Linux deployment services and Detailed vsftp

A, FTP Service Overview:

FTP server (File Transfer Protocol Server) to provide documents on the Internet to store and access computer services, services provided by them in accordance with the FTP protocol.

The FTP (File Transfer Protocol: File Transfer Protocol) function: protocol used to transfer files on the Internet

    Can be transmitted on the LAN, of course, you can ftp file transfer over the WAN.

vsftp : (commensurate Linux system, the installation package is the name Linux system)

VSFTP is based on the use of GPL release of Unix-like systems FTP server software, which stands for Very Secure FTP can be seen from the name, the original intention of compilers is safe code.

Features:

It is a secure, high-speed and stable FTP server;

mode:

C / S Mode

vsftp port:

        20 ( transfer data) 21 (transmission command) 20 # retransmission data port, users connected to port 21.

Vsftp install server ( vsftpd ), client ( lftp )

[root@localhost ~]# rpm -ivh /mnt/Packages/vsftpd-2.2.2-6.el6_0.1.x86_64.rpm

or:

yum -y install vsftpd

Second, install the client:

[root@localhost ~]# yum install -y vsftp

 

vsftp main configuration file locations and other related ftp configuration file:

/etc/vsftpd/vsftpd.conf : vsftpd core configuration file

/ etc / vsftpd / ftpusers : used to specify which users can not access the FTP server. blacklist

/ etc / vsftpd / user_list : specify a list of users allowed to use the file vsftpd. whitelist

vim  /etc/vsftpd/user_list

 

# If userlist_deny = YES (default) , never allow the user to log in this file ftp, or even not prompted for a password

#prompt Tips

/etc/vsftpd/vsftpd_conf_migrate.sh : some variables vsftpd operation and setup script

/ var / FTP / : anonymous user's default root case;

 

Modify the configuration file:

[root @ localhost vsftpd] # cp vsftpd.conf vsftpd.conf.back        # modify the configuration files to back up, mistakes when you can do to recover;

[the root @ localhost  ~] # Vim /etc/vsftpd/vsftpd.conf #vsftp profile;

 

1. allow anonymous users to access:

= YES anonymous_enable             # whether to allow anonymous users to access; (default YES)

2. allow anonymous users to upload files and create directories:

= YES anon_upload_enable            # allow anonymous users to upload files;

= YES anon_mkdir_write_enable        # allow anonymous users to create directories;

3. To allow anonymous users to delete files and file naming:

= YES anon_other_write_enable        # allow anonymous users to delete files named files;

4. Set the anonymous user uploaded files in the default mask values:

anon_umask=022                      #......

5. Set anonymous FTP root user (default / var / ftp /)

= anonroot / the var / the ftp                  # ......

To the best anonymous user rights not too much, it is recommended 755   

Note: real life, only anonymous users read-only access, no write permissions.

Local users:

1. allow local users to log:

= YES local_enable                # allow local users to log

2. The local user FTP root directory (the default directory for the user's host)

Local_root=/var/ftp

3. The default permissions mask value of the local user to upload:

Local_umask=022

4. Set a local user to upload writing support:

YES write_enable =                # start uploading writing support

The establishment of a separate configuration files for different virtual users:

    = user_config_dir / etc / vsftp / vusers_dir       # settings for each user to find a separate configuration file from / etc / vsftp / vusers_dir directory;

Adding virtual users:

[root@localhost vsftpd]# vim /etc/vsftpd/vsftpd.conf

  pam_service_name = vsftpd.vu // modified

userlist_enable=NO                  //修改

anon_root = / var / ftp / soft // added to the end

guest_enable=yes                //添加

guest_username = zhangsan // add

user_config_dir=/etc/vsftpd/vusers_dir    //添加

allow_writeable_chroot=YES           //添加

########################################################################

Example: establishment of an independent profile for virtual users.

mkdir / etc / vsftpd / vusers_dir / # Create a user profile folder;

cd / etc / vsftpd / vusers_dir / # into the / etc / vsftpd / vusers_dir / lower;

    vim john # for the user john establishment of an independent profile;

local_root=/var/ftp

anon_umask=022

write_enable=YES 

anon_mkdir_write_enable=YES

 

= YES chroot_list_enable : functional bowel chroot

= the chroot_list_file / etc / the vsftpd / chroot_list : lock the user is provided a list of files in the root directory. This file is stored user names to be locked

= YES allow_writeable_chroot : allow locked user has write permissions

     

Set local permissions:

Start Service

[root@localhost vsftpd]# systemctl start vsftpd

[root@localhost vsftpd]# systemctl enable vsftpd

## Note Closing iptables and selinux

[root@localhost ~]# netstat -antup | grep ftp

tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN

Restart vsftpd service configuration to take effect:

service  vsftpd  restart

Client Login lftp:

[root@localhost ~]# lftp  192.168.0.63  -u  team1,123456