Detailed tutorial on setting up FTP service in centos 7 and setting up ftp in centos 7
Centos7 build FTP service detailed tutorial. 1. Download and install vsftpd
[root@CentOS ftp]# yum -y install vsftpd
2. Open Port 21
[Root @ CentOS ~] # Firewall-cmd -- zone = public -- add-port = 21/tcp -- permanent ???? # Add port 21 success [root @ CentOS ~] # Firewall-cmd -- reload ???????? # Reload success [root @ CentOS ~] # Firewall-cmd -- zone = public -- list-ports ???? # View all opened ports 21/tcp 3690/tcp 3306/tcp ???? # You can see that port 21 is open [root @ CentOS ~] #
3. Start the vsftpd service
[Root @ CentOS ~] # Systemctl start vsftpd. service ???? # Start the vsftpd service [root @ CentOS ~] # Ps-ef | grep vsftpd ???????????????? # Check whether the vsftpd process has a root 3753 1 0? 00:00:00/usr/sbin/vsftpd/etc/vsftpd. confroot 3758 3494 0 00:00:00 pts/0 grep -- color = auto vsftpd [root @ CentOS ~] #
4. Use FileZilla in windows for client Testing
(1) first, set the transmission mode to the active mode.
(2) test Anonymous logon.
As shown above, anonymous users have successfully logged on. The default home directory is/var/ftp. You can see that there is a pub directory in this directory.
[Root @ CentOS ~] # Ls-l/var/ftp total usage 0drwxr-xr-x. 2 root 6 August 3 2017 pub ???? # Confirm that the pub directory already exists [root @ CentOS ~] #
Next, you can set the real user account.
5. Configure selinux
By default, CentOS FTP does not allow the real account to log on to obtain the user's home directory data, which is caused by SELinux.
[Root @ CentOS ~] # Getsebool-a | grep ftp ???? # View ftp-related selinux policy rules ftpd_anon_write --> disable --> offftpd_connect_db --> offftpd_full_access --> disable --> offftpd_use_nfs --> disable --> offtftp_home_dir --> off [root @ CentOS ~] # Setsebool-P tftp_home_dir = 1 ???? # Set the tftp_home_dir rule to 1
6. Create an ftp account
Create a user that cannot log on to the system, but can only log on to the ftp service.
[Root @ CentOS ~] # Useradd ftpuser-s/sbin/nologin ???? # Add User ftpuser [root @ CentOS ~] # Passwd ftpuser ???????????????????????? # Set Password
7. Configure vsftpd. conf. The main configuration items are as follows # prohibit anonymous users from logging on
Anonymous_enable = NO? ??
# Configure information related to the real user, which can be written
Userlist_enable = YES
Userlist_deny = NO
Userlist_file =/etc/vsftpd/user_list
Only the above information items are configured because I want only some users to use FTP, but users directly added cannot use the FTP service by default. For more information about the configuration of this file, run the man 5 vsftpd. conf command.
8. Add the ftpuser user to the/etc/vsftpd/user_list file. The edited content is as follows:
[Root @ CentOS ~] # Cat/etc/vsftpd/user_list # vsftpd userlist # If userlist_deny = NO, only allow users in this file # If userlist_deny = YES (default), never allow users in this file, and # do not even prompt for a password. # Note that the default vsftpd pam config also checks/etc/vsftpd/ftpusers # for users that are denied. # root # bin # daemon # adm # lp # sync # shutdown # halt # mail # news # uucp # operator # games # nobodyftpuser ???????????? # Only ftpuser users can use the FTP service. Other users cannot use the FTP service (Annotated users) [root @ CentOS ~] #
As shown above, the user who writes/etc/vsftpd/user_list will be able to use the FTP account. Therefore, if you want to use FTP, you must write the file.
9. Restart the vsftpd service.
[root@CentOS ~]# systemctl restart vsftpd.service[root@CentOS ~]# ps -ef | grep vsftpdroot 4568 1 0 19:51 ? 00:00:00 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.confroot 4573 3494 0 19:51 pts/0 00:00:00 grep --color=auto vsftpd[root@CentOS ~]#
10. Use FileZilla again for testing
As shown above, the user ftpuser is successfully logged on. The default user home directory is/home/ftpuser.
11. Set the vsftpd service to start upon startup.
[root@CentOS ~]# systemctl enable vsftpd.service Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.[root@CentOS ~]#