Detailed configuration of linux ftp service

Source: Internet
Author: User
For details about the linux ftp service configuration-Linux Enterprise Application-Linux server application, see the following. Original: wanghaovip

The following is the basic configuration of ftp in linux in a Virtual Machine (redhat AS 4.0 is used AS an example ):
First, install the vsftp package in linux.
Rpm-qa | gerp vsftpd // find whether vsftpd is installed
Vsftpd-2.0.1-5.i386.rpm if not installed (on the first disc)
In linux, an important point is to mount the optical drive mount/media/cdrom.
Here we do not need to install the source code. Use rpm for Installation
# Rpm-ivh vsftpd-2.0.1-5.i386.rpm
The installation is completed here.
Service vsftpd start vsftpd service
If no ftp address is set, the ftp address can be accessed anonymously.
Note: if you cannot access the firewall, disable the firewall for linux:
Iptables-F clear firewall
After ftp is installed, several files will be generated:
/Etc/vsftpd. conf main configuration file
/Etc/vsftpd. ftpusers specifies which users cannot access the FTP server
Whether the user specified in the/etc/vsftpd. user_list file can access the ftp server is determined by the value of userlist_deny In the vsftpd. conf file.
These files are used to control the entire ftp and prohibit the user's permission configuration...
Next we will set up a core vsftpd file.
# Cd/etc/vsftpd. conf this is the core configuration file of vsftpd.
Anonymous_enable = YES/no whether anonymous users are allowed to log on
Anonymous_enable = yes/no whether file upload is allowed anonymously
Local_enable = YES/no whether local users are allowed to log on
Write_enable = YES/no whether local user upload is allowed
Guest_enable = yes/no whether virtual user login is allowed;
Local_mask = 022 set the local user's file generation mask to 022, default value: 077
Dirmessage_enable = YES: displays the content of the. message implicit file when switched to the directory.
Xferlog_enable = YES activate upload and download logs
Connect_from_port_20 = YES Enable FTP data port connection
Pam_service_name = vsftpd: Set the name of the configuration file for the PAM Authentication Service, which is stored in the/etc/pam. d directory.
Userlist_enable = YES allow users in the vsftpd. user_list file to access the server
Userlist_deny = YES deny access to the server from users in the vsftpd. user_list File
Listen = YES/no whether exclusive startup mode is used (this is important)
Tcp_wrappers = YES/no whether tcp_wrappers is used as the host Access Control Method
These settings are the most important. (This is generally the default one, not too understandable)
You can set the following settings:
Ftpd_banner = welcome to ftp service
Idle_session_timeout = 60 after a remote client connection is restricted, the duration of the established control connection will be interrupted (in seconds) If no operation is performed)
Data_connection_timeout = 120 set the idle data interruption time for the client during Data Transmission
Accept_timeout = 60 specifies how long the connection will be automatically Established
Connect_timeout = 60 sets the maximum activation time of the data connection, and how long it will take to disconnect, which is used by others;
Max_clients = 200 indicates that the total number of concurrent client connections on the server is 200
Max_per_ip = 3 indicates the maximum number of connections for each client is 3.
Local_max_rate = 50000 (50 kbytes/sec)
Anon_max_rate = 30000 set the maximum transmission rate for local and anonymous users
Pasv_min_port = port
Pasv-max-prot = the port number defines the maximum and minimum ports. If it is set to 0, it indicates any port;
Listen_address = the IP address used by the ftp service to listen to. Which address can the client use for connection;
Listen_port = set the port number for FTP. The default value is 21.
Chroot_local_user = YES. All local users can use chroot.
Chroot_local_user = NO specifies that the user can chroot
Chroot_list_enable = YES
Chroot_list_file =/etc/vsftpd. chroot_list (only the specified user in/etc/vsftpd. chroot_list can execute)
Local_root = path: Specifies the main directory of the Logon account, regardless of which user can log on. If this parameter is not specified, each user enters the home directory of the individual user;
Chroot_local_user = yes/no: whether to lock the home Directory of the local system account user (all); after the lock, the user can only access the user's home directory/home/user, and cannot use the cd command to go up; only down;
Chroot_list_enable = yes/no: Lock the main directory (partial) of the user in the specified file. File:/chroot_list_file = path;
Userlist_enable = YES/NO whether to load the user list file;
Userlist_deny = YES indicates whether the user loaded above can refuse to log on;
Userlist_file =/etc/vsftpd. user_list list file
These are advanced settings. You can change it as appropriate.
# Vi/etc/hosts. allow
Vsftpd: 192.168.5.128: DENY setting this IP address cannot access the ftp service (vsftpd supports the tcp_wrappers host access control mode in the exclusive Startup Mode)
Time limit:
# Cp/usr/share/doc/vsftpd-1.1.3/vsftpd. xinetd/etc/xinetd. d/vsftpd
# Vi/etc/xinetd. d/vsftpd/
Modify disable = no
Access_time = hour: min-hour: min (add the access configuration time limit (Note: it corresponds to listen = NO in vsftpd. conf)
For example, access_time =-Am indicates that only these two periods can access the ftp
Ftp configuration is basically the only one. Thank you for watching.
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.