CentOS Enable FTP Features

1. Install VSFTPD components, after installation, there are/etc/vsftpd/vsftpd.conf files, used to configure, there is a new FTP user and FTP group, pointing to the home directory for/VAR/FTP, the default is Nologin (unable to login system)

Yum-y Install VSFTPD

You can view the user with the following command

cat/etc/passwd

The default FTP service is not started and starts with the following command

Service VSFTPD Start

2. Install the FTP client component (used to verify VSFTPD)

Yum-y Install FTP

To execute a command attempt to log on

FTP localhost

Enter username FTP, passwords are random (because the default is to allow anonymous)

Successful login means that the FTP service is available.

However, the extranet is not accessible, so continue to configure.

3. Cancel Anonymous Login

Vi/etc/vsftpd/vsftpd.conf

Change the anonymous_enable=yes of the first line to No

Reboot

Service VSFTPD Restart

4. Create a new user (Ftpuser is a user name, can be easily)

Useradd Ftpuser

Change password (input two times)

passwd Ftpuser

Such a user completed, you can use this login, remember to use the normal login do not use Anonymous. The default path after login is/home/ftpuser.

5. Open 21 ports

Because the FTP default port is 21, and CentOS default is not turned on, so to modify the Iptables file

Vi/etc/sysconfig/iptables

On the line there is 22-j ACCEPT the next line of input is similar to that row, just replace 22 to 21, and then: Wq save.

Also run, restart Iptables

Service Iptables Restart

The extranet can be accessed up, but found unable to return to the catalogue, also cannot upload, because SELinux mischief.

6. Modify SELinux

getsebool-a | grep FTP

Execute the above command, then return the result see two lines are off, the representative, did not open the extranet access

....

....

Ftp_home_dir off

Just turn the top on.

Perform

Setsebool-p Ftp_home_dir off 1

and restart the vsftpd.

Service VSFTPD Restart

This should be no problem (if, or not, see if the FTP client tool used in the passive mode access, such as the hint entering passive mode, on behalf of the passive model, the default is not, because the FTP Passive mode is iptables blocked, the following will say how to open, if lazy, look at your client FTP has the option of port mode, or the option of passive mode removed. If the client is still not working, see if the host computer on the client has a firewall open, shut it down.

7. Open Passive Mode

The default is open, but to specify a port range, open the vsftpd.conf file, followed by

pasv_min_port=30000

pasv_max_port=30999 indicates that the port range is 30000~30999, which can be changed at will.

Change it and restart it vsftpd

Because the port range is specified, Iptables also opens the range accordingly, so open the Iptables file as above

The

is also on the 21 upper and lower side of a row, more similar to the line, just the 21 to 30,000:30,999, then: Wq save, restart the next iptables. It's done.