CentOS 6 system configuration FTP Server Tutorial

1. Install vsftpd and account authentication software

Yum-y install vsftpd db4 db4-utils

2. Start/restart/Stop the vsftpd server

Service vsftpd start | stop | restart
The configuration file is/etc/vsftpd. conf.
Default FTP server root directory:/var/ftp/pub

3. Add an FTP Virtual User

FTP virtual users can only access the directory space corresponding to the server through the HOST, account, and password, and cannot log on to the system.
The command for creating an FTP user is as follows:

Adduser-d/home/www-g ftp-s/sbin/nologin wwwftp

Meaning: use the shell command adduser to add a wwwftp system account. However, you cannot log on to the system (-s/sbin/nologin ), the main directory of this account is (-d/opt/ftp_dir/wwwftp) and belongs to the ftp user group (-g ftp ).
Set password:

 

Echo 123456789Q | passwd -- stdin wwwftp

4. Configure the vsftpd configuration file (/etc/vsftpd. conf ).
Note that spaces are not allowed after the value, such as chroot_list_enable = YES and "YES". Otherwise, an error is reported when vsftpd is started ("vsftpd: 500 OOPS: bad bool value in config file for: anonymous_enable ").

# Anonymous access not allowed
Anonymous_enable = NO
# Set local user access. Note: if a virtual host user is used, all virtual users cannot access the project if the project is set to NO.
Local_enable = YES
# Preventing users from leaving the home directory
Chroot_list_enable = YES
# Set the path for saving vsftpd service logs. Note: This file does not exist by default. You need to create it manually.
Xferlog_file =/var/log/vsftpd. log
# Set the support for upload and download in ASCII mode.
Ascii_upload_enable = YES
Ascii_download_enable = YES
# PAM authentication file name. PAM will be authenticated according to/etc/pam. d/vsftpd
Pam_service_name = vsftpd
# Remove the # sign before this configuration.
Chroot_list_file
# Manually add the CentOS FTP service configuration.
# Enable the virtual user function.
Guest_enable = YES
# Specify the host user of the virtual user. -CentOS already has built-in ftp users.
Guest_username = ftp
# Prevent vsftpd from changing the file upload permission to 600
Virtual_use_local_privs = YES
# Set the path for storing the CentOS FTP service file of the virtual user's personal vsftp. CentOS FTP service file that stores Virtual User Personality (configuration file name = virtual user name)

User_config_dir =/etc/vsftpd/vuser_conf

5. Create a chroot list and add FTP users to it:

Touch/etc/vsftpd/chroot_list

One user per row:

Echo wwwftp>/etc/vsftpd/chroot_list

6. Account authentication

Create user password text:

Vim/etc/vsftpd/vuser_passwd.txt

The odd line is the user name, and the even line is the password:

Wwwftp
123456789 GB

Generate the database file for virtual user authentication and execute the following command:

Db_load-T-t hash-f/etc/vsftpd/vuser_passwd.txt/etc/vsftpd/vuser_passwd.db

Edit the vsftpd authentication File:/etc/pam. d/vsftpd and comment out all the codes in.

The 32-bit system is added as follows:

Auth required pam_userdb.so db =/etc/vsftpd/vuser_passwd
Account required pam_userdb.so db =/etc/vsftpd/vuser_passwd

The 64-bit system is added as follows:

Auth required/lib64/security/pam_userdb.so db =/etc/vsftpd/vuser_passwd
Account required/lib64/security/pam_userdb.so db =/etc/vsftpd/vuser_passwd

6. Configure the configuration file for each FTP user

Put all FTP configuration files with users in the following directory, so we need to create it:

Mkdir/etc/vsftpd/vuser_conf/

Then, create a configuration file for each FTP user in this directory. Take the created and wwwftp account as an example:

Vim/etc/vsftpd/vuser_conf/wwwftp

Configure the following content in the file:

Local_root =/opt/ftp_dir/wwwftp
Write_enable = YES
Anon_world_readable_only = NO
Anon_upload_enable = YES
Anon_mkdir_write_enable = YES
Anon_other_write_enable = YES
Local_umask = 022

7. Restart