Linux Network Fundamentals 1

Garbled conversion Tool
Using CONVMV Software: Windows Chinese characters encoded as GB2312
Linux Chinese characters encoded as Utf-8
Options:
-F: Encoding Chinese characters in source files
-T: converting to character encoding
-R: Delegate recursion
--notest: No test, direct conversion
[[email protected]] #convmv-F gb2312-t utf-8-R--notest
————————————————————————————————————————————————————————————

Build FTP Service
[[email protected] desktop] #yum-y install vsftpd (installation vsftpd)
[[Email protected] Desktop]# chkconfig vsftpd on (set random self-start)
[[Email protected] Desktop]# chkconfig vsftpd--list (View status)
VSFTPD 0: Off 1: Off 2: Enable 3: Enable 4: Enable 5: Enable 6: Off
[[Email protected] Desktop]#/ETC/INIT.D/VSFTPD status (open service, default shared folder is/var/ftp/)
[[Email protected] Desktop]# mkdir-p/var/ftp/iso/rhel6 (create warehouse directory)
[[email protected] ~]# mount-o loop/iso/rhel-server-6.7-x86_64-dvd.iso/var/ftp/iso/rhel6/(local mount image needs to add-o loop option)
[[email protected] ~]# vim/etc/fstab (boot auto mount)
/iso/rhel-server-6.7-x86_64-dvd.iso/var/ftp/iso/rhel6/iso9660 defaults,loop 0 0 (write on config)
[[email protected] ~]# umount/var/ftp/iso/rhel6/(unload mount point)
[[email protected] ~]# ls/var/ftp/iso/rhel6/(Test auto mount)
EFI eula_it highavailability README Scalablefilesystem
EULA Eula_ja Images Release-notes Server
Eula_de Eula_ko isolinux repodata TRANS. TBL
Eula_en eula_pt LoadBalancer Resilientstorage
Eula_es Eula_zh Media.repo Rpm-gpg-key-redhat-beta
Eula_fr GPL Packages Rpm-gpg-key-redhat-release

[[Email protected] Desktop]# VIM/ROOT/.BASHRC (create alias)
Alias rm= ' Rm-i '
Alias cp= ' Cp-i '
Alias mv= ' Mv-i '
Alias Goa= ' ssh-x [email protected] '
Alias gob= ' ssh-x [email protected] '
———————————————————————————————————————————————————————
SSH set Public key authentication
[Roo[email protected] Desktop]# Ssh-keygen (generate public and private keys)
Generating public/private RSA key pair.
Enter file in which to save the key (/ROOT/.SSH/ID_RSA): (Public key private key is/root/.ssh)
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? Y
Enter passphrase (empty for no passphrase):
Enter same Passphrase again:
Your identification has been saved In/root/.ssh/id_rsa.
Your public key has been saved in/root/.ssh/id_rsa.pub.
The key fingerprint is:
80:d1:60:da:be:5d:53:23:e8:50:25:09:f7:b0:fd:f0 [email protected]
The key ' s Randomart image is:
+--[RSA 2048]----+
| =+=o. |
| + =ob |
| . + + = O |
| . O. * . |
| . . S E |
| O. . |
| . . |
| |
| |
+-----------------+
[[Email protected] Desktop]# ls/root/.ssh/(view public and private keys)
Authorized_keys Id_rsa id_rsa.pub
[[Email protected] Desktop]# ssh-copy-id [email protected] (copy the public key to the host that needs to be managed remotely, do not enter the password later)

————————————————————————————————————————————————————————————

c/S service architecture
Typical service mode: C/s,client/server
A resource or a function provided by the server
Clients use resources or features

Server: An application capable of providing some kind of resource or function
Need to listen to a port on the server for an IP address

Client: An application that has access to a resource or feature
Ability to connect to server-side programs via IP address, port number

Application layer protocol: a set of communication protocols that the server and the client adhere to together

Common network services:
———————————————————————————— +
Type | Resources, Features | Application Layer Protocol |
File Transfer | File Download, upload | FTP |
website | Web browsing | HTTP |
Domain name | Internet Address Finder | DNS |
Remote machine | Operating System Installation | Dhcp,pxe |
Virtualization | Virtual Machines | ----- |
Mail | E-mail Delivery | Smtp,pop3,imap |
Remote Sync | Incremental backup, directory mirroring | RSYNC |
———————————————————————————— +

FTP Service Overview: File Transfer Protocol based on C/s structure
The FTP session layer belongs to a composite TCP connection:
Control connection: TCP 21 port, sending FTP command information
Data connection: TCP 20 port, uploading data

Data connection mode
Active Mode: server 2 Port-Active connection-"client"
Passive mode: Server XX Port-Passive connection-Client
XX port range must be pre-qualified

Transfer mode
Text mode: ASCLL mode, text sequence transfer
Binary mode: Binary mode, binary sequence transfer

FTP User type
Anonymous User: FTP or Anonymous
Local User: Linux Server native System user account
Virtual User: Account information is stored in a separate file or database

VSFTPD Service Basics
Service Programs and scripts
Service Program:/USR/SBIN/VSFTPD
System Services Script:/ETC/INIT.D/VSFTPD
Configuration directory:/ETC/VSFTPD
Master configuration file: vsftpd.conf

FTP Command Tool
Format: FTP server address
Log in as prompted (anonymous user can be any password)
[[Email protected] ~]# FTP 192.168.4.254
Connected to 192.168.4.254 (192.168.4.254).
(VsFTPd 2.2.2)
Name (192.168.4.254:root): Anonymous
331 Specify the password.
Password:
Successful Login.
Remote system type is UNIX.
Using binary mode to transfer files.
Ftp>
Enter in ftp>? List of available commands
Download: Get/mget,wget
Uploaded: Put/mput
LCD switch local directory, quit or by exit
Use! External shell command operation can be recalled

Common Global configuration FTP configuration (enabled for Yes, off to No)
Listen: Whether to monitor the service in a standalone manner
Listen_address: Set the IP address of the Listening FTP service
Listen_port: Setting Ports to listen for FTP services
Write_enable: Whether Write permission is enabled
Download_enable: whether to allow download
Anonymous_enable: Whether to enable anonymous access
Anon_root: Root directory for anonymous FTP
Local_root: FTP root directory for Local Users
Local_umask: Permission mask uploaded by local user
Chroot_local_user: Whether to imprison the master directory

User Access Control
Blacklist file:/etc/vsftpd/ftpusers included in which the user is tight = Forbidden access
Black/White list file:/etc/vsftpd/user_list
Userlist_enable=yes
Userlist_deny=yes|no
Whether to start this file when determined by userlist_enable
When Userlist_deny=yes, this file is blacklisted, otherwise the whitelist

FTP Connection and Transmission control
concurrency limit, broadband limit
Max_clients: Limit the number of concurrent clients
MAX_PRE_IP: Limit the number of concurrent connections per client IP
Anon_max_rate: Anonymous Max Speed (Bytes/sec)
Local_max_rate: Verify user Maximum speed (Bytes/sec)

Service Listening Address
Concept:
Which network interface The system service is serving
Like listen_address=192.168.1.1.
Refers to an IP address of the server, not the client address
If not specified, the default is to listen on all interfaces

Linux Network Fundamentals 1