learning target:
Build skills Linux-based FTP server to master this article. At the same time understand the functions of Linux firewall and selinux two security tools and basic use.
This experiment contains content for FTP software installation, firewall management, selinux management, FTP configuration file editing, Linux platform FTP clients.
Experimental Procedure:
1, install vsftpd
2, put firewall through FTP service
3, turn off selinux
4, the client connect to the server, the file download test
5. Edit the FTP configuration file, set the directory permissions, to achieve the client to upload files
Command:
1, install vsftpd
vsftpd Linux platform is the most famous FTP tool
[root@server dhcp]# yum install vsftpd -y
2, put firewall through FTP service
To add a permanent rule permanent, the restart still take effect
reload to reboot the firewall
3, turn off selinux
selinux is to enhance security mechanism Linux system, currently temporarily turn it off
getenforce View selinux running state, enforcing is open, permissive off
setenforce 0 off selinux
setenforce 1 is open selinux
4, create a test file in the working directory FTP download from the client
4.1 server, create a file, open Service
[root@server dhcp]# systemctl enable vsftpd
[root@server dhcp]# systemctl start vsftpd
4.2 server and client-side connection to download the test
Enabled by default anonymous login without entering a user name and password
After landing can view shared directory and download files, but does not upload.
5, vsftp edit the main configuration file, and modify the shared directory permissions, realize ftp upload
[root@server pub]# vim /etc/vsftpd/vsftpd.conf
#anon_upload_enable=YES
#anon_mkdir_write_enable=YES
The above two lines of the # removed # in the configuration file is the role of "Notes", that does not work.
Restart vsftpd server
[root@server pub]# systemctl restart vsftpd
Modify the shared directory permissions
[root@server pub]# chmod 777 /var/ftp/pub/
The client upload test
