[CNMP series] install the FTP service under CentOS7.0, cnmpcentos7.0

[CNMP series] install the FTP service under CentOS7.0, cnmpcentos7.0

In an episode, install an FTP service to facilitate communication with files on the remote server. We will discuss how to use Capistrano to work with git to deploy and release the server code. Now, the Code should go through FTP first, which is quite stable.

FTP Overview

FTP is short for File Transfer Protocol (File Transfer Protocol ".

During FTP usage, users often encounter two concepts: "Download" and "Upload ). "Download" means to copy files from the remote host to your computer. "Upload" means to copy files from your computer to the remote host.

In Internet language, users can upload (download) files to (from) remote hosts through client programs.

FTP Installation

First, check whether the FTP service has been installed on your remote server.

#rpm -qa | grep vsftpd

If nothing is displayed, congratulations, you have not installed the ftp service. You can proceed with the following actions with peace of mind. If you have a vsftpd version, what should you do? This chapter is not suitable for you !!!

First, install vsftpd.

Vsftpd is short for "very secure FTP daemon". Security is one of its biggest features. Vsftpd is the name of a server running on a UNIX operating system that can run on systems such as Linux, BSD, Solaris, HP-UNIX, etc, it is a completely free and open-source ftp server software that supports features not supported by many other FTP servers.

Run the following command to install vsftpd.

#yum -y install vsftpd

After the installation is complete, use the above rpm command to check whether the installation is complete. If the installation is complete, continue.

Enable vsftpd

#service vsftpd start

Check vsftpd service

#service vsftpd status

Note that the ftp service uses port 21 and Port 20. The iptables Firewall service we set previously blocks this port. Therefore, add the following code to/etc/sysconfig/iptables.

A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT

Restart the Firewall Service

#systemctl restart iptables.service

Okay. Here, our default ftp service has started to work. Let's test it.

#ftp localhost

Enter anonymous (anonymous) in the user name column)

The following information indicates that the installation of your vsftp service is complete.

Enter bye after ftp> to say goodbye to ftp for the moment, because we still have some work to do.

Configure vsftpd service

Open the configuration file of the vsftpd service

#vim /etc/vsftpd/vsftpd.conf

What does it mean to change the values of these attributes? When chroot_list_enable = YES, chroot_local_user = YES, in/etc/vsftpd. users listed in the chroot_list file can switch to other directories. Users not listed in the file cannot switch to other directories. For better control in the future, we should first turn on these configurations.

Save and exit. We create a new chroot_list file.

#touch /etc/vsftpd/chroot_list

Restart vsftp

#service vsftpd restart

New ftp user

#/usr/sbin/adduser -d /usr/www/ftptest -g ftp -s /sbin/nologin vftpuser

Vftpuser is added. The main directory of the user is/usr/www/ftptest. the user group is ftp and cannot log on to the account.

Set vftpuser Password

#passwd vftpuser

Modify directory permissions of/usr/www/ftptest

#chmod 755 /usr/www/ftptest/

Restart vsftp

#/sbin/service vsftpd restart

Set permissions

View ftp-related permissions in SElinux policies

#getsebool -a | grep ftp

Open ftp permission

#setsebool allow_ftpd_full_access 1

Restart vsftp

#/sbin/service vsftpd restart

Now, you can use the local ftp remote server. However, Feng ye recommends a practical ftp software: filezilla. It is quite easy to use. As for how to use it, you can use Baidu on your own.

Possible problems

Problem 1: The SElinux is not closed, causing access failure. You can try to disable the selinux policy first.

#vim /etc/selinux/config

Set SELINUX to disable.

Problem 2: The following error is reported when filezilla is enabled.

Open your site management and click to enter transfer settings

Configure the transmission mode as shown in the figure to complete the link.