Aliyun based on CentOS using VSFTPD to build FTP server _linux

Source: Internet
Author: User
Tags ftp client centos aliyun

Recently, you need to build an FTP server on a Aliyun cloud server and share some of the configuration we've made based on our actual requirements in this blog post.

The FTP software is vsftpd.

VSFTPD is one of the most admired FTP server programs in the Linux distribution. The feature is small and brisk, safe and easy to use.

VSFTPD's name stands for "Very secure FTP daemon", and security is one of the top issues considered by its developer Chris Evans. At the beginning of the design and development of this FTP server, high security is a goal.

Preparatory work

Install VSFTPD

Yum Install vsftpd

Set up boot vsftpd FTP service

Chkconfig vsftpd on

Open VSFTPD configuration file

Vi/etc/vsftpd/vsftpd.conf

Requirements and configuration

1. Do not allow anonymous access

Anonymous_enable=no

2. Use local account for FTP user logon authentication

2.1 Allow FTP user logon authentication using a local account

Local_enable=yes

2.2 Create a local account for FTP logins

To increase user Ftpuser, the home directory is/home/ftp and the SSH permission is not allowed to log on.

useradd-d/home/ftp-g ftp-s/sbin/nologin ftpuser-p Password

This command is referenced from: CentOS 6.2 FTP configuration.

Useradd Command Reference documentation: Linux Useradd

2.3 Allow only newly created Ftpuser login FTP

Vi/etc/vsftpd/vsftpd.conf

Userlist_enable=yes
Userlist_deny=no

Vi/etc/vsftpd/user_list

Note All accounts, add Ftpuser

# vsftpd UserList
# If Userlist_deny=no, only allow users in this file
# If Userlist_deny=yes (default), never allow users in this file, and
# don't even prompt for a password.
# that's the default Vsftpd Pam Config also checks/etc/vsftpd/ftpusers
# for the users that are denied.
#root
#bin
#daemon
#adm
#lp
#sync
#shutdown
#halt
#mail
#news
#uucp
#operator
#games
#nobody
Ftpuser

Configuration here, you can remotely use FTP client login and upload files, files will be saved in the Ftpuser home directory, that is,/home/ftp.

3. Do not allow FTP downloads

Vi/etc/vsftpd/vsftpd.conf

Download_enable=no

4. Only allow the specified IP to connect

4.1 Installation Tcp_wrappers

Yum-y Install Tcp_wrappers

4.2 Check if Tcp_wrappers is set to Yes

Vi/etc/vsftpd/vsftpd.conf

Tcp_wrappers=yes

4.3 Add back the allowed IP

Vi/etc/hosts.allow

VSFTPD: Allowed IP Address

4.4 Deny all other IP

Vi/etc/hosts.deny

Vsftpd:all

The above is the entire content of this article, I hope to help you learn, but also hope that we support the cloud habitat community.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.