6.5 FTP File Server construction in CentOS
1. Run the following command to install Vsftp with the root permission (the centos system is used as an example ).
# Yum install vsftpd
2. Before starting the vsftpd service, You need to log on to the ECS to modify the configuration file and disable anonymous logon. Run the following command to open the configuration file:
# Vim/etc/vsftpd. conf
In the configuration file, change "anonymous_enable = YES" to "anonymous_enable = NO" to disable anonymous logon.
3. Read the effective configuration.
# Cat/etc/vsftpd. conf | grep ^ [^ #]
Anonymous_enable = NO # disable anonymous user logon
Local_enable = YES
Write_enable = YES
Local_umask = 022
Dirmessage_enable = YES
Xferlog_enable = YES
Connect_from_port_20 = YES
Xferlog_file =/var/log/xferlog
Xferlog_std_format = YES
Ascii_upload_enable = YES
Ascii_download_enable = YES
Chroot_list_enable = YES # Restrict Access To directories after ftp Logon
Chroot_list_file =/etc/vsftpd/chroot_list # chroot_list needs to be created, including the list of users to be chroot
Listen = YES
Pam_service_name = vsftpd. vu # change it to the configuration file added by yourself.
Userlist_enable = YES
Userlist_file =/etc/vsftpd/user_list
Tcp_wrappers = YES
User_config_dir =/etc/vsftpd/user_conf # users who can log on to ftp are configured here
Pasv_min_port = 65000
Pasvanderbilt max_port = 65500
Create a file
# Touch/etc/vsftpd/chroot_list
4. Modify the pam Configuration of vsftpd so that you can connect to the server through the configured FTP user account and password.
(1) Modify pam.
# Vim/etc/pam. d/vsftpd
Modify the content to: (modify according to my local host configuration)
# % PAM-1.0
Auth required/lib64/security/pam_listfile.so item = user sense = deny file =/etc/ftpusers onerr = succeed
Auth required/lib64/security/pam_unix.so shadow nullok
Auth required/lib64/security/pam_shells.so
Account required/lib64/security/pam_unix.so
Session required/lib64/security/pam_unix.so
5. Set ftp users
(1) The administrator Account (administrator) can log on to upload, download, and read/write permissions.
(2) Public Account (guest), which can be viewed and downloaded only
Use the/var/ftp/pub directory to store data.
# Useradd-s/sbin/nologin administrator
# Chown administrator: administrator/var/ftp/pub
6. Add a logon File
======> Set the username for the odd line and password for the even line
# Vi/etc/vsftpd/login.txt
Administrator
Administrator
Guest
Guest
5. Generate the vsftpd authentication File
# Db_load-T-t hash-f/etc/vsftpd/login.txt/etc/vsftpd/login. db
6. Create the pam Configuration File. centos is 64-bit, so it is the/lib64 directory. If the 32-bit system uses/lib, check whether these files are in the directory.
# Vi/etc/pam. d/vsftpd. vu
Auth required/lib64/security/pam_userdb.so db =/etc/vsftpd/login
Account required/lib64/security/pam_userdb.so db =/etc/vsftpd/login
7. Create a user configuration file directory
Use the mkdir command to create a user configuration file directory
# Mkdir/etc/vsftpd/user_conf
Create a separate configuration file for the virtual user. The name of the configuration file is the same as the user name.
# Vim/etc/vsftpd/user_conf/administrator # view the configuration 8
# Vim/etc/vsftpd/user_conf/guest
8. Each FTP virtual user can set its permissions independently.
Anon_upload_enable = YES can be uploaded
Download_enable = NO cannot be downloaded
Anon_mkdir_write_enable = YES can be used to create and delete folders.
Anon_other_write_enable = YES can rename and delete files
Local_root =/var/ftp/pub specify the Home Directory
Anon_world_readable_only = NO readable and downloadable
9. Set startup and Common commands
# Chkconfig vsftpd on
# Service vsttpd restart
10. You can access it through a browser. Haha