闭selinux
4. Modify permissions ftp to upload
cd /var/ftp #放置根目录的地方
ls
chown -R ftp.ftp pub/ #设置权限
ll
5.vsftp configures the user of the local system
Create a test user (account: kiki, kuku password: 040057)
useradd kiki #创建系统用户
useradd kuku
echo "040057" | passwd --stdin kuku #设置密码
echo "040057" | passwd --stdin kiki2. Modify configuration file
cd /etc/vsftpd.conf
3. Add newly created users to the whitelist
vim /etc/vsftpd/user_list
1. Create a virtual FTP user account database file.
The vsftpd service uses a database file in Berkeley DB format to store virtual user accounts. Creating this kind of database file requires the use of the db_load tool. The db_load tool is provided by the db4-utils software package and is installed by default.
● -f specifies the original data file
● -T allows non-Berkeley DB applications to use DB data files converted in text format
● -t hash the basic method of reading files
useradd -s /sbin/nologin vu #建立虚拟ftp用户的账号
cd /etc/vsftpd
vim user #创建虚拟用户文件,(奇数行:账号。偶数行:密码。)
db_load -T -t hash -f user user.db #创建数据文件 
4.PAM (Pluggable Authentication Modules) is an authentication mechanism proposed by Sun. It separates the services provided by the system and the authentication methods of the services by providing some dynamic link libraries and a unified set of APIs, allowing system administrators to flexibly configure different authentication methods for different services as needed without changing the service program. , and also facilitates adding new authentication methods to the system.
Create a new PAM file vsftpd.vu for virtual user authentication. The "db=" parameter in the PAM file is the path to the account password database file generated using the db_load command, but there is no need to write the suffix of the database file:
vim /etc/pam.d/vsftpd.vu
auth required /lib64/security/pam_userdb.so db=/etc/vsftpd/user
#该模块将使用位于/etc/vsftpd/user的数据库进行身份验证。第二行表示在进行账户管理时
account required /lib64/security/pam_userdb.so db=/etc/vsftpd/user
#该模块将使用位于/etc/vsftpd/user的数据库进行账户管理。这两行配置通常用于vsftpd服务器的用户认证和管理Modify configuration file
vim vsftpd.confwrite_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
userlist_enable=YES
tcp_wrappers=YES
allow_writeable_chroot=YES
guest_enable=YES
guest_username=vu
pam_service_name=vsftpd.vu
local_enable=YES
local_umask=077
chroot_local_user=YES
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd/user_dirParameter explanation
write_enable=YES #表示启用写入功能。
dirmessage_enable=YES #表示启用目录消息功能。
xferlog_enable=YES #表示启用传输日志功能。
connect_from_port_20=YES #表示使用端口20进行数据连接。
xferlog_std_format=YES #表示使用标准格式记录传输日志。
listen=YES #表示启用监听功能。
userlist_enable=YES #表示启用用户列表功能。
tcp_wrappers=YES #表示启用TCP包装器功能。
allow_writeable_chroot=YES #表示允许可写的chroot目录。
guest_enable=YES #表示启用访客账户功能。
guest_username=vu #表示访客账户的用户名为vu。
pam_service_name=vsftpd.vu #表示PAM服务名称为vsftpd.vu。
local_enable=YES #表示启用本地用户功能。
local_umask=077 #表示本地用户的umask值为077。
chroot_local_user=YES #表示将本地用户chroot到其主目录。
virtual_use_local_privs=YES #表示虚拟用户使用本地权限。
user_config_dir=/etc/vsftpd/user_dir #表示用户配置文件所在目录为/etc/vsftpd/user_dir。Create independent configuration directories and files for the created virtual users
mkdir /etc/vsftpd/user_dir
cd user_dirvim kuku #用户文件
local_root=/etc/vsftpd/dataCreate a directory where virtual user data is stored
cd ..
mkdir data
chmod 777 data/Finally the client test is completed