FTP Profile
FTP is the File Transfer Protocol (File Transfer Protocol) the title, while the Chinese referred to as "Interfax agreement." For two-way transmission control files on the Internet. At the same time, it is also an application (Application). There are different FTP applications based on different operating systems, and all of these applications comply with a protocol to transfer files. Providing computer access and file storage services on the Internet, they are in accordance with the FTP protocol to provide service! FTP is an FTP server is the server! FTP protocol provides a set of protocols for storing and transport services. ". (Upload)" Download "(Download) and" uploading and downloading "file is from a remote host to copy files onto your computer;" upload "files is to copy files from your computer to a remote host using Internet language. , the user can (download) files to (from) the remote host uploaded by a client program.
working principle
Operating with an FTP (C / S configuration) client / server establishes a connection between the client and the server through the TCP protocol, but most other applications of different protocols, FTP protocol between the client and server to establish a two communication links, each data link and control link, wherein the link is responsible for controlling the transmission and reception of the FTP command during an FTP session, the data link is responsible for transmitting data. FTP session contains two channels, control channels and data channels, FTP work in two ways, one is the active mode, one is the passive mode to FTPServer as the reference, the active mode, the client server actively connected to the transmission, passive mode, waiting for client connections. (Either active mode or passive mode, the first control channel is first set up, but the difference in data transfer mode).
Installation and configuration of the FTP server cloud ECS
Preparation Before Installation
vsftpd under linux is a small light, safe and easy to use FTP server software, is a Linux distribution in each of the most respected FTP server software.
1. Install vsftpd, direct yum install on it
yum install -y vsftpd
Appears next figure shows the installation was successful.
2. Related profiles:
cd /etc/vsftpd
/etc/vsftpd/vsftpd.conf // main configuration file, core configuration files
/etc/vsftpd/ftpusers // blacklist, the user is not allowed to access the inside of the FTP server
/etc/vsftpd/user_list // white list, allowing users to access the FTP server list
3. Start Services
systemctl enable vsftpd.service // set the boot from the start
systemctl start vsftpd.service // start ftp service
netstat -antup | grep ftp View // ftp service port
Open FTP service corresponding firewall ports: After 21, FTP server.
Configure the local user login
Local users to log refers to the use of the Linux operating system user account and password ftp server, the default installation supports only vsftp anonymous ftp login, if the user tries to use the Linux operating system account login server, will be rejected vsftpd
1. Create and specify the user's home directory ftptest
useradd ftptest -s /sbin/nologin -d /data/www/yueji2. Set password
passwd ftptestAfter setting enter the password twice!
Viewing System Users
3. Modify /etc/vsftpd/vsftpd.conf:
-
Run
vim /etc/vsftpd/vsftpd.conf. -
Button i to enter edit mode.
-
Will be whether to allow anonymous FTP login parameters to modify
anonymous enable=NO. -
Will be whether to allow local users to log into the FTP parameter modification
local_enable=YES. -
Key Esc to exit edit mode, then press the button
:wqto save and exit the file.
4. Run the following command to reload the configuration file.
systemctl restart vsftpd.serviceThe passive mode connection configuration data port vsftp
pasv_enable=YES
pasv_min_port=10000
pasv_max_port=10010
You need to open port configuration corresponding to
6, Configuring vsftpd FTP accounts limit access to other directories
涉及文件:
vsftpd.conf
chroot_list_file=/etc/vsftpd.chroot_list
如果设置为
chroot_local_user=YES
chroot_list_enable=YES(这行可以没有, 也可以有)
chroot_list_file=/etc/vsftpd.chroot_list
那么, 凡是加在文件vsftpd.chroot_list中的用户都是不受限止的用户,即, 可以浏览其主目录的上级目录.
如果不希望某用户能够浏览其主目录上级目录中的内容,可以如上设置,然后在文件vsftpd.chroot_list中去掉或不添加该用户即可。
也可以如下配置
chroot_local_user=NO
chroot_list_enable=YES(这行必须要有, 否则文件vsftpd.chroot_list不会起作用)
chroot_list_file=/etc/vsftpd.chroot_list
然后把所有不希望有这种浏览其主目录之上的各目录权限的用户添加到文件vsftpd.chroot_list中即可(一行一个用户名,此时, 在该文件中的用户都是不可以浏览其主目录之外的目录的)
将对应的 FTP 账号 配置到 chroot_list 文件内。
重启 FTP 服务
通过 flashxp 客户端 测试链接
