This paper tests in Ubuntu Server 14.04 amd64 systems.
Made By:CSGrandeur
Installation ftp
sudo apt-get install vsftpd
Configuration vsftpd.conf
sudo nano /etc/vsftpd.conf
# Disable anonymous access anonymous_enable = NO # accept local user local_enable = YES # allowed to upload write_enable = YES # users can only access restricted directories chroot_local_user = YES # Set fixed directory, add at the end. If you do not add this line, corresponding to each user their own directory, of course, this folder build their own local_root = / home / ftp
Look online, said his party "pam_service_name = vsftpd", I think I do have a configuration file, on the matter.
Add user ftp
sudo useradd -d /home/ftp -M ftpuser sudo passwd ftpuser
Adjust folder permissions
This is to avoid "500 OOPS: vsftpd: refusing to run with writable root inside chroot ()"
sudo chmod a-w /home/ftp sudo mkdir /home/ftp/data
After logging this data you will see the folder, although a little trouble, the reason is not the table. . It has been difficult to find information such bitterness. .
Change pam.d / vsftpd
This time directly with the useradd ftp account login will be 530 login incorrect
sudo nano /etc/pam.d/vsftpd
Commented
#auth required pam_shells.so
Restart vsftpd
sudo service vsftpd restart
Then you can use just built this ftpuser ftp user logs on, and see / home local_root set / ftp, and is limited to that directory.
Can browser with ftp://xxx.xxx.xxx.xxx access, you can also use ftp software such as flashFXP, password is the password of ftpuser.
Restrictions on user access to the folder
, Chroot_list_enable, chroot_list_file these three files is controlled by chroot_local_user, turn other people 's words:
First, chroot_list_enable easy to understand, it is this: file chroot_list_file configuration is enabled, if YES means chroot_list_file configuration file to take effect, or do not take effect;
second, chroot_list_file also simple configuration of a file path, the default is /etc/vsftpd.chroot_list the file will fill in some of the account name. But the significance of these accounts is not fixed, it is associated with configuration items chroot_local_user. After the one described;
third, chroot_local_user is YES means that all users * * not switch to another directory of the directories, but! In addition to user chroot_list_file configuration files listed. chroot_local_user is NO means that all users * * can switch to another directory of the directories, but! In addition to user chroot_list_file configuration files listed. It can be understood as the user "exceptional circumstances" chroot_list_file listed.
If the client login prompt when the "Connection mode failed to pasv"
Edit /etc/vsftpd.conf
Finally, add
pasv_promiscuous=YES
Remember: sudo chown --recursive root: ftp ftpdata
And then restart the vsftpd service.
About to install and remove vsftpd:
1) using the apt-get tool mounting vsftpd
sudo apt-get install vsftpd
2)
service vsftpd start vsftpd service open
service vsftpd stop stop vsftpd service
service vsftpd restart to restart the vsftpd service
3) Modify vsftpd configuration file
south you /etc/vsftpd.conf
4) The main configuration
listen = YES # server listens
local_enable = YES # whether to allow a local user to access
write_enable = YES # is allowed to upload files will not open report 550 permission denied
anonymous_enable = NO # allow anonymous access, do not open by default
# Anon_upload_enable = YES # allow anonymous upload, default is NO
# Anon_mkdir_write_enable = YES # create folders allow anonymous
5) users access to directory settings:
chroot_local_user = YES # used to specify the user list file the user is allowed to switch to the parent directory. Default is NO. chroot_list_enable = YES # Set whether the user list file chroot_list_file configuration items specified enabled. Default is NO. chroot_list_file = / etc / vsftpd.chroot_list # disabled list list in the format of a user line that specifies the user list file, which is used to control which users can switch to the parent directory user's home directory.
1) When chroot_list_enable = YES, chroot_local_user = YES, /etc/vsftpd.chroot_list users listed in the file, can switch to another directory; user not listed in the document, can not switch to another directory.
(2) When chroot_list_enable = YES, chroot_local_user = NO, the users listed in the file /etc/vsftpd.chroot_list, can not switch to another directory; user not listed in the document, can switch to another directory.
(3) When chroot_list_enable = NO, chroot_local_user = YES, all users can not switch to another directory.
(4) When chroot_list_enable = NO, chroot_local_user = NO, all users can switch to another directory.
6)
local_umask = on 022 # FTP native file permissions, the default is 077 dirmessage_enable = YES # into the folder allows xferlog_enable = YES # ftp logging permit connect_from_port_20 = YES # Enable port 20 as a data transfer port xferlog_enable = yes # activate upload and downstream log xferlog_std_format = yes # using a standard logging format ftpd_banner = XXXXX
After 7) configuration can use the following command to restart the vsftpd configuration to take effect
sudo /etc/init.d/vsftpd restart
or
sudo service vsftpd restart
8) Create a directory
mkdir -p /home/uftp
9) Create a user
sudo useradd -g ftp -d /home/uftp -m uftp
10) Set the user password
sudo passwd uftp 123456
11) add users to the permissions file
Edit /etc/vsftpd.chroot_list file, ftp account name added to it, save and exit
sudo came /etc/vsftpd.chroot_list
12) Restart vsftpd service
sudo service vsftpd restart
13) Delete User
sudo userdel uftp
14) Uninstall vsftpd
sudo apt-get remove --purge vsftpd