? Set up the vsftpd service anonymous FTP1. change the upload directory permissions of anonymous users and prepare to download the test file # chownftp/var/ftp/pub2. modify vsftpd. conf configuration file, which allows anonymous users to access and upload licenses # vi/etc/vsftpd. confanonymous_enable = YES // Allow Anonymous Access to local_enable = NO // NO
? Establish vsftpd service based on basic users
Anonymous FTP
1. Adjust the permission of anonymous users to upload directories and prepare to download the test files.
# Chown ftp/var/ftp/pub
2. Modify the vsftpd. conf configuration file to enable Anonymous user access and upload permission.
# Vi/etc/vsftpd. conf
Anonymous_enable = YES // Allow Anonymous Access
Local_enable = NO // when you do not need to enable a local user, we recommend that you set this item to NO
Write_enable = YES // allow write permission
Anon_umask = 022 // permission mask for anonymous users to upload files
Anon_upload_enable = YES // allows anonymous users to upload files
Anon_mkdir_write_enable = YES // Anonymous Users are allowed to write data.
Anon_other_write_enable = YES // allows anonymous users to have other write permissions (use with caution, which may cause security risks)
Dirmessage_enable = YES
Xferlog_enable = YES
Connect_from_port = 20
Xferlog_std_format = YES
Listen = YES
Pam_service_name = vsftpd
Userlist_enable = NO // if the local user is not enabled, the user list function can be disabled.
Tcp_wrapper = YES
3. Restart the service
4. Client download Test
# Ftp 192.168.10.1
# Ftp
# Ls
# Get ftpconfig.tar.bz2
# Cd pub
# Put install. log/wget ftp: // 192.168.10.1/ftpconfig.tar. ba2 (only during download)
# Ls
# Quit/bye
Local FTP
1. Add Test Users
# Useradd wang
# Passwd wang
# Ls-lh/etc/*. conf *>/home/wang/etcconf. list
2. modify the configuration file
Anonymous_enable = NO // if you do not need to enable Anonymous Access, set this parameter to NO
Local_enable = YES // allow local users to access
Write_enable = YES // write permission for development
Local_umask = 022 // permission mask for local users to upload files
Chroot_local_enable = YES // block local users in the home directory for security considerations
Max_clients = 20 // limit the maximum number of concurrent client connections on the client to 20
Max_per_ip = 2 // The maximum number of concurrent connections from the same IP Client
Local_max_rate = 1024000 // The speed limit for local user uploads/downloads is 1 M/s
Pasv_enable = YES // allow passive mode and set the port range
Pasv_min_port = 24500
Pasvanderbilt max_port = 24600
Dirmessage_enable = YES
Xferlog_enable = YES
Connect_from_port = 20
Xferlog_std_format = YES
Listen = YES
Pam_service_name = vsftpd
Userlist_enable = YES
Tcp_wrapper = YES
3. Restart the service
# Service vsftpd restart
4. Verify on the client (verification will not be repeated here)
Create a vsftpd service based on virtual users
1. Create a virtual user name/Password Database
# Rpm-ivh -- aid -- nodeps db4-utils-4.3.29-9.fc6.i386.rpm
# Vi/mima
Wang // username of the odd row
123 // password of an even row
Nan
123
# Db_load-T-t hash-f/mima/etc/vsfpd/vusers. db
-T: allows non-Berkeley DB applications to convert data files from the database in text format
-T hast: Specifies the method for reading data files.
-F: used to specify the user name/password file list
# File/etc/vsftpd/vusers. db
# Chmod 600/etc/vsftpd/vusers. db
2. Create the root directory for FTP access and the system account corresponding to the virtual user
# Useradd-d/var/ftproot-s/sbin/nologin mei // create a mei ing account mei and specify the Home Directory
# Chmod 755/var/ftproot // change FTP directory permissions
# Ls-lh/boot>/var/ftproot/vutest. list // create a test file
3. Create a PAM Authentication File
# Vi/etc/pam. d/vsftpd. vu
Auth required pam_userdb.so db =/etc/vsftpd/vusers
Account required pam_userdb.so db =/etc/vsftpd/vusers
4. Modify the vsftpd configuration file and add user support
Anonymous_enable = NO // if you do not need to enable Anonymous Access, set this parameter to NO
Local_enable = YES // to use a virtual user, you need to enable the local user
Anon_umask = 022
Write_enable = YES
Guest_enable // Enable User ing
Guest_username = mei // specify the ing user as mei
Dirmessage_enable = YES
Xferlog_enable = YES
Connect_from_port = 20
Xferlog_std_format = YES
Listen = YES
Pam_service_name = vsftpd. vu // modify the location of the PAM file used
Userlist_enable = YES
Tcp_wrapper = YES (this is accessible)
5. Create independent configuration files for different users
# Vi/etc/vsftpd. conf
# User_config_dir =/etc/vsftpd/vusers_dir // Add this row configuration item and specify the user configuration directory
# Mkdir/etc/vsftpd/vusers_dir // create a user configuration directory
# Cd/etc/vsftpd/vusers_dir
# Vi wang
Anon_upload_enable = YES
Anon_mkdir_write_enable = YES
Anon_other_write_enable = YES
Anon_max_rate = 1000000
# Vi mei (configuration omitted here)
6. Restart the service.
# Service vsftpd restart
7. Use a virtual user to access FTP and verify