Simple setup of FTP server under Ubuntu (Linux)

Source: Internet
Author: User

Objective

It is only today that the FTP server is super easy to use. Eliminates the data cable and annoying LAN configuration SMB. Of course, there are some shortcomings. For example, only clients can read and write to the server. The server cannot read and write on the client.

One VSFTPD installation

? ? ? Ubuntu under terminal use command installation: sudo apt-get install vsftpd

Two VSFTPD configuration
Profile default path is/etc/vsftpd.conf, below I put myself to use the contents of the configuration file under the description: Open monitoring Listen=yes
Whether to allow anonymous access to Anonymous_enable=no
Whether to allow local users to log on Local_enable=yes
Whether to allow logon user support for file write (Write permission) Write_enable=yes
The umask value of the local user's new file, which determines the permission to upload the file. The algorithm uses UNIX's privilege algorithm. (Umask 022, the default file created will not block the permissions of the user, block the same group of users of the W permissions, shielding the other user's W permissions, so the default permissions of the file is 755, the easier way is to use 777 minus 022, get 755) local_umask=022
When you switch directories, use the. Message in the directory to display the message Dirmessage_enable=yes
Whether to use host time Use_localtime=yes
When set to YES, record upload download Xferlog_enable=yes
Port number of active connection Connect_from_port_20=yes
Log path Xferlog_file=/var/log/vsftpd.log
Log Format Xferlog_std_format=yes
Welcome information ftpd_banner=welcome to blah FTP service.
        Default
Secure_chroot_dir=/var/run/vsftpd/empty

VSFTPD's identity authentication method
Pam_service_name=vsftpd

Default
Rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem

Default
Rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

The following three types need to be explained in detail (heavy):
Chroot_local_user=yes
Chroot_list_enable=yes
Chroot_list_file=/etc/vsftpd.chroot_list

If set to

Chroot_local_user=yes
Chroot_list_enable=yes (this line can not, also can have)
Chroot_list_file=/etc/vsftpd.chroot_list

Then, any user who is added to the file vsftpd.chroot_list is not subject to restriction.
That is, you can browse the parent directory of its home directory.

Therefore, if you do not want a user to be able to browse the content in the parent directory of their home directory, you can set it up, and then do not add the user in the file vsftpd.chroot_list (at which point the user in the file can browse to a directory other than their home directory).

Or, set the following

Chroot_local_user=no
Chroot_list_enable=yes (this line must have, otherwise the file vsftpd.chroot_list will not work)
Chroot_list_file=/etc/vsftpd.chroot_list

Then add all users who do not wish to have access to the directory on their home directory to file Vsftpd.chroot_list, and if there is no such file, create it themselves (at this point, the user in the file is not allowed to browse to a directory other than their home directory) (a single user name).

Reference Blog: http://blog.csdn.net/wangqiaoshi/article/details/35252715

Three advice
      You must restart the FTP server after you have configured the configuration change configuration file.
Reboot, start up, stop operation, respectively.
Service VSFTPD Restart|start|stop
Four Common mistakes

To avoid a security vulnerability, the Chroot directory must not be writable starting with vsftpd 2.3.5. (

Oops:?vsftpd:refusing to run with writable root inside Chroot ()

) using the command:

# chmod A-w/home/user
User is the username that needs to access the FTP server, my name is/home/rish.

Simple setup of FTP server under Ubuntu (Linux)

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.