1. Installing the VSFTPD Package
[Email protected] pub]# yum-y install VSFTPD
2. Set the IP address of the server 192.168.4.5
3. Build the test file in the/var/ftp/directory Anon.txt
[Email protected]/]# ifconfig >/var/ftp/anon.txt
4. Create the test file under the user Lisi host directory Lisi.txt
[Email protected]/]# Useradd Lisi
[Email protected]/]# passwd Lisi
Change the password for the user Lisi.
New Password:
Invalid Password: Too short
Invalid Password: too simple
Re-enter the new password:
PASSWD: All the authentication tokens have been successfully updated.
[Email protected]/]# Touch/home/lisi/lisi.txt
[[Email protected]/]# service VSFTPD start
Start vsftpd for vsftpd: [OK]
5. Client Authentication
On the Win7 client:
1) Anonymous access to FTP server, test download, upload
ftp://192.168.4.5/
2) Login to FTP server with user Lisi, test download, upload
On a Linux client:
1) use FTP command to access FTP server, test anonymous access, user login
[[Email protected]/]# FTP 192.168.4.5
Connected to 192.168.4.5 (192.168.4.5).
(VsFTPd 2.2.2)
Name (192.168.4.5:root): FTP
331 Specify the password.
Password:
Successful Login.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (192,168,4,5,26,186).
Here comes the directory listing.
-rw-r--r--1 0 0 12:03 Anon.txt
Drwxr-xr-x 2 0 4096 09:30 Pub
226 Directory send OK.
ftp> pwd
257 "/"
ftp> Bye
221 Goodbye.
2) Login to FTP server with user lisi, download/etc/inittab file, upload Install.log
[[Email protected] ~]# FTP 192.168.4.5
Connected to 192.168.4.5 (192.168.4.5).
(VsFTPd 2.2.2)
Name (192.168.4.5:root): Lisi
331 Specify the password.
Password:
Successful Login.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd/etc/
Directory successfully changed.
Ftp> Get Inittab
Local:inittab Remote:inittab
227 Entering Passive Mode (192,168,4,5,86,88).
Opening BINARY mode data connection for Inittab (884 bytes).
226 Transfer complete.
884 bytes received in 3.7e-05 secs (23891.89 kbytes/sec)
ftp> cd/var/ftp
Directory successfully changed.
Ftp> put Install.log
Local:install.log Remote:install.log
227 Entering Passive Mode (192,168,4,5,95,194).
553 Could not create file.
ftp> Bye
221 Goodbye.
3) Disconnect the FTP connection to view the downloaded file
[[email protected] ~]# ls
Anaconda-ks.cfg Install.log.syslog public Picture Music
Inittab vmwaretools-9.6.0-1294478.tar.gz Template Document Desktop
Install.log vmware-tools-distrib Video Download
6. Modify the configuration file on the server side
[Email protected]/]# vim/etc/vsftpd/vsftpd.conf
Add the following content
Anonymous_enable=yes//(default) Allow Anonymous Logon
Anon_upload_enable=yes//Allow anonymous uploading of files
Anon_mkdir_write_enable=yes//Allow anonymous creation of directories
Anon_other_write_enable=yes//Allow other write permissions
Write_enable=yes //(default) Allow Write (global)
anon_umask=022//Set upload file permission mask
[Email protected] ~]# chown ftp/var/ftp/pub/
[Email protected]/]# service VSFTPD Reload
Note: You can not modify the directory of the/var/ftp/is the main FTP because of the security mechanism of Linux, if so set, then anonymous users will not be able to access, if you want to let anonymous users have modified, write permission only in their subdirectories set the owner of the FTP
7. Imprison Local Users--host directory
Modify the configuration file to add the following content
Chroot_local_user=yes
8. Set the black and white list to access the FTP server
Blacklist files:/etc/vsftpd/ftpusers
Black/White list:/etc/vsftpd/user_list
1) User_list as the blacklist (default)
Userlist_enable=yes//(default) Enable User_list list file
Userlist_deny=yes//(default)
2) Change the user_list as a whitelist
Userlist_enable=yes//(default) Enable User_list list file
Userlist_deny=no//User_list as Whitelist