CentOS VSFTP Installation and configuration detailed _linux

In general, we will automatically install the system after the installation of the VSFTP service, but sometimes it is necessary to do their own, such as the two days in the configuration for my friend, the process to record down, so that when needed to check or to the needs of friends to provide convenient:

1. Installation

Use Chkconfig--list to see if the VSFTPD service is installed;

Install directly using the Yum command:

Yum-y Install VSFTPD

Then create a log file for it:

Touch/var/log/vsftpd.log

This simple two command completes the VSFTP installation, but if you want to visit this ftp://your_ip now, why not?? Very simple, permission issue!

2. Startup and configuration from start

Use Chkconfig--list to view vsftpd service startup items;

If you see the results shown below:

VSFTPD 0:off 1:off 2:off 3:off 4:off 5:off 6:off

The service is all off, note that the off here indicates whether the server will start the service when it is started, and we use the following command to configure its self startup:

Chkconfig--level 2345 vsftpd on #2345对应的是上面对应的0-6 items

To view and manage the FTP service:

To start the FTP service:

Service VSFTPD Start

To view the status of the FTP service:

Service VSFTPD Status

To restart the FTP service:

Service VSFTPD Restart

To turn off the FTP service:

Service VSFTPD Stop

3. Configure the VSFTP service

Edit/etc/vsftpd/vsftpd.conf file, configure VSFTP service

#vi/etc/vsftpd/vsftpd.conf

3.1 Edit Modify the following items:

Anonymous_enable=no #设定不允许匿名访问

Local_enable=yes #设定本地用户可以访问. Note: If you use a virtual host user, all virtual users will not be able to access the project if it is set to No.

Chroot_list_enable=yes #使用户不能离开主目录

Xferlog_file=/var/log/vsftpd.log #设定vsftpd的服务日志保存路径. Note that the file does not exist by default. You have to touch it manually.

Ascii_upload_enable=yes #允许使用ASCII模式上传

Ascii_download_enable=yes #设定支持ASCII模式的上传和下载功能.

PAM_SERVICE_NAME=VSFTPD #PAM认证文件名. Pam will be certified according to/ETC/PAM.D/VSFTPD

Here are some important CentOS FTP service configuration items for VSFTPD virtual user support. These settings are not included in the default vsftpd.conf and you will need to manually add the Rhel/centos FTP service configuration yourself.

Guest_enable=yes #设定启用虚拟用户功能.

Guest_username=ftp #指定虚拟用户的宿主用户. There is already a built-in FTP user inside the CentOS (note: This user

The user specified in the chroot_list_file=/etc/vsftpd/chroot_list file)-rhel/centos already has a built-in FTP user

user_config_dir=/etc/vsftpd/vuser_conf #设定虚拟用户个人vsftp的RHEL/centos FTP service file storage path. Store the personality of the virtual user

CentOS FTP Service file (profile name = Virtual user name)

3.2 Create the Chroot list and join the FTP users:

Touch/etc/vsftpd/chroot_list

echo FTP (#指定虚拟用户的宿主用户. See above) >>/etc/vsftpd/chroot_list

3.3 For Certification:

First of all, install the Berkeley DB Tool, many people can not find the db_load problem is not installed this package.

Yum install DB4 db4-utils or yum install db4* (* indicates installation of all installation packages containing DB4 characters)

Then, create the user password text/etc/vsftpd/vuser_passwd.txt (① these five places the same file name), note that the odd line is the user name, even the password

Ftpuser1
Ftppass1
Ftpuser2
Ftppass2

Then,. Generate a virtual user Certified DB file

Db_load-t-T Hash-f/etc/vsftpd/vuser_passwd.txt/etc/vsftpd/vuser_passwd.db (②, ③ these five places have the same filename)

Edit Authentication File/etc/pam.d/vsftpd

Comment out all the content in the/etc/pam.d/vsftpd anyway, no local user authentication.

Special attention to the following differences

The 32-bit system adds the following two sentences:

Auth Required pam_userdb.so db=/etc/vsftpd/vuser_passwd (④ These five places have the same filename)

Account Required Pam_userdb.so db=/etc/vsftpd/vuser_passwd (⑤ These five places have the same file name)

The 64-bit system adds the following two sentences:

Auth required/lib64/security/pam_userdb.so db=/etc/vsftpd/vuser_passwd (the same file name as the ④ four places)

Account REQUIRED/LIB64/SECURITY/PAM_USERDB.SODB=/ETC/VSFTPD/VUSER_PASSWD (⑤ These four places have the same file name)

View system support bits: getconf long_bit

Finally, create a virtual user Personality Rhel/centos FTP service file

mkdir/etc/vsftpd/vuser_conf/


Vi/etc/vsftpd/vuser_conf/ftpuser1

The contents are as follows:

LOCAL_ROOT=/OPT/VAR/FTP1 virtual user's root directory (based on actual modifications)

Write_enable=yes can write

anon_umask=022 Mask

Anon_world_readable_only=no

Anon_upload_enable=yes

Anon_mkdir_write_enable=yes

Anon_other_write_enable=yes

4. To attach permissions to the directory and restart the VSFTP service:

Mkdir/opt/var/ftp/ftpuser1 (Create FTP storage directory)

chmod 777/opt/var/ftp/ftpuser1

Service VSFTPD Restart

5. Frequently Asked Questions:

5.1 553 could not create file

Generally is the problem of SELinux, set a value of SELinux, restart the server can be.

Setsebool-p Ftpd_disable_trans 1

Service VSFTPD Restart

5.2 Oops:bad bool value in config file for:write_enable

Note that your CentOS FTP service file guarantees that there is no space at the end of each line, and that the error is in the extra space.

5.3 After the virtual user uploads the default permission is: 600, the user cannot download the file

Add or modify the value of the Anon_umask item in the configuration file. such as ANON_UMASK=022 or 000

6. Use the command to add an FTP user (similar to 3.3)

6.1 Add FTP User, command format:

#adduser-d/directory path-G ftp-s/sbin/nologin user name

If used: #adduser-D/opt/dongge-g ftp-s/sbin/nologin Dongge

Added a user named Dongge, whose directory belongs under/opt/dongge and belongs to the FTP user group. This user is not available for landing on our terminal server.

6.2 Add Password:

#passwd Dongge

Set permissions for users with user name Ftpuser to read and write in the directory

#chown-R dongge:ftp/opt/dongge/

6.3 Catalog Mount:

If we want to hang the/opt/dongge directory under our FTP directory, we can use the Mount command

#mount –-bind/opt/dongge/var/ftp/dongge

This completes the configuration of the add user and Mount directory

7. Support HTTP Downloads

Edit/etc/httpd/conf/httpd.conf File:

#vi/etc/httpd/conf/httpd.conf

Add the following code:

Alias/fileshare "/var/ftp/ftpuser1"

options Indexes multiviews
  allowoverride None order
  Allow,deny
  Allow from all

Restart the HTTPD service to access and download the required files using Http://your_ip/fileshare:)

8. Lazy Vsftp Configuration method

After you complete the step 1,2,3.1, add the following code directly to the/etc/vsftpd/vsftpd.conf file:

Write_enable=yes can write
anon_umask=022 Mask
Anon_world_readable_only=no
Anon_upload_enable=yes
Anon_mkdir_write_enable=yes
Anon_other_write_enable=yes

Restart the VSFTPD service

The above is the entire content of this article, I hope to help you learn, but also hope that we support the cloud habitat community.