Build FTP server under CentOS

VSFTPD is the more famous FTP server under Linux, it is of course preferred to build FTP server. This article describes the process of installing VSFTPD under CentOS 6 4, configuring virtual users to log on to FTP. Is

VSFTPD is the more famous FTP server under Linux, it is of course preferred to build FTP server.

This article describes the process of installing VSFTPD under CentOS 6.4, configuring virtual users to log on to FTP.

Body:

One: Installation vsftpd

See if VSFTPD is already installed

1234	rpm -qa | grepvsftpd#如果没有，就安装，并设置开机启动yum -y installvsftpdchkconfig vsftpd on

Second: Virtual user-based configuration

The so-called virtual user is not using the real account, just by mapping to the real account and set permissions for the purpose. Virtual users cannot log in to the CentOS system.

Modifying a configuration file

Open/etc/vsftpd/vsftpd.conf, do the following configuration

123456789101112

anonymous_enable=NO #设定不允许匿名访问local_enable=YES #设定本地用户可以访问。注：如使用虚拟宿主用户，在该项目设定为NO的情况下所有虚拟用户将无法访问chroot_list_enable=YES #使用户不能离开主目录ascii_upload_enable=YESascii_download_enable=YES #设定支持ASCII模式的上传和下载功能pam_service_name=vsftpd #PAM认证文件名。PAM将根据/etc/pam.d/vsftpd进行认证以下这些是关于vsftpd虚拟用户支持的重要配置项，默认vsftpd.conf中不包含这些设定项目，需要自己手动添加guest_enable=YES #设定启用虚拟用户功能guest_username=ftp#指定虚拟用户的宿主用户，CentOS中已经有内置的ftp用户了user_config_dir=/etc/vsftpd/vuser_conf#设定虚拟用户个人vsftp的CentOS FTP服务文件存放路径。存放虚拟用户个性的CentOS FTP服务文件(配置文件名=虚拟用户名进行认证chroot_list_file=/etc/vsftpd/vuser_passwd.txt

First of all, installing the Berkeley DB Tool, many people can not find the db_load problem is not to install this package.

1	yum installdb4 db4-utils

Then, create the user password text/etc/vsftpd/vuser_passwd.txt, note that the odd line is the user name, and even the line is the password

12	test123456

Next, generate a DB file for virtual user authentication

1	db_load -T -t hash-f /etc/vsftpd/vuser_passwd.txt /etc/vsftpd/vuser_passwd.db

Then, edit the authentication file/etc/pam.d/vsftpd, all comments out the original statement, and then add the following two sentences:

12	auth required pam_userdb.so db=/etc/vsftpd/vuser_passwdaccount required pam_userdb.so db=/etc/vsftpd/vuser_passwd

Finally, create a virtual user profile

12345678910

mkdir/etc/vsftpd/vuser_conf/vi /etc/vsftpd/vuser_conf/test #文件名等于vuser_passwd.txt里面的账户名，否则下面设置无效内容如下local_root=/ftp/www#虚拟用户根目录,根据实际情况修改write_enable=YESanon_umask=022 #掩码anon_world_readable_only=NO anon_upload_enable=YES anon_mkdir_write_enable=YESanon_other_write_enable=YES

Set SELinux (if your selinux is turned on)

12	setsebool -P ftp_home_dir=1   #设置ftp可以使用home目录sersebool -P allow_ftpd_full_access=1   #设置ftp用户可以有所有权限

Set FTP root permissions

123	mkdir/ftp/www   #创建目录chmod R 755 /ftpchmodR 777 /ftp/www

The latest VSFTPD requires no write permission to the home directory, so FTP is 755, and the subdirectory below the home directory sets 777 permissions

Set up a firewall

Open/etc/sysconfig/iptables

Under "-A input–m State--state new–m tcp–p–dport 22–j ACCEPT", add:

1	-A INPUT m state --state NEW m tcp p dport 21 j ACCEPT

Then save and close the file, run the following command in the terminal and refresh the firewall configuration:

1	service iptables restart

OK, run "service vsftpd start" and you will be able to access your FTP server.

Configuring PASV Mode

VSFTPD default does not turn on PASV mode, now FTP can only be connected via port mode, to turn on PASV by default need to pass the following configuration

Open/etc/vsftpd/vsftpd.conf, add at the end

1234	pasv_enable=YES   #开启PASV模式pasv_min_port=40000   #最小端口号pasv_max_port=40080   #最大端口号pasv_promiscuous=YES

Open 40000 to 40080 ports within the firewall configuration

1	-A INPUT m state --state NEW m tcp p dport 40000:40080 j ACCEPT

Restarting Iptabls and VSFTPD

12	service iptables restartservice vsftpd restart

Now you can use PASV mode to connect your FTP server ~

Common errors:

Question one:

But I follow the configuration steps to walk through it and find every time

530 Login Incorrect

To find out, I found that I used the vsftpd.vu to create the root directory of the etc, not/etc/pam.d/vsftpd.vu

Question two:

Modified the above question, or can not log in, prompted me:

Oops:bad bool value in config file for:anon_world_readable_only

Google has found that some people say that there is no space at the end of the configuration file, open your own configuration file to see, more than anon_world_readable_only this line at the end of the entire file has a few spaces at the end. Alas, copy and paste the configuration on the Web page to be cautious.

Question three:

OOPS:vsftpd:cannot locate user specified in ' guest_username ': AaA

This problem is very wonderful, and finally found that the final case of the problem, it should be ' AAA '

So pay attention to the details, install the above steps to be very simple

Build FTP server under CentOS