Red Hat Linux 9 utilizes its simple configuration and user-familiar graphical interface to provide rich Internet services to people, and FTP is one of the services it offers. In many network applications, FTP has a very important position, the Internet in a variety of software resources are placed in the FTP server. Like most Internet services, FTP is also a client/server system. Here's how to set up an FTP server under red Hat Linux 9, in the hope of this.
1. Install VSFTPD server
VSFTPD is currently one of the best Linux FTP Server Tools, of which vs is "Very secure" (very safe) abbreviation, visible its greatest advantage is security, in addition, it also has a small size, can be customized strong, high efficiency advantages.
If you choose to install Red Hat Linux 9.0 completely, the system defaults to installing the VSFTPD server. We can verify this by entering the following command in the Terminal command window:
[Root@ahpeng Root] rpm-qagrep vsftpd
If the result is displayed as "Vsftpd-1.1.3-8," the VSFTPD server is already installed on the system. If you do not select the VSFTPD server when you install Red Hat Linux 9.0, you can click the main menu → system settings → add Delete application menu item in the graphics environment, make sure the FTP server option is selected in the Package Management dialog box that appears, and then click the Update button. Follow the on-screen instructions to insert the 3rd installation disc to begin the installation.
Alternatively, you can insert the 3rd installation CD directly, navigate to the VSFTPD-1.1.3-8.I386.RPM installation package under/redhat/rpms, and then run the following command in the Terminal Command window to begin the installation process:
[Root@ahpeng RPMS] RPM-IVH vsftpd-1.1.3-8.i386.rpm
2. Start/reboot/stop VSFTPD service
Starting with red Hat Linux 9.0, vsftpd only starts the VSFTPD service in standalone mode by default, by running the following command in a Terminal command window:
[Root@ahpeng Root]/etc/rc.d/init.d/vsftpd start
Restart the VSFTPD service:
[Root@ahpeng Root]/etc/rc.d/init.d/vsftpd restart
Turn off the VSFTPD service:
[Root@ahpeng Root]/etc/rc.d/init.d/vsftpd stop
After confirming that the VSFTPD service has been started, we can enter "FTP Ftpaddres" (using the Actual FTP server IP address or domain name instead of ftpaddres) in any Windows Host's DOS command window, note the username, Passwords are FTP (FTP is a mapped user account for anonymous users), as described below:
Microsoft Windows XP [version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
Connected to FTPAddress
//VSFTPD Response Request for VSFTPD (1.1.3)
User (FTPAddress: (None)): ftp//Enter users account FTP
331 Please specify the password.
password://Enter password FTP
230 Login successful. Have fun.
3.vsftpd of configuration
The vsftpd in red Hat Linux 9.0 has 3 profiles, respectively:
Vsftpd.ftpusers: Located in the/etc directory. It specifies which user accounts cannot access the FTP server, such as root.
Vsftpd.user_list: Located in the/etc directory. The user account in the file cannot access the FTP server by default, only when the Userlist_enable=no option is enabled in the vsftpd. conf profile.
Vsftpd.conf: Located in the/ETC/VSFTPD directory. It is a text file, we can use Kate, vi and other text editing tools to modify it, to customize the user Login control, user Rights control, timeout settings, server function options, server performance options, server response messages, such as the configuration of FTP servers.
(1) User Login control
Anonymous_enable=yes, allows anonymous users to log on.
No_anon_password=yes, anonymous users do not need to enter a password when they log on.
Local_enable=yes, allows local users to log on.
Deny_email_enable=yes, you can create a file to keep a blacklist of some anonymous emails to prevent these people from using Dos attacks.
Banned_email_file=/etc/vsftpd.banned_emails, when the deny_email_enable feature is enabled, the desired e-mail blacklist save path (default is/etc/vsftpd.banned_ Emails).
(2) User Rights control
Write_enable=yes, turn on the global upload permission.
local_umask=022, the local user's upload file umask set to 022 (the system defaults to 077, generally can be changed to 022).
Anon_upload_enable=yes, allowing anonymous users to have upload permissions, it is obvious that Write_enable=yes must be enabled before this entry can be used. We also have to create a directory that allows FTP users to read and write (previously, FTP is an anonymous user's mapped user account).
Anon_mkdir_write_enable=yes allows anonymous users to have the right to create a directory.
Chown_uploads=yes, to enable this, the owner of the anonymous upload file will be changed to another user account, note that it is recommended not to specify the root account for anonymous upload files of the owner.
Chown_username=whoever, when the Chown_uploads=yes is enabled, the designated owner account, where the whoever natural to use the appropriate user account to replace.
Chroot_list_enable=yes, you can use a list to qualify which local users can only be active in their own directory, and if Chroot_local_user=yes, the user specified in that list is unrestricted.
Chroot_list_file=/etc/vsftpd.chroot_list, if Chroot_local_user=yes, specifies the save path for the list (Chroot_local_user) (default is/etc/ Vsftpd.chroot_list).
Nopriv_user=ftpsecure, specify a secure user account that allows the FTP server to be used as an independent user with complete isolation and no privileges. This is the recommended option for the VSFTPD system.
Async_abor_enable=yes, it is strongly recommended that you do not enable this option, or you may cause an error.
Ascii_upload_enable=yes;ascii_download_enable=yes, the server pretends to accept the Ascⅱ mode request by default, but it actually ignores such requests, Enabling the above two options allows the server to truly implement Ascⅱ mode transmission.
Note: Enabling the ascii_download_enable option will allow malicious remote users to consume the FTP server's I/O resources in Ascⅱ mode with instructions such as Size/big/file.
The setup options for these Ascⅱ modes are divided into two uploads and downloads, so that we can allow the upload of the Ascⅱ mode (which can prevent malicious files such as uploading scripts from crashing) without the risk of denial-of-service attacks.