Set up the FTP server VSFtp
1. Create a virtual machine on the azure cloud, and mount the new hard disk 2T establish hj account. All other default.
2. azure server to open ICMP service, ftp20, ftp21,3600-3666 port.
3. Optimize system settings
Optimizing process priority
pidof sshd |xargs renice -n -20
pidof ftpd |xargs renice -n -20
Turn off the firewall and SELinux
ubuntu default firewall is turned off
vi /etc/selinux/config
#SELINUX=enforcing #注释掉
#SELINUXTYPE=targeted #注释掉
SELINUX=disabled #增加
:wq! #保存退出
setenforce 0 #让SELinux进入Permissive模式(宽容模式)
4. Installation vsftpd server
sudo apt-get install vsftpd
The configuration file vsftpd.conf
sudo vi /etc/vsftpd.conf
listen=NO
listen_ipv6=YES
#这个是设置是否允许匿名登录ftp服务器,不允许。
anonymous_enable=NO
#是否允许本机用户登录
local_enable=YES
#允许上传文件到ftp服务器
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
#下面三项禁止用户切换上级目录的权限
chroot_local_user=YES
chroot_list_enable=NO
allow_writeable_chroot=YES
# (default follows) 允许chroot_list文件中配置的用户登录此ftp服务器。
chroot_list_file=/etc/vsftpd.chroot_list
# 该选项应该是一个空目录名。而且,ftp用户对该目录没有写权限。偶尔在vsftpd不需要访问文件系统时,该目录被用作一个安全的chroot() jail(监狱)。
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO
#配置ftp服务器的上传下载文件所在的目录。
local_root=/data/ftpfile/share
#增加随机端口范围,被动模式可以使用随机端口,解决客户端连接FTP时无法列出目录问题。
pasv_max_port=6666
pasv_min_port=6600
6. Create the ftp group, user, access the directory
Creating ftp group
groupadd -g 2001 ftpgroup
Create a user ftp
Specify the parameters for the user useradd command:
Common command-line options:
-
-d: Specifies the user's home directory
-
-m: If there are no longer created, but the directory does not belong to a newly created user; if the home directory does not exist, create mandatory; -m and -d a use.
-
-s: shell version of the specified user login
-M: do not create the home directory
sudo useradd -d "/home/ftpuser" -m -s "/bin/bash" -g ftpgroup ftpuser
sudo passwd
#输入密码
Create ftp directory
mkdir /data/ftpfile/share
chown -R ftpuser.ftpgroup /data/ftpfile/share
7. configured to use the user information to the server ftp
This will allow the use of ftp server user name into chroot_list file
sudo vim /etc/vsftpd.chroot_list
ftpuser
8. Restart ftp, and tested
sudo /etc/init.d/vsftpd restart
或
sudo systemctl restart vsftpd
upload data
ftp> mput libzmq.tgz .
Download Data
ftp> get libzmq.tgz
ftp> mget *.* (回车)
Disconnect
ftp> bye