VsFTPd server beginner's master Manual

VsftpdIt is one of the most popular FTP server programs in the Linux release. It is very easy to use and I have spent a long time. Next I will introduce you to the vsftpd learning manual.

1. Start and Stop vsFTPd servers;

It is very easy to start and shut down vsFTPd servers. We can directly transfer the server operation to the backend for running. This is the operation mode managed by almost all servers;

1.1. Common vsFTPd server startup and shutdown Methods;

To run the vsftpd command, you must use the root permission. If you are not the root user, you can use su to switch to the root permission, one is su and the other is sudo. For details, see "Super permission control in Linux".

Run the vsFTPd server;

[Root @ localhost ~] #/Usr/sbin/vsftpd &

[Root @ localhost ~] #/Usr/local/sbin/vsftpd &

Whether the vsFTPd server is running;

We can use pgrep vsftpd to check whether vsftpd is running;

[Root @ localhost ~] # Pgrep vsftpd

4248

The above shows that the vsFTPd server is running. You can test the connection by using ftp commands, lftp tools, gftp, or other FTP clients;

Disable the vsFTPd Server:

We use pkill vsftpd to kill the vsftpd process. In this way, we disable vsFTPd and use psgrep vsftpd to view the process. If no process exists, it indicates that vsFTPd has been disabled. Of course, we also need to use the root permission.

[Root @ localhost ~] # Pkill vsftpd

[Root @ localhost ~] # Pgrep vsftpd

1.2 enable or disable the vsFTPd server in Fedora/Redhat/CentOS:

In Fedora/Redhat/CentOS, you can also use the following method to start vsFTPd; of course, you also need to use the root permission;

[Root @ localhost beinan] #/etc/init. d/vsftpd start

Start vsftpd For vsftpd: [OK]

Restart vsFTPd with the following command;

[Root @ localhost beinan] #/etc/init. d/vsftpd restart

Disable vsftpd: [OK]

Start vsftpd For vsftpd: [OK]

To disable the vsFTPd server, run the following command;

[Root @ localhost beinan] #/etc/init. d/vsftpd stop

Disable vsftpd: [OK]

2. Relationship between vsFTPd servers and firewalls and SELINUX (important)

On the forum, I saw some brothers say that the vsFTPd server is normal, but it cannot be accessed or users cannot upload files. I think it should be a firewall or SELINUX thing; the FTPD server may be protected by the firewall or SELINUX security mechanism. Therefore, you must have the firewall over ftp, and SELINUX over the ftp server;

In Fedora/Redhat/CentOS, you need to set up a firewall, you can turn off the firewall, or in the custom, let the ftp "through" firewall;

[Root @ localhost ~] # System-config-securitylevel-tui

Or run the following command to clear firewall rules (common );

[Root @ localhost beinan] # iptables-F

The explanation of SELINUX server may be difficult for veteran or novice users. We recommend that you use SELINUX or allow the vsFTPd server to skip SELINUX startup; that is to say, the general method of 4.1 and vsFTPd server startup and shutdown is required; this is effective in Fedora/Redhat/CentOS to start vsFTPd server;

Of course, you can also disable SELINUX. The configuration file in/etc/selinux/config is as follows;

/Etc/selinux/config

# This file controls the state of SELinux on the system.

# SELINUX = can take one of these three values:

# Enforcing-SELinux security policy is enforced.

# Permissive-SELinux prints warnings instead of enforcing.

# Disabled-SELinux is fully disabled.

SELINUX = Disabled # in this way, The SELINUX server is turned off. restart the system;

# SELINUXTYPE = type of policy in use. Possible values are:

# Targeted-Only targeted network daemons are protected.

# Strict-Full SELinux protection.

SELINUXTYPE = targeted

3. 500 OOPS: vsftpd: refusing to run with writable anonymous root

If we have started the vsFTPd server, but the logon test will show a message similar to the following;

500 OOPS: vsftpd: refusing to run with writable anonymous root

This indicates that the permissions on the home directory of the ftp user are incorrect and should be changed;

[Root @ localhost ~] # More/etc/passwd | grep ftp

Ftp: x: 1000: 1000: FTP User:/var/ftp:/sbin/nologin

We found that the ftp user's home directory is in/var/ftp, which is caused by incorrect/var/ftp permissions. the permissions of this directory cannot be opened; it is because you have run chmod 777/var/ftp. If you do not have an ftp user's home directory, you must create one by yourself;

The Home Directory of the following FTP users cannot be fully open to all users, user groups, and other user groups;

[Root @ localhost ~] # Ls-ld/var/ftp

Drwxrwxrwx 3 root 4096 2005-03-23/var/ftp

The following method should be used to correct this error;

[Root @ localhost ~] # Chown root: root/var/ftp

[Root @ localhost ~] # Chmod 755/var/ftp

Some may say, What should I do if anonymous users are readable, downloadable, and uploadable? This is also simple. You can create a directory under/var/ftp and set the permission to 777. Then you can change vsftpd. conf to OK. There is no difficulty;

For security considerations, vsFTPd does not allow ftp users' home directory permissions to be completely unrestricted. You can read the vsFTPd documentation to understand it; otherwise, it cannot be called the safest FTP server, right?

4. Description of the vsFTPd configuration file;

Vsftpd. conf is the configuration file of the vsFTPd server. This file is generally/etc/vsftpd. conf or/etc/vsftpd. conf. Refer to the system ..

Vsftpd. the conf configuration file is the global control file of the vsFTPd server. In this configuration file, each line should be regarded as a rule. The server with the # sign above will not explain it, which is similar to the apache configuration file; # The subsequent content is generally descriptive, or the option to turn off some features;

Vsftpd. the conf configuration file does not include all the functions you want to implement. To implement some functions, we need to solve them by ourselves. We need to learn to check vsFTPd documents and FAQs, although it is in English, it is relatively simple. Why should we get used to reading foreign documents? Because Linux is already a great foreigner, and most important software is foreign. Don't complain, bro. who left us behind?

Note: After modifying the configuration file, you must restart the vsFTPd server to take effect ~~

Through the above introduction, I believe that those beginners know the basic knowledge of vsFTPd and hope to help you!