FTP file server upload download case

Source: Internet
Author: User
Tags ftp file filezilla

VSFTPD is very secure FTP daemon (very secure FTP daemon)

21-Port Control connection

20-Port Data connection


After installing VSFTPD on Linux

Both the default anonymous user and local user can log on

Anonymous user Login to/var/ftp, cannot upload and download

Local user Login to local user's home directory, can upload and download


Linux Client (192.168.2.2)

-------RHEL5.9 (Vmnet1)--------(VMNET1)

192.168.2.1 Win7 Client (192.168.2.3)


Lab Requirement 1:

Configure FTP services that can be uploaded anonymously


VSFTPD Configuration

1. Check if the package is installed

#rpm-Q VSFTPD


2. Install the Package

#cd/misc/cd/server

#rpm-IVH vsftpd.2.0.5-28.e15x86_64.rpm


3. Modify the master configuration file

#vi/etc/vsftpd/vsftpd.conf

...

Anon_upload_enables=yes

...

Anon_mkdir_write_enable=yes

Anon_other_write_enable=yes

...

: Wq


4. Set permissions for the folder to be uploaded anonymously

#setfacl-M u:ftp:rwx/var/ftp/pub

#getfacl/var/ftp/pub


4. Start the service

#service vsftpd Restart

#chkconfig vsftpd on


5. Client-side testing (Win7)

Explorer Access://192.168.2.1

command-line access to the FTP 192.168.2.1

Test with FileZilla Client



Restore the experimental environment

#vi/etc/vsftpd/vsftpd.conf

...

#27 Anon_upload_enables=yes

...

#31 Anon_mkdir_write_enable=yes

#32 Anon_other_write_enable=yes

...

: Wq




Lab Requirement 2:

Configure Local users to access the FTP service, denying anonymous user access

Verify the black and white list and restore the environment after verification is complete


1, package installation, a little ...


2. Add user, set password

#useradd Mike.

#useradd Kaka

#useradd Lily

#echo "123456" | passwd--stdin Mike

#echo "123456" | passwd--stdin Kaka

#echo "123456" | passwd--stdin Lily

3. Modify the master configuration

#vi/etc/vsftpd/vsftpd.conf

...

12anonymous_enable=no #拒绝匿名用户登录

...


: Wq


4. Set blacklist

#vi/etc/vsftpd/ftpusers #测试黑名单文件的黑名单, no need to restart service

Lily

: Wq


5. Verify black and white list file blacklist

#vi/etc/vsftpd/user_list #测试黑白名单文件的黑名单, the client cannot log on and does not need to restart the service

Kaka

: Wq


6. Verify white list of black and white list files

#vi/etc/vsftpd/vsftpd.conf

Userlist_deny=no #在文档中添加这一行, only allow users inside the user_list to access

: Wq


7. Restart Service

#service vsftpd Restart


8. Client Testing (WIN7)

Win7doc Command-line test

FTP 192.168.2.1


9, the experimental environment to restore, a little ...



Questions:

The system has lily, Mike, Kaka users, please close the following situations, who can log in FTP. (Rejection is greater than all, refusal takes precedence)

#grep lily/etc/vsftdp/ftpusers

Lily

#grep mike/etc/vsftpd/user_list

Mike

#grep userlist_deny/etc/vsftpd/vsftpd.conf

Userlist_deny=no




Lab Requirement 3:

Imprison ordinary users in their own home directory

Change the anonymous user's site to/data/anon_pub

Change the local user's site to/data/local_pub

Set Anonymous user download rate 50kb/s, local user 100b/s

Up to 20 concurrent, up to 2 concurrent per IP address

1. Package Installation

Process a little ...


2. Modify the master configuration file

#vi/etc/vsftpd/vsftpd.conf

...

121chroot_local_user=yes #增加此行即可禁锢普通用户在自已的主目录里面

122anon_root=/data/anon_pub #更改匿名用户根目录

123local_root=/data/local_pub #更改本地用户根目录

124anon_max_rate=50000

125local_max_rate=100000

126max__clients=20

127max_per_ip=2

...

: Wq


#mkdir-P/data{anon_pub,local_pub}

#touch/data/anon_pub/anon_file1

#touch/data/local_pub/local_file1

#dd If=/dev/zero of=/data/anon_pub/anon_db bs=10m count=200

#dd If=/dev/zero of=/data/local_pub/local_db bs=10m count=200


3. Restart the service

#service vsftpd Restart


4. Client Testing

#wget ftp://192.168.2.1/anon_db #在linux下, test the download rate of anonymous users with wget download file

#wget ftp://kaka:[email protected]/local_db #在linux下, test normal user download rate with wget download file

FileZilla Client Test #测试下载速率

Win7doc (Command-line test) #测试禁锢普通用户的主目录和本地用户的站点


5, the experiment restores, slightly ...




Lab Requirement 4:

Build an FTP that is only allowed to be uploaded? Deny anonymous user login?

1, install the package, a little ...


2. Modify the master configuration file

#vi/etc/vsftpd/vsftpd.conf

...

12anonymous_enable=no #拒统匿名用户登陆

22local_umask=777 #让上传的文件没有权限导致不能下载

...

: Wq


3. Restart Service

#service vsftpd Restart


5. Client Testing

ftp://192.168.2.1 #Win7下, open the Explorer




Common commands for FTP under Win7 and Linux command lines

FTP 192.168.2.1

FTP #输入用户名

Ftp>? #敲问, get more orders, show them.

FTP>LCD #切换到本地文件夹

Ftp>!dir #查看当前的文件夹的内容

Ftp>put #上传文件

Ftp>get #下载文件


Hope to communicate with the technology can be contacted by the following ways to me:

My OPS group: 517751492

My qq:1934844044.

This article is from the "Technology sharing" blog, so be sure to keep this source http://wsyht2015.blog.51cto.com/9014030/1717060

FTP file server upload download case

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.