Linux FTP Server Setup

Source: Internet
Author: User
Tags server port

Linux FTP Service

Active Mode Port : The server actively initiates a data connection. The client establishes an FTP data connection to the server port . The server sends data from port to client random port.

Passive Mode PASV : The server is passively waiting for a data connection. Passive mode is used if the client firewall prohibits active mode. The client establishes an FTP data connection to the server port . When data needs to be transferred, the client establishes a data connection to the server's set range of ports (not a ).


Begin:

Shutting down the security system

Setenforce 0

Shutting down the firewall

Service Iptables Stop

    1. 1. Install packages

Mount/dev/cdrom/mnt

rpm-ivh/mnt/packages/vsftpd-2.2.2-11.el6.i686.rpm

    1. 2. Modifying a configuration file

Vi/etc/vsftpd/vsftpd.conf

(1) Anonymous Access

To modify a configuration file statement:

Allow Anonymous access

Anonymous_enable=yes

Upload file Default mask value

local_umask=022

Allow anonymous users to upload files

Anon_upload_enable=yes

Allow anonymous users to create directories, write permissions

Anon_mkdir_write_enable=yes

Allow anonymous users to delete, overwrite, rename

Anon_other_write_enable=yes

Limit the maximum transfer rate for anonymous users

anon_max_rate=10240

Save, start the service

Service VSFTPD Start

(2) Local User Access

Vi/etc/vsftpd/vsftpd.conf

Local_enable=yes allow local users to access

local_root=/var/ftp Set Login FTP Home Directory

Write_enable=yes enabled vsftpd General Service Switch

local_umask=022 User uploads files / Directory Permission Mask

Chroot_local_user=yes lock local account home directory

Save, Service VSFTPD Reload .

Enter the local user account password directly to log in

user_list User list file

Vi/etc/vsftpd/user_list

Enter a local account name, such as Jack

Vi/etc/vsftpd/vsftpd.conf

Userlist_enable=yes Enable user list file

userlist _deny=no white list, only user_list to access the user in the FTP

userlist _deny=yes blacklist, user_list cannot access the user in the FTP

the system defaults to YES

Modify vsftpd Service listening address, Port

Listen=yes allow independent monitoring

listen_address= Monitoring service on only one interface

listen_port= Switch The listening port to

NETSTAT-ANPT | grep "VSFTPD" Confirm vsftpd Monitoring Situation

Pasv_enable=yes Allow passive connections

pasv_min_port=24500 Specify passive mode lower port

pasv_max_port=24600 Specify passive mode upper port

max_clients=20 Limit concurrent client connections up to - a

max_per_ip=2 each IP Maximum number of connections 2 a

anan_max_rate=50000 limiting the rate of anonymous user transfers 50kb/s

local_max_rate=200000 limiting the rate of anonymous user transfers 200kb/s

(3) Virtual user Access FTP

Mount first, install the package

Mount/dev/cdrom/mnt

rpm-ivh/mnt/packages/db4-utils-4.7.25-17.el6.i686.rpm

Create text Format user name password list

vi/etc/vsftpd/vusers Create a named vusers file

t01 set up your account

ABC Password

t02

Abc

Create a database file

cd/etc/vsftpd/

Convert a text file into a database file

Db_load-t-T hash-f vusers vusers.db

Change user account file permissions

chmod 600/etc/vsftpd/vusers

chmod 600/etc/vsftpd/vusers.db

Add a Virtual User mapping account

useradd-d/var/ftproot-s/sbin/nologin vusers User name vusers

Create for virtual users PAM Certification Documents

Vi/etc/pam.d/vsftpd.vu

Auth Required pam_userdb.so Db=/etc/vsftpd/vusers

Account Required Pam_userdb.so Db=/etc/vsftpd/vusers

Modify vsftpd File Configuration

Local_enable=yes

Write_enable=yes

Anon_upload_enable=yes

Anon_mkdir_write_enable=yes

Anon_other_write_enable=yes

Guest_enable=yes

Guest_username=vusers

Pam_service_name=vsftpd.vu

#pam_service_name =vsftpd

Save, restart vsftpd Service

you can then use t01 Login, Password ABC

Create separate profiles for different virtual users

Vi/etc/vsftpd/vsftpd.conf

User_config_dir=/etc/vsftpd/vusers_dir

Save

Mkdir/etc/vsftpd/vusers_dir

Cd/etc/vsftpd/vusers_dir

VI t01

local_root=/var/t01 Set the login home directory

Anon_upload_enable=yes allow uploading of files

Anon_mkdir_write_enable=yes Allow Write permission

Save, restart Service

mkdir/var/t01

This time with t01 when you log in, you will be logged in /var/t01 in

VI t02

local_root=/var/t02

Save, restart Service

mkdir/var/t02

with t02 when you log in, you will be logged in /var/t02 in


This article is from the "Ne Road" blog, please be sure to keep this source http://332162926.blog.51cto.com/8831013/1531024

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.