Linux FTP Server Settings

Source: Internet
Author: User
Tags free ftp
Article Title: Linux FTP server settings. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Preface:
  
I started learning REDHAT LINUX7.0 half a month ago. As a newbie to Linux, I encountered some inevitable problems. By reading books and materials, viewing BBS, I tried to solve some problems. Think of your own experience and lessons for others to learn from, so you can write it out, and save it as study notes, and hope to help your friends who have just started Linux. Due to my limited ability, it is inevitable that there are some omissions in my notes. Please also master Hai Han.
  
1. FTP Overview
  
The most widely used network applications are WWW and FTP. FTP is the abbreviation of File Transport Protocol. The FTP server can provide File transfer service on the network. The FTP Server can be divided into Anonymous Server (Anonymous Ftp Server) and system FTP Server based on different service objects. The former can be used by anyone, and the latter can only be used by anyone with a valid account on the FTP server.
  
II. Introduction to ProFTPD
  
Currently, free FTP server software commonly used in UNIX and LINUX is mainly Wu-FTP and ProFTP. Wu-FTP is widely used in many Unix and Linux systems. It is the default FTP server software for RedHat Linux, but many security vulnerabilities have been found. ProFTP is developed for the weaknesses of Wu-FTP. In addition to improved security, it also has many features that Wu-FTP does not have, such as simple setup and running in Stand-alone mode. ProFTP has become the most popular FTP server software After Wu-FTP. More and more sites choose it to Build Secure and Efficient FTP sites. TurboLinux is an example.
  
3. ProFTP settings
  
Set Goals: Configure RedHat Linux with IP address 10.0.8.39 as an FTP server and allow anonymous access to the FTP server using anonymous, and only allow the same network segment (10.0.8. *) the computer has the Write permission on the FTP "incoming" directory.
  
You can download the latest ProFTP version from www.proftpd.org. Here we will illustrate the stable version 1.2.1 rpm installation package (source code compilation is also very simple.
  
Step 1: Configure basic anonymous servers
  
After downloading the rpm of 1.2.1, right-click the file in the Gnome window and click "Show info" to view the rpm package information. Note the default installation path of some files, for example,/usr/local/etc/proftpd. conf (ProFTPD configuration file),/usr/sbin/proftpd (run the Proftpd command in stand-alone mode ), /usr/doc/proftpd-1.2.1 (The Proftpd documentation and the directory where the configuration instance file is located), and then double-click the rpm package to install the software.
  
If you select the FTP service when installing RedHat Linux7.0 like me, you must first Delete the installed Wu-FTP software. Enter "rpm-e anonftp" and "rpm-e wu-ftpd" to delete the existing FTP service.
  
After ProFTP is installed, edit/usr/local/etc/proftpd. conf, find "Group nobody", and change it to "Group nobody" because there is no "nobody" Group in RedHat Linux7.0. So far, an FTP server that provides anonymous services can run. Enter "proftpd" to run the FTP service, and then "ftp 10.0.8.39" to log on as "anonymous" to check whether the FTP service can be logged on normally. Generally, you can log on to the console.
  
Note: directly running "Proftpd" will enable the FTP service to start in stand-alone mode. This mode is more secure than dameon process mode and is recommended. However, you can add "Proftpd" to/etc/rc. d/rc. local, so that the Proftpd starts after the computer starts up.
  
Step 2: configure the incoming sub-Directory Permissions
  
Open proftpd. conf and add the following settings between segments:
  
  
Order allow, deny
Allow from 10.0.8.
Deny from all
  
  
It indicates that, under the incoming subdirectory, the client that logs on from the 10.0.8 segment has the WRITE permission. Other users cannot WRITE to this directory. If you want to open the write permission to all users, you only need to replace the content between the two with "Allowall".
  
4. FTP server commands
  
1. ftpshut: Shut down the FTP service and generate the file shutmsg under/etc. To reopen the FTP service, delete/etc/shutmsg.
2. ftpcout: displays the number of online users on the FTP server.
3. ftpwho: List of FTP server online personnel.
  
  
Appendix: full text and explanation of Proftpd. conf
  
# This is a basic ProFTPD configuration file (rename it
# 'Proftpd. conf' for actual use. It establishes a single server
# And a single anonymous login. It assumes that you have a user/group
# "Nobody" and "ftp" for normal operation and anon.
  
ServerName "my redhat linux ftp" # Set the FTP server name
  
ServerType standalone # Set FTP to run in Standalone mode instead of dameon Mode
  
DefaultServer on # working on the default FTP Server
  
# Port 21 is the standard FTP port.
  
Port 21 # default Port occupied by the FTP service
  
# Umask 022 is a good standard umask to prevent new dirs and files
  
# From being group and world writable.
Umask 022 # default
  
RequireValidShell off # ensure that anonymous users log on normally and do not change
  
ServerIdent off # Do Not Display ftp server version information to enhance security
# To prevent DoS attacks, set the maximum number of child processes
# To 30. If you need to allow more than 30 concurrent connections
# At once, simply increase this value. Note that this ONLY works
# In standalone mode, in inetd mode you shoshould use an inetd server
# That allows you to limit maximum number of processes per service
# (Such as xinetd)
MaxInstances 30
  
# Set the user and group that the server normally runs.
  
User nobody # Set the FTP service to run with nobody
  
Group nobody # Note: It turns out to be "Group nobody" and must be changed to "Group nobody"
  
# Normally, we want files to be overwriteable.
  
AllowOverwrite on
  
  
# A basic anonymous configuration, no upload directories. The following section describes the settings of the anonymous service.
  
  
User ftp # anonymous login using ftp users
  
Group ftp # Anonymous Logon using ftp Group
  
# We want clients to be able to login with "anonymous" as well as "ftp"
  
UserAlias anonymous guest # Alias for the ftp user anonymous, so that anonymous logon is an ftp user logon.
  
# Limit the maximum number of anonymous logins
  
MaxClients 10 # Up to 10 anonymous users are online simultaneously
  
# We want 'Welcome. msg 'displayed at login, and'. message' displayed
  
# In each newly chdired directory.
  
DisplayLogin welcome. msg # welcome information displayed when you log on to FTP. Put it in the FTP root directory.
  
DisplayFirstChdir. message
  
# Limit WRITE everywhere in the anonymous chroot
Order allow, deny
Allow from 10.0.8.
Deny from all
  
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.