Basic configuration of Linux-FTP

Enterprise 2023-09-19 05:34:09 views: null

Basic settings, principles and installation of Centos7-FTP

Table of contents


1. The basic configuration of the FTP service includes the following items:

User permission configuration: You can restrict FTP user access permissions and file upload and download permissions by configuring user accounts and directory access permissions.

Port configuration: FTP service needs to open TCP ports 21 (control port) and 20 (data port), which can be configured accordingly in network devices such as firewalls and routers.

SSL/TLS encryption configuration: You can configure the FTP service to enable the SSL/TLS encryption protocol to ensure the security of data transmission. You can use the openssl command to generate certificates and related configurations.

PASV passive mode configuration: When the FTP server is placed behind a firewall, PASV passive mode needs to be used to bypass the firewall restrictions.

Anonymous access configuration: You can configure the FTP server to support anonymous access by setting allowed directories and access permissions to implement the function.

2. The settings in this chapter only allow users in the whitelist (users in the user_list file) to access the ftp operation process reference

2.1.Install ftp

If ftp is not installed, install the vsftpd software package: as follows

[root@localhost ~]# yum -y install vsftpd
Insert image description here

#Successful installation is displayed

2.2 Back up the main configuration file:

[root@localhost ~]# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak

#Backup is to prevent the original system files from being damaged during the operation.

[root@localhost ~]# ls /etc/vsftpd
Insert image description here

#Otherwise it fails

3. Remove the lines starting with #:

[root@localhost ~]# grep -v “^#” /etc/vsftpd/vsftpd.conf.bak > /etc/vsftpd/vsftpd.conf

2.3 Edit the main configuration file and enable the whitelist:

To enable the whitelist of the FTP service, you can limit the IP addresses or IP address ranges that FTP users can access by adding allow/deny rules in the main configuration file. When editing the main configuration file /etc/vsftpd.conf

In order to enable the whitelist, you need to modify the listen_address configuration item and add allow/deny rules to list legal IP addresses or IP address segments, as shown below:

[root@localhost ~]# vi /etc/vsftpd/vsftpd.conf
Insert image description here

2.4. Edit the list file user_list and add zhangsan and lisi:

[root@localhost ~]# vi /etc/vsftpd/user_list

Insert image description here

6. Add local accounts zhangsan and lisi to the system:

[ root@localhost~]# useradd list

[root@localhost ~]# passwd lisi

Insert image description here

7. View existing system local ordinary accounts:

[root@localhost ~]# tail -3 /etc/passwd

Insert image description here

2.5. Turn off the firewall:

[root@localhost ~]# systemctl stop firewalld

[root@localhost ~]# setenforce 0

Insert image description here

2.6. Start the ftp service:

Insert image description here

If startup fails when configuring the FTP service to enable whitelisting, it may be caused by syntax errors in the configuration file or incorrect rule settings.

2.7 Verification

Enter the ftp protocol and server IP address in the address bar of the physical machine resource manager:

Insert image description here
At this time, click OK, right-click to find login, and enter the password you just created for the account.
Insert image description here
12. Try to upload the file, and it succeeds:
Insert image description here

2.8 Check running status and automatic startup

The following command checks the running status of the FTP service

sudo systemctl status vsftpd
Insert image description here

In order to ensure that the FTP service starts automatically when the system starts, you can use the following command to enable the self-starting function of the FTP service:

sudo systemctl enable vsftpd

After the modification is completed, save the modification and use the following command to restart the FTP service:

sudo systemctl restart vsftpd

2.9 Configure FTP service restriction permissions

To configure the FTP service, you can edit the /etc/vsftpd/vsftpd.conf file to modify FTP user access rights and file upload and download restrictions, etc.

anonymous_enable=YES # 允许匿名访问
local_enable=YES # 允许本地用户访问

write_enable=YES # 允许上传文件

chroot_local_user=YES # 将用户限制在主目录中,避免用户越权访问

local_umask=022 # 文件上传的权限掩码,表示将文件权限设置为-rw-r--r-- 			pasv_enable=YES # 允许PASV被动模式

pasv_min_port=12020 # PASV被动模式最小端口号

pasv_max_port=12025 # PASV被动模式最大端口号

ssl_enable=YES # 启用SSL/TLS加密

ssl_cert_file=/etc/vsftpd/vsftpd.crt # SSL证书文件

ssl_key_file=/etc/vsftpd/vsftpd.key # SSL证书私钥文件

It should be noted that the above configuration may not be suitable for all environments and needs, and can be modified accordingly according to the actual situation. After modifying the configuration file, you need to restart the vsftpd service for the modification to take effect. Modify the above parameters carefully, otherwise ftp will not operate properly.

The above are the basic steps for installing FTP service on CentOS7. You can configure it according to your actual situation.

3. Summary

FTP (File Transfer Protocol) is a standard network protocol used to transfer files between computers. The following is a summary of FTP configuration on Linux systems:

  1. Install FTP server: In Linux systems, we can use vsftpd, ProFTPD and other FTP server software to support FTP services. We need to install the FTP server software on the Linux system using a package manager such as yum.

  2. Configure FTP server: After installing the FTP server, we need to configure the FTP server to support user access and file transfer. In the FTP server, we can specify the FTP root directory, manage users, assign permissions, etc. The FTP server can be configured in the /etc/vsftpd/vsftpd.conf file.

  3. Add FTP user: We need to add a user to the FTP server to allow users to upload and download files. In Linux systems, we can use the useradd and passwd commands to create FTP users, and specify the FTP root directory through the chroot command.

  4. Firewall configuration: In Linux systems, we usually need to open the ports required by the FTP server to allow transfers. We can configure corresponding rules in the firewall in the Linux system to ensure normal communication between the FTP client and server.

  5. Test the FTP service: After setting up and configuring the FTP server, we need to test whether it is working properly. We can use an FTP client tool (such as FileZilla) to connect to the FTP server and use the FTP client to perform operations such as file upload and download to test whether the configuration is functioning properly.

In short, configuring an FTP server in a Linux system involves many aspects and requires proficiency in FTP server software, user management, file transfer, firewall configuration and other technologies. However, once configured, we can transfer files and share data quickly and securely.

Guess you like

Origin blog.csdn.net/chenqb_/article/details/131334726
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com