Centos6.7+vsftpd+db4+db4-utils---Passive mode

Source: Internet
Author: User

Install package

Yum-y Install VSFTPD

Yum-y installdb4-utils DB4

Create a virtual user

Vi/etc/vsftpd/vusers.list

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M01/82/2A/wKioL1dNR5SiU-nkAAATgMNSNRo107.png-wh_500x0-wm_3 -wmp_4-s_3298433273.png "title=" Untitled. png "alt=" wkiol1dnr5siu-nkaaatgmnsnro107.png-wh_50 "/>

DB database is created and only the root user can read and write

Db_load-t-thash-f vusers.list/etc/vsftpd/vsftpd_login.db

chmod 600/etc/vsftpd/vsftpd_login.db

ConfigurationPamfile

Vim/etc/pam.d/vsftpd.vu ( system )

650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M02/82/2C/wKiom1dNRtbhF__QAAA61zt6wYM157.png-wh_500x0-wm_3 -wmp_4-s_2029763677.png "title=" Untitled. png "alt=" wkiom1dnrtbhf__qaaa61zt6wym157.png-wh_50 "/>

the system changes the lib64 into Lib .

establish real users of the system for virtual users here , use the Vftpusers account to point to the path /opt/vsftp

Useradd vftpusers-d/opt/vsftp-s/sbin/nologin

Chown vftpusers:vftpusers/opt/vsftp

Modify the configuration file as followscan be modified according to individual needs Red words should be noted

[[Email protected] ~] #cat/etc/vsftpd/vsftpd.conf

Anonymous_enable=no

Local_enable=yes

Write_enable=yes

Dirmessage_enable=yes

Xferlog_enable=yes

Xferlog_file=/var/log/vsftpd.log

Connect_from_port_20=yes

Xferlog_std_format=yes

Listen=yes

LISTEN_PORT=21 (port self-modification)

Userlist_enable=yes

Chroot_local_user=yes

Tcp_wrappers=yes

Guest_enable=yes

Guest_username=vftpusers (Administrative users for the entire virtual directory)

Pam_service_name=vsftpd

user_config_dir=/etc/vsftpd/vsftpd_user_conf(Specify Virtual User Configuration folder path)

Virtual_use_local_privs=yes

pasv_min_port=50000

pasv_max_port=50010

Pasv_enable=yes

max_clients=200

Max_per_ip=4

idle_session_timeout=600

Ftpd_banner=welcometo Linux FTP Service.

Create a virtual User configuration file

Mkdir/etc/vsftpd/vsftpd_user_conf

Vim/etc/vsftpd/vsftpd_user_conf/user1 2 3

All permissions

Write_enable=yes

Anonymous_enable=no

Anon_world_readable_only=no

Anon_upload_enable=yes

Anon_mkdir_write_enable=yes

Anon_other_write_enable=yes

local_umask=022

Download_enable=yes

Local_root=/opt/vsftp/user1local_root=/opt/vsftp/user1

Upload Permissions

Write_enable=yes

Anon_world_readable_only=no

Anon_upload_enable=yes

Anon_mkdir_write_enable=yes

Anon_other_write_enable=yes

local_umask=022

Download_enable=no

Local_root=/opt/vsftp/user2

Download only

Write_enable=no

Anon_world_readable_only=no

Anon_upload_enable=no

Anon_mkdir_write_enable=no

Anon_other_write_enable=no

local_umask=022

Download_enable=yes

Local_root=/opt/vsftp/user3

Service Vsftpdrestat Restart Services

CHKCONFIGVSFTPD on boot

Detailed configuration file

Comments are as follows:

Anonymous_enable=no

Setting does not allow anonymous access

Local_enable=yes

Set the local user to be accessible. Note: Primarily for virtual hosting users, if the item is set to No then all virtual users will not be able to access it.

Write_enable=yes

The settings can be written.

local_umask=022

Sets the permission mask for the file after uploading.

Anon_upload_enable=no

Prohibit anonymous users from uploading.

Anon_mkdir_write_enable=no

Prevents anonymous users from creating directories.

Dirmessage_enable=yes

Set the Open Directory banner feature.

Xferlog_enable=yes

Set the Enable Logging function.

Connect_from_port_20=yes

Set port 20 for the data connection.

Chown_uploads=no

Set prohibit upload file change host.

Xferlog_file=/var/log/vsftpd.log

Set the VSFTPD Service log save path. Note that the file does not exist by default. You have to touch it manually, and because of this change, the VSFTPD service host user is the manually established VSFTPD. You must be aware of the Write permission to the log for that user, or the service will fail to start.

Xferlog_std_format=yes

The settings log uses a standard record format.

Nopriv_user=vsftpd

Sets the host user that supports the VSFTPD service as a manually established VSFTPD user. Note that once you make changes to the host user, you must be aware of the read and write rights of the read-write files associated with the service. For example, the log file must give the user write permission, and so on.

Async_abor_enable=yes

Setting supports asynchronous transfer functions.

Ascii_upload_enable=yes

Ascii_download_enable=yes

Set up upload and download features that support ASCII mode.

Ftpd_banner=welcome to Awei FTP servers

Set the VSFTPD landing banner.

Chroot_local_user=yes

Prevents local users from logging out of their own FTP home directory.

Pam_service_name=vsftpd

Set the authentication profile name for the VSFTPD under the PAM service. Therefore, Pam validation will refer to the vsftpd file configuration under/etc/pam.d/.

The following are important configuration items for VSFTPD virtual user support. These settings are not included in the default vsftpd.conf, and you need to manually add the configuration yourself.

Guest_enable=yes

Set the Enable Virtual User feature.

Guest_username=ftp

Specifies the host user for the virtual user.

Virtual_use_local_privs=yes

Set permissions for virtual users to match their host users.

user_config_dir=/etc/vsftpd/ vsftpd_user_conf

Set the profile storage path for the virtual user's personal vsftp. In other words, this designated directory, will be stored in each vsftp virtual user personality profile, a need to pay attention to the

This is where the configuration file name must be the same as the virtual user name

Thanks to the major users of the document reference

Centos6.7+vsftpd+db4+db4-utils---Passive mode

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.