FTP File Transfer service deployed in RHEL 5 (i)

FTP typical C/s structure of the Application layer protocol, need to have server software and client software two parts together to achieve file transfer function.

1, FTP connection and transmission mode

The FTP server uses the TCP protocol's 20, 21 ports to communicate with the client by default. Port 20 is used to establish a data connection. and transmits the file data; 21 ports are used to establish a control connection and to transmit FTP control commands.

Active mode: The server initiates the data connection actively. First, the client to the server's 21 port to establish an FTP control connection, when the need to transfer data, the client to the ROTR command told the servers "I opened a port, you to connect me", so the server from 20 ports to the client's port to send the request and establish a data connection.

Passive mode: The server is passively waiting for data connections. First by the client to the server 21 port to establish an FTP control connection, when the need to transfer data, the server to the PASV command to inform the client "I opened a port, you to connect me." The client then sends a request and establishes a data connection to the server's port (not 20).

2. FTP User type

Anonymous User: The user name is FTP or anonymous, and any password, including a blank password, can be logged into FTP.

Local User: Use the native system user account directly to log in to FTP.

Virtual User: Log on to FTP using the FTP server software in a separate user database file for the virtual user.

3, VSFTPD configuration file

The VSFTPD can be installed using the RPM command, VSFTPD software in the server directory on the system CD.

[Root@localhost/] #rpm-ivh/media/server/vsftpd-2.0.5-12.el5.i386.rpm

The VSFTPD profile defaults to the "/etc/vsftpd/" directory, including the user list file (ftpusers, user_list), and the primary configuration file (vsftpd.conf).

User list configuration file

Ftpusers: Users listed in this file will prohibit logging on to the VSFTPD server, regardless of whether the user appears in the User_list file.

User_list: This file contains users who may be prevented from logging in or may be allowed to log on, depending on the settings in the main configuration file vsftpd.conf.

Primary configuration file vsftpd.conf

In the VSFTPD master configuration file, the configuration line is formatted with the configuration item = parameter.

Common global configuration entries are as follows:

Listen=yse: Whether to monitor services in a stand-alone manner

listen_address=0.0.0.0: Set IP address to listen for FTP service

LISTEN_PORT=21: Set the port number to listen for the FTP service

Write_enable=yes: Enable any form of write permission, need to open

Download_enable=yes: Whether to allow downloading, need to open

Dirmessage_enable=yse: User Switching into Directory is displayed. Message (if present) the contents of the file

Xferlog_enable=yes: Enable Xferlog log, default record to "/var/log/xferlog"

Xferlog_std_format=yes: Enable Xferlog standard log format, if disabled this will use VSFTPD own format.

Connect_from_port_20=yes: Allow server active mode (data connection from Port 20)

Pasv_enable=yes: Allow passive mode connection

PASV_MAX_PORT=24600: Set maximum server port for user passive mode

PASV_MIN_PORT=24500: Set the server minimum port for user passive mode

PAM_SERVICE_NAME=VSFTPD: Set the location of the Pam file for user authentication

Userlist_enable=yes: Enable Suer_list user Class table file

Userlist_deny=yes: Do you want to disable the user account in the User_list list file

Max_clients=0: How many clients are allowed to connect at the same time (0 unrestricted)

Max_per_ip=0: For clients from the same IP address. Maximum number of concurrent connections allowed (0 unrestricted)

Tcp_wrappers=yes: Whether to enable Tcp_wrappers host access control

Common Anonymous User Configuration entries are as follows: