Environment configuration of vsftpd in Linux [Partially original]

Source: Internet
Author: User

Vsftpd is a Linux server, which brings us great convenience. After installing the Linux system environment lnmp, We need to install vsftpd. After installing it with Yum, we need to add users, by default, there is a WWW user. You can also set a password for WWW directly. The configuration file in vsftd should be removed from the Ning name. This is because of security considerations. The following describes the specific operation steps, if you encounter any problems during the installation process, contact me, QQ: 672464535

If anyone buys a Linux server, they can choose the http://www.linode.com from below /? R = 8c1625234230ebf93d19d29c7adeaec3ffa91fff linode although the server is expensive, there is nothing to say about stability. You can find out after searching Baidu. There are four rooms to choose from, this greatly facilitates your customers.

 

I. Introduction to vsftpd II. vsftpd solution III for Enterprise Linux; vsftpd configuration file I. vsftpd Description: vsftp (very secure FTP daemon, very secure FTP Server ). As the name suggests, the starting point of vsftpd design is security. At the same time, with the continuous upgrade of the version, vsftpd also takes the performance and stability

1. vsftpd Overview
Ii. Enterprise Linux vsftpd Solution
Iii. vsftpd configuration files
I. Brief Introduction to vsftpd:
Vsftp (very secure FTP daemon, a very secure FTP Server ). As the name suggests, the starting point of vsftpd design is security. At the same time, with the continuous upgrade of the version, vsftpd has made great progress in performance and stability. In addition to excellent security and performance, there are also good usability. Red Hat uses vsftpd on its FTP Server (ftp.redhat.com ).
Ii. Practical vsftpd solution in Enterprise Linux
Requirements:
1. User: netseek_com; ftp: ftp.netseek.com (192.168.0.21, I have configured the relevant DNS)
2. Prohibit anonymous login and prohibit users from leaving the user directory.
3. Use 5021 as the Command Channel port and 5020 as the Data Channel port (you can change it to the port you want to set, for example)
4. The range of ports allowed to be used in passive mode is 10010 ~ 10020.
5. the user bandwidth is set to 300 KPS, the user space is limited to m, and a buffer of 10 MB is allowed within the grace period.
The procedure is as follows:
To fully describe the entire installation process, I configured it on my other host (netseek), bound 192.168.0.21 to the IP address 192.168.0.20 of the server, and configured the relevant DNS resolution, for more information, see "Linux all-around Web Server Setup ".
1. Configure Related Services
Start the service:
[Root @ netseek root] # rpm-Qa | grep vsftpd; check whether the vsftpd service is installed.
#/Etc/init. d/vsftpd start; start the service
# Chkconfig vsftpd on; Enable system services as the system starts
Configuration documents:
# Vi/etc/vsftpd. conf
Prohibit anonymous user access:
Anonymous_enable = Yes, change Yes to no
Add the following settings at the end of the file:
# New added by netseek
Listen_port = 5021; Command Channel port; default value: 21
Listen_data_port = 5020; Data Channel port; default value: 20
Pasv_enable = yes; allow Passive Mode
Pasv_min_port = 10000; port range used in passive mode
Pasvanderbilt max_port = 10010
Local_max_rate = 200000; user bandwidth limit
Chroot_local_user = yes; disable the user to exit the main directory
Listen_address = 192.168.0.21; let him listen to IP Address: 192.168.0.21
Note: Do not add ";" and these Chinese notes during the adding process. I will add them here for your convenience.
2. Add a VM user
Add the user netseek_com and specify the user directory as/var/www/netseek.com. the user cannot log on to the system.
# Mkdir/var/www/netseek.com
# Useradd-S/sbin/nologin-D/var/www/netseek.com netseek_com
Note that-S/sbin/nologin makes it unable to log on to the system.-D specifies the user directory as/var/www/netseek.com.
# Passwd netseek_com (do not hack me 3ks) dnhm3ks this is my set password smile
# Chown-r netseek_com: netseek_com/var/www/netseek.com
Note: Set all and groups of User Directories and Their subdirectories to netseek_com.
3. Configure the disk quota
During installation, I have multiple partitions on the disk, including/home,/var,/,/WWW, TMP, swap, And/boot. We recommend that you split the disk into multiple independent partitions to reduce the risk of data loss caused by disk partition corruption.
# [Root @ netseek root] # rpm-Qa | grep quota
Quota-3.06-9; my system has installed the disk quota Tool
# Vi/etc/fstab
Find similar
Label =/var ext3 defaults 1 2
After ults, add usrquota as follows:
Label =/var ext3 defaults, usrquota 1 2
Reload the/var partition:
# Mount-O remount/var
# Cd/var enter this directory
# Touch quota. User
# Chmod 600 quota. User
# Quotacheck-MF/var forcibly checks disk partition space usage
[Root @ localhost var] # quotacheck-MF/var
Quotacheck: Warning-quotafile/var/quota. User was probably truncated. Can't save quota settings...
Restart the system

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.