Build an FTP server using vsftpd in Linux

Article Title: Use vsftpd to build an FTP server in Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

Vsftpd is short for "very secure FTP daemon". Security is one of its biggest features. Vsftpd is the name of a server running on a UNIX operating system that can run on systems such as Linux, BSD, Solaris, HP-UNIX, etc, it is a completely free ftp server software developed with source code. It supports features not supported by many other FTP servers. For example, high security requirements, bandwidth restrictions, good scalability, virtual User Creation, IPv6 support, and high speed.

This document uses RedHat Linux 9.0 as an example to describe how to install and configure a vsftpd server.

Install the server program

Program: Logging.

1. Preparations before installation:

Before installation, check whether the user "nobody" and directory "/usr/share/empty" exist. If not, create the user and directory.

[Root @ localhost root] # useradd nobody

[Root @ localhost root] # mkdir/usr/share/empty

To allow anonymous access, you also need to create an ftp user and set its home directory to/var/ftp. In RedHat Linux 9.0, these settings are set by default. You only need to create a/var/ftp directory.

[Root @ localhost root] # mkdir/var/ftp

For security purposes, the directory "/var/ftp" should not belong to the user "ftp" or have write permission. Here, we make the following settings:

[Root @ localhost root] # chown root. root/var/ftp

[Root @ localhost root] # chmod 755/var/ftp

2. Start installation:

Copy vsftpd-2.0.3.tar.gz to the/root directory in the linuxlinuxsystem as the administrator ID.

[Root @ localhost root] # tar xzvf vsftpd-2.0.3.tar.gz

[Root @ localhost root] # vsftpd-2.0.3 cd

[Root @ localhost vsftpd-2.0.3] # make

[Root @ localhost vsftpd-2.0.3] # make install

3. Installation and follow-up

Due to source code installation, many necessary configuration files are not copied to the system and need to be copied manually.

Copy the configuration file:

[Root @ localhost vsftpd-2.0.3] # cp vsftpd. conf/etc

Copy the pam verification file: (most users who use vsftpd will encounter this problem after installing with source code: anonymous users can log on, while local users cannot log on regardless of settings, the reason is that vsftpd adopts the PAM Authentication method, and a local user needs to copy the authentication file to access it .)

# Cp RedHat/vsftpd. pam/etc/pam. d/ftp

Vsftpd Configuration

The configuration file of the vsftpd server is/etc/vsftpd. conf, which has many configuration options. Here I only select several common configuration options.

1. Access by anonymous users is prohibited.

Anonymous_enable = NO

2. allow local users to log on and upload files.

Local_enable = YES

Write_enable = YES

To make the above options take effect, you must copy a pam Authentication file to/etc/pam. d and change it to ftp. You can also change it to another name, but you must modify the value of pam_service_name. The default value is ftp.

3. Locking the local user in the main directory does not allow switching to the upper-level directory.

Chroot_local_user = YES

4. Some users are prohibited from logging on to the server through ftp.

If local_enable = YES is set, all users, including the root user, can log on to the server through ftp. For security reasons, some users must be restricted.

There are three option controls in vsftpd. conf:

Userlist_deny = YES/NO

Userlist_enalbe = YES

Userlist_file =/etc/vsftpd. user_list