Cenos Building an FTP server
-------------------------------------------------------------------------Ready to work-------------------------------------------- -------------------------------------
1. Check
->chkconfig--list to see if the VSFTPD service is installed
-------------------------------------------------------------------------installation---------------------------------------------- -----------------------------------
1. Installation Services
->yum-y Install VSFTPD Direct installation using the Yum command
->touch/var/log/vsftpd.log then create a log file for it
-------------------------------------------------------------------------Configuration---------------------------------------------- -----------------------------------
1. Start the configuration
->chkconfig--list
#如果看到的是如下显示的结果:
#vsftpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
#那么我们使用如下命令来配置其自启动:
->chkconfig--level 2345 vsftpd on #2345
->/ETC/INIT.D/VSFTPD restart# Restart FTP service
2. Configuring the VSFTP Service
->vim/etc/vsftpd/vsftpd.conf# Edit
Anonymous_enable=no #设定不允许匿名访问
Local_enable=yes #设定本地用户可以访问. Note: If you use a virtual host user, all virtual users will not be able to access the item if it is set to No.
Chroot_list_enable=yes #使用户不能离开主目录
Xferlog_file=/var/log/vsftpd.log #设定vsftpd的服务日志保存路径. Note that the file does not exist by default. You have to touch it manually.
Ascii_upload_enable=yes #允许使用ASCII模式上传
Ascii_download_enable=yes #设定支持ASCII模式的上传和下载功能.
PAM_SERVICE_NAME=VSFTPD #PAM认证文件名. Pam will be certified according to/ETC/PAM.D/VSFTPD
3. Virtual user support (need to add manually)
->vim/etc/vsftpd/vsftpd.conf# Edit
Guest_enable=yes #设定启用虚拟用户功能.
Guest_username=ftp #指定虚拟用户的宿主用户. There is already a built-in FTP user in CentOS (note: The user specified in the Chroot_list_file=/etc/vsftpd/chroot_list file) has a built-in FTP user in-rhel/centos.
user_config_dir=/etc/vsftpd/vuser_conf #设定虚拟用户个人vsftp的RHEL/centos FTP service file storage path. CentOS FTP service file with virtual user personality (config file name = Virtual user name)
4. Create the Chroot list and join the FTP user:
Touch/etc/vsftpd/chroot_list
echo FTP (#指定虚拟用户的宿主用户. See above) >>/etc/vsftpd/chroot_list
5. For certification:
First of all, installing the Berkeley DB Tool, many people can not find the db_load problem is not to install this package.
Yum install DB4 db4-utils or yum install db4* (* indicates installation of all packages with DB4 characters)
Then, create the user password text/etc/vsftpd/vuser_passwd.txt (① these five places the same name), note that the odd line is the user name, even the line is the password
Ftpuser1
Ftppass1
Ftpuser2
Ftppass2
Next,. Generate a DB file for virtual user authentication
Db_load-t-T Hash-f/etc/vsftpd/vuser_passwd.txt/etc/vsftpd/vuser_passwd.db (②, ③ these five places have the same filename)
Edit the Authentication file/etc/pam.d/vsftpd
Comment out all the content in the/etc/pam.d/vsftpd anyway, it's not certified by the local user.
Pay special attention to the following differences
The 32-bit system adds the following two sentences:
Auth Required pam_userdb.so db=/etc/vsftpd/vuser_passwd (④ These five places have the same filename)
Account Required Pam_userdb.so db=/etc/vsftpd/vuser_passwd (⑤ These five places have the same filename)
The 64-bit system adds the following two sentences:
Auth required/lib64/security/pam_userdb.so db=/etc/vsftpd/vuser_passwd (④ These four places have the same filename)
Account REQUIRED/LIB64/SECURITY/PAM_USERDB.SODB=/ETC/VSFTPD/VUSER_PASSWD (⑤ These four places have the same filename)
View the number of system support bits: getconf long_bit
Finally, create a virtual user personalization rhel/centos FTP service file
mkdir/etc/vsftpd/vuser_conf/
Vi/etc/vsftpd/vuser_conf/ftpuser1
The contents are as follows:
LOCAL_ROOT=/OPT/VAR/FTP1 virtual user's root directory (based on actual modification)
Write_enable=yes can write
anon_umask=022 Mask
Anon_world_readable_only=no
Anon_upload_enable=yes
Anon_mkdir_write_enable=yes
Anon_other_write_enable=yes
6. Attach permissions to the directory and restart the VSFTP service:
Mkdir/opt/var/ftp/ftpuser1 (Create FTP storage directory)
chmod 777/opt/var/ftp/ftpuser1
Service VSFTPD Restart
7. Frequently Asked Questions:
1) 553 Could not create file
is generally the problem of SELinux, set a value of SELinux, restart the server.
Setsebool-p Ftpd_disable_trans 1
Service VSFTPD Restart
2) Oops:bad bool value in config file for:write_enable
Note that your CentOS FTP service file guarantees that there are no spaces at the end of each line, and the general error is in the extra spaces.
3) After the virtual user uploads the default permissions are: 600, the user cannot download the file
Add or modify the value of the Anon_umask entry in the configuration file. such as ANON_UMASK=022 or 000
8. Add FTP users using commands (similar to 3.3)
9. Add FTP User, command format:
#adduser-d/directory path-G ftp-s/sbin/nologin user name
If used: #adduser-D/opt/dongge-g ftp-s/sbin/nologin Dongge
Added a user named Dongge, whose directory belongs to the/opt/dongge and belongs to the FTP user group. This user is not allowed to log on to our Terminal server.
10. Add Password:
#passwd Dongge
Set user name Ftpuser permission to read and write in directory
#chown-R dongge:ftp/opt/dongge/
11. Directory Mount:
If we want to hang the/opt/dongge directory under our FTP directory, you can use the Mount command
#mount –-bind/opt/dongge/var/ftp/dongge
This allows us to complete the configuration of adding user and mount directories.
12. Support HTTP Download
Edit/etc/httpd/conf/httpd.conf File:
#vi/etc/httpd/conf/httpd.conf
Add the following code:
Alias/fileshare "/var/ftp/ftpuser1"
<directory "/var/ftp/ftpuser1" >
Options Indexes MultiViews
AllowOverride None
Order Allow,deny
Allow from all
</Directory>
To restart the HTTPD service, you can use Http://your_ip/fileshare to access and download the required files:)
13. How to configure Lazy vsftp
After completing step 1,2,3.1, add the following code directly to the/etc/vsftpd/vsftpd.conf file:
Write_enable=yes #可写
anon_umask=022 #掩码
Anon_world_readable_only=no
Anon_upload_enable=yes
Anon_mkdir_write_enable=yes
Anon_other_write_enable=yes
Restart the VSFTPD service to
Cenos Building an FTP server