Linux installation vsftpd Summary, pro-Test energy

I use the Ubuntu installation of VSFTPD, reproduced please indicate the source, the following is my record:

1. Enter "sudo apt-get update" and "Enter the administrator password of the currently logged in user"--return, then. If you do not run the command and install VSFTPD directly, a "few packages cannot be downloaded, you can run the Apt-get update------" error message, which causes the installation to fail.
(Note: If you enter the "sudo ..." command after the prompt: "Unable to resolve host", you Can "127.0.0.1 localhost" in the "vim/etc/hosts" file after + space + your machine name, If you don't have this line, add it to the first line)

2. Enter "sudo apt-get install vsftpd"-and enter-and-install is complete.

3. Enter "Vsftpd-v" if the version number is displayed to indicate that the installation was successful.

4. Create a new "/home/web" directory as the user home directory, there is a pit: "/home/web" file permissions can not be set 777, only 755, otherwise it will cause FTP connection, and then create a new "/home/web/www" directory, The permissions for this directory can be set to 777.
mkdir "/home/web"
Chmod-r 755 "/home/web"
mkdir "/home/web/www"
Chmod-r 777 "/HOME/WEB/WWW"

5. Type "sudo useradd-d/home/web-m ftptest"--enter "sudo passwd ftptest" to enter the user's new success--input--ftptest user's password--enter-- > enter the password two times--and enter--the password is set successfully.

6. Enter "vim/etc/vsftpd.conf" to modify the vsftpd.conf file:
Common Configuration Instructions:
#禁止匿名访问
Anonymous_enable=no
#接受本地用户
Local_enable=yes
#允许上传
Write_enable=yes
#用户只能访问限制的目录
Chroot_local_user=yes
#设置固定目录 (very important), added at the end. If you do not add this line will cause the subsequent FTP can not connect, each user corresponding to their own directory (user home directory), of course, this folder built
Local_root=/home/web

#如果使用主动模式, the following lines may not be configured
#使用被动模式
Pasv_enable=yes
#端口设置
pasv_min_port=1024
pasv_max_port=1048
pasv_address= your Access IP (server extranet IP)

To add a knowledge point about active mode and passive mode, FTP is a TCP-based service that uses 2 ports, a data port, and a command port (also called a control port). Typically, the two ports are 21 (command port) and 20 (data port). But the FTP works differently, the data port is not always 20. This is the biggest difference between active and passive FTP.

Active mode: On the data connection, the server is connected from Port 20 to the port with the client greater than 1024
Command connection: Client (>1024 port), server 21 port
Data connection: Client (>1024 port) <-Server 20 port

Advantage: Active FTP is advantageous to the management of FTP server, but it is disadvantageous to the management of the client. Because the FTP server attempts to establish a connection to the client's high-level random port, the port is likely to be blocked by the client's firewall.

Passive mode: On a data connection, the client is connected to a port greater than 1024 on the server from 1024 ports
Command connection: Client (>1024 port), server 21-side
Data connection: Client (>1024 port) server (>1024 port)

Advantage: Passive FTP is advantageous to the management of FTP client, but it is disadvantageous to server side management. Because the client is going to establish two connections to the server, one of them is connected to a high-level random port, and the port is likely to be blocked by the server-side firewall.

7. Enter "VIM/ETC/PAM.D/VSFTPD"
Comment out
#auth Required Pam_shells.so
Then enter "/etc/init.d/vsftpd restart" to restart the service
Reason:
This is because the module is enabled, only users with a shell can access it, what is with the shell? You can take a look at the \etc\shells file, which is listed here is the list of available shells, and then you execute the cat \etc\passwd, the last line you can see your newly added users, than you can see the new user did not specify the shell, so there is no shell , you are being sent a good card by this effective module.

8. Operation Command Description:/ETC/INIT.D/VSFTPD start/stop/restart (Start/stop/restart).

9. Client computer Installation "FileZilla" Connection FTP server, this is free, MAC, Windows version has, if the connection error (prompting the problem of passive mode, in the FileZilla in the setting item in the passive mode is set to: Return to active mode)

Linux installation vsftpd Summary, pro-Test energy