Command:
View the network connection status (whether vsftp is enabled): sudo netstat-tulnp
Stop the vsftpd service: sudo service vsftpd stop
Start vsftpd service: sudo service vsftpd start
Today, I encountered a problem. It took a long time to find the cause. It turned out that the file name contains multiple spaces and can be found only when tab is completed under the command line. Alas. I would like to write it down and keep it as a warning.
Note that no blank lines or spaces are allowed in all configuration files; otherwise, an error will occur! The connection is denied because the service is not started. If sudo/usr/sbin/vsftpd is used, an error is displayed.
If you can only download files and cannot upload files, check the permissions of each directory.
First, the following two subdirectories are created in the/home/vsftpd directory. Change the File Permission.
(SUDO chmod 777 basic)
We will create three virtual users with the same password and user name.
Make
- The main directory of user basic is basic, which has only the read-only permission.
- The main directory of user Super is super, which has only the read and write permissions.
1. Install vsftp and db4.8
Sudo apt-Get install vsftpd
Sudo apt-Get install db4.8-util
2.create loguser.txt (SUDO touch/home/loguser.txt) as follows (odd behavior username, even behavior password ):
Basic
Basic
Super
Super
3. Generate the username database file:
Sudo touch/etc/vsftpd_login.db
sudo chmod 600 /etc/vsftpd_login.db
sudo db4.8_load -T -t hash -f /home/loguser.txt /etc/vsftpd_login.db4.
Configure the PAM File
Edit the/etc/PAM. d/vsftpd. vu file and copy the following content to the first two lines of the original file:
Sudo gedit/etc/PAM. d/vsftpd. vu
auth required /lib/security/pam_userdb.so db=/etc/vsftpd_loginaccount required /lib/security/pam_userdb.so db=/etc/vsftpd_login
- The database vsftpd_login we created in the previous step is used here (note that there is no. dB at last)
- The created virtual user will use Pam for verification. This is enabled through the statement pam_service_name = vsftpd. vu in the/etc/vsftpd. conf file. You will find it later.
5.
Create a local system user for a virtual user
Create a new system user vsftpd. the user's home directory is/home/vsftpd, and the user logon terminal is set to/bin/false (even if the user cannot log on to the system)
Sudo useradd vsftpd-D/home/vsftpd-S/bin/false
Sudo mkdir/home/vsftpd
Sudo chown vsftpd: vsftpd/home/vsftpd
6. Edit the/etc/vsftpd. conf file.
Sudo gedit/etc/vsftpd. conf
Copy the following content:
Listen = Yes
Anonymous_enable = No
Local_enable = Yes
Dirmessage_enable = Yes
Use_localtime = Yes
Xferlog_enable = Yes
Connect_from_port_20 = Yes
Xferlog_file =/var/log/vsftpd. Log
Xferlog_std_format = Yes
Idle_session_timeout = 600
Data _ connection_timeout = 120
Ascii_upload_enable = Yes
Ascii_download_enable = Yes
Ftpd_banner = welcome to FTP service.
Chroot_local_user = Yes
Guest_enable = Yes
Guest_username = vsftpd
User_config_dir =/etc/vsftpd_user_conf
Secure_chroot_dir =/var/run/vsftpd/empty
Pam_service_name = vsftpd. vu
Rsa_cert_file =/etc/SSL/private/vsftpd. pem
Local_umask = 022
Anon_root =/home/ftp
Local_root =/home/ftp
Anon_max_rate = 0
Anon_upload_enable = No
Anon_mkdir_write_enable = No
Anon_other_write_enable = No
Chroot_local_user = Yes
Write_enable = Yes
Force_dot_files = No
Tcp_wrappers = Yes
7. Change the permissions of the two user names:
sudo mkdir /etc/vsftpd_user_conf
cd /etc/vsftpd_user_conf
sudo touch basic super
The basic file contains the following content:
Local_root =/home/vsftpd/basic
The contents of the Super file are as follows:
write_enable=YESanon_world_readable_only=NO anon_upload_enable=YES anon_mkdir_write_enable=YES anon_other_write_enable=YES local_root=/home/vsftpd/super
7. Restart vsftpd to change the configuration.