Install and configure vsftpd on Linux

Install and configure vsftpd on Linux
From: http://www.webarch.org/category/linux

My production environment is centos5.6. To provide the FTP service, I found a relatively small FTP server software, vsftpd (the name of vsftpd stands for "very secure FTP daemon ", security is one of the top concerns of its developer Chris Evans. At the beginning of the FTP server design and development, high security is a goal .)

1. check whether vsftp rpm-Qa | grep vsftpd is installed. If a vsftpd-2.0.5-21.el5 appears, vsftp has been installed to install vsftp Yum-y install vsftpd 2. test whether the installation is successful (change the IP address to your own. Do not use your logon password as the anonymous logon User: The anonymous password is blank. If the logon succeeds, the following content indicates that vsftpd is successfully installed) [root @ localhost ~] # Service vsftpd start vsftpd: [OK] 3. Configure vsftpd # whereis vsftpd: the main directories for installing/usr/sbin/vsftpd/etc/vsftpd/usr/share/man/man8/vsftpd.8.gz Yum are the preceding three directories. The configuration file vsftpd is used. conf in/etc/vsftpd, the following describes how to configure vsftpd. conf # default configuration file:/etc/vsftpd. conf # The following are the configuration options and instructions ######### core settings ############ allow local users to log on to local_enable = yes # write permission of the local user write_enable = yes # permission to use the FTP local file, the default value is 077 # It is generally set to 022 local_umask = 022 # When switching the directory # Whether to display the object Directory. message content dirmessage_enable = Yes dirlist_enable = No # verification method # pam_service_name = vsftpd # enable the data connection of the FTP data port connect_from_port_20 = yes # Run Listen = yes in an independent FTP service # modify the connection port # listen_port = 2121 ######### Anonymous Logon Settings ########### Allow Anonymous logon to anonymous_enable = No # If anonymous logon is allowed # Whether to enable Anonymous upload permissions # anon_upload_enable = yes # If anonymous logon is allowed # whether to allow anonymous creation of folders and file uploading in the folder # anon_mkdir_write_enable = yes # If anonymous logon is allowed # an anonymous account can permission for deletion # anon_other_write_enabl E = yes # If anonymous logon is allowed # anonymous download permission # If anonymous is other, you can set directory/File Attribute control # anon_world_readable_only = No # If anonymous logon is allowed # the transmission rate of anonymous users is limited, unit bite # anon_max_rate = 30000 ######### User restriction settings ################ restrict logon # Use userlist user Access # userlist_enable = yes # users in the list are not allowed to access # userlist_deny = No # Restrict the path of the list file # userlist_file =/etc/vsftpd/userlist_deny.chroot #### restrict directories # restrict all users from using the Home Directory # chroot_local_user = yes # Restrict the user name in the home directory by calling a single chroot_list_enable = yes # restrict the use of the home directory Path of the user list: chroot_list_file =/etc/vsftpd/chroot_list ########## log settings ########## xferlog_file =/var/log/vsftpd. log # activate the upload/download log xferlog_enable = yes # use the standard log format # xferlog_std_format = Yes ########## Security Settings ######## #### idle user timeout, unit: seconds # idle_session_timeout = 600 # idle data connection timeout, in seconds # data_connection_timeout = 120 # Disconnect the client after being idle for 1 minute # accept_timeout = 60 # Disconnect the client after 1 minute # connect_timeout = 60 # local user transmission rate, in bite # local_max_rate = 5 0000 # maximum number of FTP connections # max_clients = 200 # maximum number of connections per IP # max_per_ip = 5 ######### passive mode setting ######## #### account opening passive mode pasv_enable = yes # passive mode minimum port pasv_min_port = 5000 # passive mode maximum port pasv_max_port = 6000 ####### other settings ## ######### welcome information: ftpd_banner = welcome to FTP server! 4. Add an FTP firewall rule:/sbin/iptables-I input-P TCP -- dport 21-J accept/etc/rc. d/init. d/iptables save/etc/init. d/iptables restart 5 add a user (Note: Add a nologin user ftpuser here): useradd-D/home/ftp-S/sbin/nologin ftpuser if vsftpd is enabled, restart pkill vsftpd/usr/sbin/vsftpd & 6. The entire small FTP server is successfully set up. You can use filezilla FTP, flashfxp, and other client software to log on to the FTP server.