6.5 FTP File Server construction in CentOS

6.5 FTP File Server construction in CentOS

1. Run the following command to install Vsftp with the root permission (the centos system is used as an example ).

# Yum install vsftpd

2. Before starting the vsftpd service, You need to log on to the ECS to modify the configuration file and disable anonymous logon. Run the following command to open the configuration file:

# Vim/etc/vsftpd. conf

In the configuration file, change "anonymous_enable = YES" to "anonymous_enable = NO" to disable anonymous logon.

3. Read the effective configuration.

# Cat/etc/vsftpd. conf | grep ^ [^ #]

Anonymous_enable = NO # disable anonymous user logon

Local_enable = YES

Write_enable = YES

Local_umask = 022

Dirmessage_enable = YES

Xferlog_enable = YES

Connect_from_port_20 = YES

Xferlog_file =/var/log/xferlog

Xferlog_std_format = YES

Ascii_upload_enable = YES

Ascii_download_enable = YES

Chroot_list_enable = YES # Restrict Access To directories after ftp Logon

Chroot_list_file =/etc/vsftpd/chroot_list # chroot_list needs to be created, including the list of users to be chroot

Listen = YES

Pam_service_name = vsftpd. vu # change it to the configuration file added by yourself.

Userlist_enable = YES

Userlist_file =/etc/vsftpd/user_list

Tcp_wrappers = YES

User_config_dir =/etc/vsftpd/user_conf # users who can log on to ftp are configured here

Pasv_min_port = 65000

Pasvanderbilt max_port = 65500

Create a file

# Touch/etc/vsftpd/chroot_list

4. Modify the pam Configuration of vsftpd so that you can connect to the server through the configured FTP user account and password.

(1) Modify pam.

# Vim/etc/pam. d/vsftpd

Modify the content to: (modify according to my local host configuration)

# % PAM-1.0

Auth required/lib64/security/pam_listfile.so item = user sense = deny file =/etc/ftpusers onerr = succeed

Auth required/lib64/security/pam_unix.so shadow nullok

Auth required/lib64/security/pam_shells.so

Account required/lib64/security/pam_unix.so

Session required/lib64/security/pam_unix.so

5. Set ftp users

(1) The administrator Account (administrator) can log on to upload, download, and read/write permissions.

(2) Public Account (guest), which can be viewed and downloaded only

Use the/var/ftp/pub directory to store data.

# Useradd-s/sbin/nologin administrator

# Chown administrator: administrator/var/ftp/pub

6. Add a logon File

======> Set the username for the odd line and password for the even line

# Vi/etc/vsftpd/login.txt

Administrator

Administrator

Guest

Guest

5. Generate the vsftpd authentication File

# Db_load-T-t hash-f/etc/vsftpd/login.txt/etc/vsftpd/login. db

6. Create the pam Configuration File. centos is 64-bit, so it is the/lib64 directory. If the 32-bit system uses/lib, check whether these files are in the directory.

# Vi/etc/pam. d/vsftpd. vu

Auth required/lib64/security/pam_userdb.so db =/etc/vsftpd/login

Account required/lib64/security/pam_userdb.so db =/etc/vsftpd/login

7. Create a user configuration file directory

Use the mkdir command to create a user configuration file directory

# Mkdir/etc/vsftpd/user_conf

Create a separate configuration file for the virtual user. The name of the configuration file is the same as the user name.

# Vim/etc/vsftpd/user_conf/administrator # view the configuration 8

# Vim/etc/vsftpd/user_conf/guest

8. Each FTP virtual user can set its permissions independently.

Anon_upload_enable = YES can be uploaded

Download_enable = NO cannot be downloaded

Anon_mkdir_write_enable = YES can be used to create and delete folders.

Anon_other_write_enable = YES can rename and delete files

Local_root =/var/ftp/pub specify the Home Directory

Anon_world_readable_only = NO readable and downloadable

9. Set startup and Common commands

# Chkconfig vsftpd on

# Service vsttpd restart

10. You can access it through a browser. Haha