When AWS configures an FTP server, the hand is smooth.
The key to configuring an FTP server is to understand the difference between ACTIVEFTP and PASV ftp. Here, configure the FTP server as PASV mode.
1. Yum Installation vsftp
# sudo Su-
# yum Install vsftpd
2. Confirm Unused ports
# Cat/proc/sys/net/ipv4/ip_local_port_range
32768 61000
The 32768–61000 port is in a state that is not in use.
3. Modify the/etc/vsftpd/vsfptd.conf file
To modify the contents, refer to the following table.
| Differentiated | Modify Content | explain |
|---|---|---|
| Modify | Anonymous_enable=no | Disable logon for anonymous FTP users |
| Modify | Dirmessage_enable=no | When the user first enters the new directory, displays what the directory needs to be aware of, configured here to not display |
| Modify | Ls_recurse_enable=yes | Allow users to delete directories |
| Additional | Ascii_upload_enable=yes | Allow files to be uploaded in ASCII mode |
| Additional | Ascii_download_enable=yes | Allow files to be downloaded in ASCII mode |
| Modify | Chroot_local_user=yes | To change the local user's root directory to their own FTP root directory |
| Modify | Chroot_list_enable=yes | Effective chroot_list. The default file is Chroot_list_file=/etc/vsftpd/chroot_list |
| Modify | Tcp_wrappers=no | Do not use tcp_wrappers restrictions (use the AWS EC2 security group as a constraint) |
| Modify | Connect_from_port_20=no | Do not use Activeftp |
| Modify | Xferlog_std_format=no | Log files in vsftpd format, yes WU-FTPD format |
| Additional | Pasv_enable=yes | Using PASV FTP |
| Additional | Pasv_addr_resolve=yes | Get connection IP address from host name in PASV mode |
| Additional | Pasv_address= Host IP Address | Configure the EC2 elastic IP address |
| Additional | pasv_min_port=60001 | In the PASV mode is the minimum port number used (in the hand Shun 2 confirmed unused port selection) |
| Additional | pasv_max_port=60100 | In the PASV mode is the maximum port number used (in the hand Shun 2 confirmed unused port selection) |
| Additional | Use_localtime=yes | Time to use host |
| Additional | Force_dot_files=yes | Do not hide. Files that begin with |
4. Modify/etc/vsftpd/chrott_list
Specifies the user who does not change the root directory, where the user specified will access the root directory, typically specifying user root. This is configured as an empty file and is not modified.
# vi/etc/vsftpd/chroot_list
5. Create an FTP user
# AddUser Zabbix
# passwd Zabbix
6. Configure the boot up and start the FTP service
# Chkconfig VSFTPD on
# chkconfig
VSFTPD 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# service VSFTPD Start
7. Configure the AWS Security Group
Modify the security Group for the AWS EC2 that configures the FTP service.
Append the following to the inbound.
| Type | Protocol | Port Range | Source |
|---|---|---|---|
| Custom TCP Rule | Tcp | 21st | 0.0.0.0/0 |
| Custom TCP Rule | Tcp | 60001–60100 | 0.0.0.0/0 |
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
