Configure vsftpd for CentOS

Source: Internet
Author: User

Vsftp installation Configuration

 

1. Check whether vsftp is installed.
Rpm-qa | grep vsftpd
If a vsftpd-2.0.5-16.el5_5.1 appears, vsftp is installed.

Install vsftp

Yum-y install vsftpd

 

2. test whether the installation is successful (change the ip address to your own. Do not use your logon password as the anonymous logon user: The anonymous password is blank. If the logon succeeds, the following content indicates that vsftpd is successfully installed)

[Root @ localhost ~] # Service vsftpd start

Start vsftpd For vsftpd: [OK]

[Root @ localhost ~] # Ftp 192.168.1.107

Connected to192.168.1.large.

220 (vsFTPd 2.0.5)

530 Please loginwith USER and PASS.

530 Please loginwith USER and PASS.

KERBEROS_V4 rejectedas an authentication type

Name (192.168.1.107: root): anonymous

331 Please specifythe password.

Password:

230 Loginsuccessful.

Remote system typeis UNIX.

Using binary mode totransfer files.

Ftp> bye

221 Goodbye.

[Root @ localhost ~] #

 

 

3. modify the configuration file/etc/vsftpd. conf.

[Root @ localhost ~] # Vi/etc/vsftpd. conf

 

Uncomment or add the following content

Anonymous_enable = YES/NO whether anonymous users are allowed to access

Chroot_list_enable = YES: users cannot leave the main directory.

Chroot_list_file =/etc/vsftpd/chroot_list

Loca_enable = YES/NO can be accessed by local users. Note: If NO is set, all virtual users cannot be accessed due to the following reasons: Virtual users are actually accessed by local users on the host.

Pam_service_name = vsftpd pam Authentication file name in/etc/pam. d/vsftpd

Guest_enable = YES enable the virtual User Function

Guest_username = ftp specifies that the virtual user's host user-centos already has a built-in ftp user (Note: This user is specified in the chroot_list_file =/etc/vsftpd/chroot_list file)

User_config_dir =/etc/vsftpd/vuser_conf set the service configuration file of the virtual user's personal vsftp

(Space is not allowed after this file)

 

4. Check whether db4 db4-utils is installed

[Root @ localhost ~] # Rpm-qa | grep db4 after running the following content shows that you have installed the db_load command (mainly db4-utils)

Db4-devel-4.3.29-10.el5_5.2

Db4-4.3.29-10.el5_5.2

Db4-devel-4.3.29-10.el5_5.2

Db4-4.3.29-10.el5_5.2

Db4-tcl-4.3.29-10.el5_5.2

Db4-utils-4.3.29-10.el5_5.2

[Root @ localhost ~] #

 

Install db4-utils If Not Installed

4.1 install db4-utils

[Root @ localhost ~] # Yum-y install db4-utils

 

5. Create the chroot_list_file =/etc/vsftpd/chroot_list File

[Root @ localhost ~] # Vi/etc/vsftpd/chroot_list (edit the file to write the value of guest_username in/etc/vsftpd. conf to the file. In this example, ftp is used)

Or directly follow the steps below

[Root @ localhost ~] # Touch/etc/vsftpd/chroot_list

[Root @ localhost ~] # Echoftp>/etc/vsftpd/chroot_list (here ftp also serves as the value of guest_username in/etc/vsftpd. conf)

 

 

6. Create a virtual user directory (Password text)

[Root @ localhost ~] # Vi/etc/vsftpd/vftpuser.txt x (odd behavior username, even behavior password)

Add the following content in this article (use the cat command to view details)

[Root @ localhost ~] # Cat/etc/vsftpd/vftpuser.txt x

Zz

Aaaaa

Ftp1

Zzzzz

[Root @ localhost ~] #

 

7. Generate the database file of the virtual user

[Root @ localhost ~] # Db_load-T-t hash-f/etc/vsftpd/vftpuser.txt x/etc/vsftpd/vftpuser. db

 

8. Generate Authentication Files for virtual users

[Root @ localhostvsftpd] # vi/etc/pam. d/vsftpd

 

# % PAM-1.0

Session optional pam_keyinit.so force revoke

Auth required pam_listfile.so item = user sense = denyfile =/etc/vsftpd/ftpusers onerr = succeed

Auth required pam_shells.so

Auth include system-auth

Account include system-auth

Session include system-auth

Session required pam_loginuid.so

 

Comment out all the content in/etc/pam. d/vsftpd and do not require local user authentication.

Pay special attention to the following differences:
For 32-bit systems, add the following two sentences:
Auth required pam_userdb.so db =/etc/vsftpd/vftpuser
Account required pam_userdb.so db =/etc/vsftpd/vftpuser
Add the following sentence to a 64-bit system:
Auth required/lib64/security/pam_userdb.so db =/etc/vsftpd/vftpuser

Account required/lib64/security/pam_userdb.sodb =/etc/vsftpd/vftpuser

 

Note: vftpuser in db =/etc/vsftpd/vftpuser is the db file of your generated virtual user.

 

9. Create a configuration file for each virtual user. The path of the configuration file is in/etc/vsftpd. conf.

User_config_dir =/etc/vsftpd/vuser_conf path

Create a file named by user name under/etc/vsftpd/vuser_conf/(the name is an odd number of lines under/etc/vsftpd/vftpuser.txt x)

 

[Root @ localhostvsftpd] # cat/etc/vsftpd/vftpuser.txt x

Zz

Aaaaa

Ftp1

Zzzzz

 

[Root @ localhostvsftpd] # mkdir vuser_conf

[Root @ localhostvsftpd] # vi/etc/vsftpd/vuser_conf/zz

 

The content is as follows:

Local_root =/var/www (the root directory of the virtual user is modified according to the actual situation)
Write_enable = YES (writable)
Download_enable = YES
Anon_world_readable_only = NO
Anon_upload_enable = YES
Anon_mkdir_write_enable = YES
Anon_other_write_enable = YES
Local_umask = 022

 

10. Grant the folder permission (otherwise, the upload permission cannot be customized. You can set the permission to 777)

[Root @ localhostvsftpd] # chmod 777/var/www/

 

11. Restart vsftpd

[Root @ localhostvsftpd] # service vsftpd restart

 

This installation configuration is complete. If the connection is reset by the same-bit body or other errors occur, check the current mode of SELinux.

 

 

12. logon Test

[Root @ localhost vsftpd] # ftp192.168.1.107

Connected to 192.168.1.107.

220 (vsFTPd 2.0.5)

530 Please login with USER and PASS.

530 Please login with USER and PASS.

KERBEROS_V4 rejected as anauthentication type

Name (192.168.1.107: root): zz

331 Please specify the password.

Password:

500 OOPS: cannot changedirectory:/var/www

Login failed.

Ftp>

 

View Method

[Root @ localhost vsftpd] # getenforce

Enforcing)

Close method: [root @ localhost vsftpd] # setenforce 0 (0 | 1 on | off)

 

Test logon again

[Root @ localhost vsftpd] # chmod 777/var/www/

[Root @ localhost vsftpd] # ftp192.168.1.107

Connected to 192.168.1.107.

220 (vsFTPd 2.0.5)

530 Please login with USER and PASS.

530 Please login with USER and PASS.

KERBEROS_V4 rejected as anauthentication type

Name (192.168.1.107: root): zz

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

Ftp>

 

View the number of system commands

[Root @ bogon ~] # Getconf LONG_BIT

64 (64 | 32)

Vsftp installation Configuration

 

1. Check whether vsftp is installed.
Rpm-qa | grep vsftpd
If a vsftpd-2.0.5-16.el5_5.1 appears, vsftp is installed.

Install vsftp

Yum-y install vsftpd

 

2. test whether the installation is successful (change the ip address to your own. Do not use your logon password as the anonymous logon user: The anonymous password is blank. If the logon succeeds, the following content indicates that vsftpd is successfully installed)

[Root @ localhost ~] # Service vsftpd start

Start vsftpd For vsftpd: [OK]

[Root @ localhost ~] # Ftp 192.168.1.107

Connected to192.168.1.large.

220 (vsFTPd 2.0.5)

530 Please loginwith USER and PASS.

530 Please loginwith USER and PASS.

KERBEROS_V4 rejectedas an authentication type

Name (192.168.1.107: root): anonymous

331 Please specifythe password.

Password:

230 Loginsuccessful.

Remote system typeis UNIX.

Using binary mode totransfer files.

Ftp> bye

221 Goodbye.

[Root @ localhost ~] #

 

 

3. modify the configuration file/etc/vsftpd. conf.

[Root @ localhost ~] # Vi/etc/vsftpd. conf

 

Uncomment or add the following content

Anonymous_enable = YES/NO whether anonymous users are allowed to access

Chroot_list_enable = YES: users cannot leave the main directory.

Chroot_list_file =/etc/vsftpd/chroot_list

Loca_enable = YES/NO can be accessed by local users. Note: If NO is set, all virtual users cannot be accessed due to the following reasons: Virtual users are actually accessed by local users on the host.

Pam_service_name = vsftpd pam Authentication file name in/etc/pam. d/vsftpd

Guest_enable = YES enable the virtual User Function

Guest_username = ftp specifies that the virtual user's host user-centos already has a built-in ftp user (Note: This user is specified in the chroot_list_file =/etc/vsftpd/chroot_list file)

User_config_dir =/etc/vsftpd/vuser_conf set the service configuration file of the virtual user's personal vsftp

(Space is not allowed after this file)

 

4. Check whether db4 db4-utils is installed

[Root @ localhost ~] # Rpm-qa | grep db4 after running the following content shows that you have installed the db_load command (mainly db4-utils)

Db4-devel-4.3.29-10.el5_5.2

Db4-4.3.29-10.el5_5.2

Db4-devel-4.3.29-10.el5_5.2

Db4-4.3.29-10.el5_5.2

Db4-tcl-4.3.29-10.el5_5.2

Db4-utils-4.3.29-10.el5_5.2

[Root @ localhost ~] #

 

Install db4-utils If Not Installed

4.1 install db4-utils

[Root @ localhost ~] # Yum-y install db4-utils

 

5. Create the chroot_list_file =/etc/vsftpd/chroot_list File

[Root @ localhost ~] # Vi/etc/vsftpd/chroot_list (edit the file to write the value of guest_username in/etc/vsftpd. conf to the file. In this example, ftp is used)

Or directly follow the steps below

[Root @ localhost ~] # Touch/etc/vsftpd/chroot_list

[Root @ localhost ~] # Echoftp>/etc/vsftpd/chroot_list (here ftp also serves as the value of guest_username in/etc/vsftpd. conf)

 

 

6. Create a virtual user directory (Password text)

[Root @ localhost ~] # Vi/etc/vsftpd/vftpuser.txt x (odd behavior username, even behavior password)

Add the following content in this article (use the cat command to view details)

[Root @ localhost ~] # Cat/etc/vsftpd/vftpuser.txt x

Zz

Aaaaa

Ftp1

Zzzzz

[Root @ localhost ~] #

 

7. Generate the database file of the virtual user

[Root @ localhost ~] # Db_load-T-t hash-f/etc/vsftpd/vftpuser.txt x/etc/vsftpd/vftpuser. db

 

8. Generate Authentication Files for virtual users

[Root @ localhostvsftpd] # vi/etc/pam. d/vsftpd

 

# % PAM-1.0

Session optional pam_keyinit.so force revoke

Auth required pam_listfile.so item = user sense = denyfile =/etc/vsftpd/ftpusers onerr = succeed

Auth required pam_shells.so

Auth include system-auth

Account include system-auth

Session include system-auth

Session required pam_loginuid.so

 

Comment out all the content in/etc/pam. d/vsftpd and do not require local user authentication.

Pay special attention to the following differences:
For 32-bit systems, add the following two sentences:
Auth required pam_userdb.so db =/etc/vsftpd/vftpuser
Account required pam_userdb.so db =/etc/vsftpd/vftpuser
Add the following sentence to a 64-bit system:
Auth required/lib64/security/pam_userdb.so db =/etc/vsftpd/vftpuser

Account required/lib64/security/pam_userdb.sodb =/etc/vsftpd/vftpuser

 

Note: vftpuser in db =/etc/vsftpd/vftpuser is the db file of your generated virtual user.

 

9. Create a configuration file for each virtual user. The path of the configuration file is in/etc/vsftpd. conf.

User_config_dir =/etc/vsftpd/vuser_conf path

Create a file named by user name under/etc/vsftpd/vuser_conf/(the name is an odd number of lines under/etc/vsftpd/vftpuser.txt x)

 

[Root @ localhostvsftpd] # cat/etc/vsftpd/vftpuser.txt x

Zz

Aaaaa

Ftp1

Zzzzz

 

[Root @ localhostvsftpd] # mkdir vuser_conf

[Root @ localhostvsftpd] # vi/etc/vsftpd/vuser_conf/zz

 

The content is as follows:

Local_root =/var/www (the root directory of the virtual user is modified according to the actual situation)
Write_enable = YES (writable)
Download_enable = YES
Anon_world_readable_only = NO
Anon_upload_enable = YES
Anon_mkdir_write_enable = YES
Anon_other_write_enable = YES
Local_umask = 022

 

10. Grant the folder permission (otherwise, the upload permission cannot be customized. You can set the permission to 777)

[Root @ localhostvsftpd] # chmod 777/var/www/

 

11. Restart vsftpd

[Root @ localhostvsftpd] # service vsftpd restart

 

This installation configuration is complete. If the connection is reset by the same-bit body or other errors occur, check the current mode of SELinux.

 

 

12. logon Test

[Root @ localhost vsftpd] # ftp192.168.1.107

Connected to 192.168.1.107.

220 (vsFTPd 2.0.5)

530 Please login with USER and PASS.

530 Please login with USER and PASS.

KERBEROS_V4 rejected as anauthentication type

Name (192.168.1.107: root): zz

331 Please specify the password.

Password:

500 OOPS: cannot changedirectory:/var/www

Login failed.

Ftp>

 

View Method

[Root @ localhost vsftpd] # getenforce

Enforcing)

Close method: [root @ localhost vsftpd] # setenforce 0 (0 | 1 on | off)

 

Test logon again

[Root @ localhost vsftpd] # chmod 777/var/www/

[Root @ localhost vsftpd] # ftp192.168.1.107

Connected to 192.168.1.107.

220 (vsFTPd 2.0.5)

530 Please login with USER and PASS.

530 Please login with USER and PASS.

KERBEROS_V4 rejected as anauthentication type

Name (192.168.1.107: root): zz

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

Ftp>

 

View the number of system commands

[Root @ bogon ~] # Getconf LONG_BIT

64 (64 | 32)

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.