1. Check whether vsftp is installed in the current Linux system.
The code is as follows: |
Copy code |
[Root @ localhost ~] # Rpm-qa | grep vsftpd
|
// If no output content exists, vsftp is not installed in linux.
2. Install the vsftpd server
Extract the rpm package from the server/folder of the redhat or centos installation Image package. (Vsftpd-2.0.5-12.el5.i386.rpm in RHEL5.3, copy it to the root's home through vmtools, and then execute the following command:
The code is as follows: |
Copy code |
[Root @ localhost ~] # Rpm-ivh vsftpd-2.0.5-10.el5.i386.rpm |
3. Configure the vsftpd server
Vsftp-related configuration files are all in the/etc/vsftpd Directory. How to view its default files:
The code is as follows: |
Copy code |
[Root @ localhost ~] # Ll/etc/vsftpd Total 40 -Rw-r -- 1 root 6 Mar 14 0:28 chroot_list -Rw ------- 1 root 125 Dec 13 2007 ftpusers -Rw ------- 1 root 361 Dec 13 2007 user_list -Rw-r -- 1 root 6 Mar 14 23: 21 user. list -Rw ------- 1 root 4392 Mar 15 0:07 vsftpd. conf -Rwxr -- r -- 1 root 338 Dec 13 2007 vsftpd_conf_migrate.sh |
Vsftpd. conf is the core configuration file of vsftp, user. list is the list of permitted users, while ftpusers is the list of prohibited users (such as the root account). You can get a rough idea about it. The following describes how to configure the vsftpd server.
The code is as follows: |
Copy code |
[Root @ localhost ~] # Vi/etc/vsftpd. conf // There are many configuration points in it. We only need to check Anonymous_enable = YES (whether anonymous user anonymous is allowed to log on to FTP without a password) Local_enable = YES (whether to allow local users to log on. What is a local user? For example, you will be asked to enter an account when installing linux, and the blogger is vfhky) Write_enable = YES (write permission for local users) // Other options: Chroot_list_enable = YES Chroot_list_file =/etc/vsftpd/chroot_list
|
// If this function is enabled, all local accounts can log on to FTP and access other directories except their root directories. In addition to the user specified in the/etc/vsftpd. chroot_list file, the default value is NO. Here, select YES.
4. Add an ftp account test1
Point it to the/home/wwwroot/ftpuser1 directory, and disable SSH access: create the wwwroot/ftpuser1 folder in/home/, and then
The code is as follows: |
Copy code |
[Root @ localhost ~] # Userdel-r test1 [Root @ localhost ~] # Useradd-d/home/wwwroot/ftpuser1-g ftp-s/sbin/nologin test1 (restrict test1 to/home/wwwroot/ftpuser1) [Root @ localhost ~] # Passwd test1 (set password) Changing password for user test1. New UNIX password: Bad password: it is too short Retype new UNIX password: Passwd: all authentication tokens updated successfully.
|
5. Configure the firewall
The code is as follows: |
Copy code |
[Root @ localhost ~] # Vi/etc/sysconfig/iptables // Add the following code before the REJECT line: -A RH-Firewall-1-INPUT-m state-state NEW-m tcp-p tcp-dport 21-j ACCEPT // (because the default FTP port is 21) // Save and close the file and restart the firewall [Root @ localhost ~] # Service iptables restart |
6. Commands for managing vsftpd services
View vsftpd status: [root @ localhost ~] # Service vsftpd stauts
Stop the vsftpd service: [root @ localhost ~] # Service vsftpd stop
Restart the vsftpd service: [root @ localhost ~] # Service vsftpd restart
Set vsftpd boot: [root @ localhost ~] # Ntsysv or
[Root @ localhost ~] # Chkconfig -- level 35 vsftpd on
7. Test vsftpd in the current Linux system:
The code is as follows: |
Copy code |
[Root @ localhost ~] # Cd/etc/vsftpd [Root @ localhost ~] # Cd/etc/vsftpd [Root @ localhost vsftpd] # ftp 192.168.198.128 (fill in the FTP host address, you can use [root @ localhost ~] # Ifconfig) Connected to 192.168.198.128. 220 (vsFTPd 2.0.5) 530 Please login with USER and PASS. 530 Please login with USER and PASS. KERBEROS_V4 rejected as an authentication type Name (192.168.198.128: root): test1 331 Please specify the password. Password: 230 Login successful. (logon successful) Remote system type is UNIX. Using binary mode to transfer files. Ftp> pwd 257 "/home/wwwroot/ftpuser1" Ftp> mkdir ftp_data 550 Create directory operation failed) Ftp> mkdir ftp_data 257 "/home/wwwroot/ftpuser1/ftp_data" created Ftp> cd/usr/local 250 Directory successfully changed. Ftp> pwd 257 "/usr/local" Ftp> 221 Goodbye. [Root @ localhost vsftpd] # su-test1 This account is currently not available. (test1 is a virtual user, so you cannot log on to the system) [Root @ localhost vsftpd] # cd/ [Root @ localhost/] # cd ~ [Root @ localhost ~] # Ftp 192.168.198.128 Connected to 192.168.198.128. 220 (vsFTPd 2.0.5) 530 Please login with USER and PASS. 530 Please login with USER and PASS. KERBEROS_V4 rejected as an authentication type Name (192.168.198.128: root): test1 331 Please specify the password. Password: 230 Login successful. (logon successful) Remote system type is UNIX. Using binary mode to transfer files. Ftp> pwd 257 "/home/wwwroot/ftpuser1" Ftp> mkdir test1 257 "/home/wwwroot/ftpuser1/test1" created Ftp> cd/usr/local 250 Directory successfully changed. Ftp> pwd 257 "/usr/local" Ftp> 221 Goodbye. |
8. Test vsftpd in windows:
Win + R open the cmd command and enter
C:/Users/vfhky> ftp 192.168.198.128
The code is as follows: |
Copy code |
Connect to 192.168.198.128. 220 (vsFTPd 2.0.5) User (192.168.198.128 :( none): test1 331 Please specify the password. Password: 230 Login successful. (logon successful) Ftp> pwd 257 "/home/wwwroot/ftpuser1" Ftp> ls 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. Ftp_data Test Test1 226 Directory send OK. Ftp: 23 bytes received, 0.00 KB/second in 23000.00 seconds. |
9. If a 500 OOPS error message is displayed
If the error message "500 OOPS: cannot change directory:/home/wwwroot/ftpuser1" appears, disable SELinux protection settings by running the following command.
The code is as follows: |
Copy code |
[Root @ localhost ~] # Setsebool-P ftpd_disable_trans 1 |