Build vsftp server and sftp server under Centos6.5
Part 1: Refer to Baidu experience and Portal
Vsftpd is the most popular FTP server program in the Linux release. Features: small, light, secure, and easy to use. It is a completely free and open source ftp software.
Tools/Raw MaterialsOnline Installation
# Yum install vsftpd pam * db4 *-y
Use the command to configure vsftp as a system service
# Chkconfig -- level 35 vsftpd on
Configure the host of the vsftpd service
# Useradd vsftpdadmin-s/sbin/nologin-M
This vsftpdadmin is only used to replace the root user and does not need to be logged on.
Create an ftp virtual host account
# Useradd vsftpuser-s/sbin/nologin-M
This ftpuser only has virtual account hosts and does not need to be logged on.
Before configuring vsftpd. conf, back up the original
Vi/etc/vsftpd. conf
Anonymous_enable = YES --> anonymous_enable = NO // anonymous users are not allowed to access the service. The default value is allow.
Chroot_list_enable = YES --> chroot_list_enable = YES // FTP users are not allowed to leave their home directories.
Add
# Set the path for storing the configuration file of the virtual user's personal Vsftp. That is to say, the specified directory stores the configuration files of each Vsftp virtual user. Note that these configuration files must be the same as the virtual user name.
User_config_dir =/etc/vsftpd/vconf/userlocal
# This step is very important. Remember this step. Create a folder based on this configuration
# Modifying the port number
Ftp_data_port = 4040
Reverse_lookup_enable = NO
Pasv_enable = yes
Pasv_min_port = 48790
Pasvanderbilt max_port = 48800
Listen_port = 48796 # You can configure the port based on your actual situation, or use the default port. However, for the sake of security, you can configure it according to your actual situation (from the above red, you can do not configure it first)
Create a virtual User File
# Mkdir/etc/vsftpd/vconf
# Touch/etc/vsftpd/vonf/vir_user
Create a virtual user
# Vi/etc/vsftpd/vonf/vir_user
# Virtualuser // User Name
#12345678 // Password
Generate Database
# Db_load-T-t hash-f/etc/vsftpd/vconf/vir_user/etc/vsftpd/vconf/vir_user.db
Set Database File Access Permissions
# Chmod 600/etc/vsftpd/vconf/vir_user
# Chmod 600/etc/vsftpd/vconf/vir_user.db
Modify/etc/pam. d/vsftpd (you can comment out the content in the original file through)
Auth sufficient pam_userdb.so db =/etc/vsftpd/vconf/vir_user
Account sufficient pam_userdb.so db =/etc/vsftpd/vconf/vir_user
(To use both system users and virtual users, change required to sufficient)
Configure user_config_dir =/etc/vsftpd/vconf/userlocal according to step 4.
Create a userlocal folder
# Mkdir/etc/vsftpd/vconf/userlocal
Create a file based on the username created in Step 6
For example, if the account created in Step 6 is virtualuser, a new virtualuser file is created.
# Touch/etc/vsftpd/conf/userlocal/virtualuser
Edit the file path accessed by the user
# Vi/etc/vsftpd/conf/userlocal/virtualuser
Enter the following
Local_root = // the root directory of the website to be specified. For example, the folder www.baidu.com is/www/baidu.
Anonymous_enable = NO # prohibit anonymous user access
Write_enable = YES # Enable write permission
Local_umask = 022 # permission mask for uploaded files
Anon_upload_enable = NO # disable anonymous download
Anon_mkdir_write_enable = NO # disable anonymous Folder creation
Idle_session_timeout = 60 # The automatic session close time is 60 minutes.
Data_connection_timeout = 120 # data Delay Time
Max_clients = 10 # maximum number of connections
Max_per_ip = 5 # the same ip address allows five IP addresses to be connected at the same time.
Local_max_rate = 1048576 # Object User transmission speed limit, in B/s. 0 indicates no limit
After the configuration is complete, restart the vsftpd service: service vsftpd restart.
View the system Port Status: netstas-tulnp. If port 22 is being called by vsftpd, the startup is successful.
Part 2:
After the first part is configured according to the tutorial, an error is reported when fileZilla or winSCP is used to connect to the server, prompting that the connection server is unexpectedly exited. the sftp service is faulty. In this case, we need to configure the sftp server. (Because I didn't have it at the time, I wrote this article after a while. Therefore, the words described are not so accurate. Please forgive me)
The procedure is as follows. You can configure the sftp server step by step.1. Add a user group
2. Add a user and set it to an sftp Group
3. change the password of an sftp user
4. Create the root directory of the sftp user, set the owner and group, and modify the permissions (755)
5. Create an admin writable directory in the sftp directory
6. modify the configuration file
# Vim/etc/ssh/sshd_config
Modify
# Subsystem sftp/usr/libexec/openssh/sftp-server
Subsystem sftp internal-sftp
7. Add at the end of the sshd_config file
8. Restart the sshd service.
# Service sshd restart
Connect again.
So far, a simple sftp server is configured, isn't it easy.
Part 2: script School
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
