FTP service configuration for linux services

I. working principle of FTP: a: active mode

I. How FTP works:

A: active mode

1: The client initiates a control connection to the server, and the port number is 21. And send a random transmission port to the server.

2: The server receives the transmission port number, establishes a data transmission connection with the client, and disconnects the connection after the data transmission is complete.

B: passive mode

1: The client establishes a connection with the control connection of the server and requests a passive connection.

2: The server receives a passive request from the client. a random data transmission port is generated and sent to the client.

3: the client uses the port sent by the server to transmit data with the server.

In the actual process, the vast majority of users use the passive mode, because if the randomly generated port of the client is sent to the server, the service actively connects to the client and will be blocked by the firewall of the client! Therefore, the passive mode is generally used.

II. FTP configuration:

1: first install the vsftpd package of the server.

2: the client uses the command wget lftp ftp for connection.

A. wget usage

Download file: wget-user = hello-password = 123 ftp: // 172.16.28.19/file

Download folder: wget-r ftp: // 172.16.28.19/soft/dir-nH -- cut-dir = 1-P/etc-r indicates the rescure recursive file, -nH indicates that the upper directory is removed, and -- cut-dir indicates that multiple directories are removed from the root directory. -P indicates directory redirection

B. lftp 172.16.17.25

Download file get download folder mirror Upload file put Upload folder put-r./dir

C. ftp 172.16.25.42

! Ls command to view the local directory, LCD switch to the current directory of the local machine,

III. server configuration

1. users are divided into anonymous users, local users, and virtual users.

The ftp shared directory of anonymous users is/var/ftp, and no password is required. You cannot switch the root directory.

Anon_root =/var/dir: set the path of the shared directory.

2: The local user's upload directory is the user's home directory by default. You can switch the root. You can add the user_config_dir =/etc/vsftpd/usersdir field to perform local configuration for users respectively. The created file name is the same as the user name.

3: enable the user control list file by adding userlist_enable = yes.

Userlist_deny = yes indicates that ftp is disabled for all users in/etc/vsftpd/user_list.

Userlist_deny = no: allow all users in/etc/vsftpd/user_list to use ftp.

In the/etc/vsftpd/ftpusers file, user_list is configured first. ftp is allowed for all ftpusers.

4. create a virtual user

A. create a local account mapped to a virtual user

Useradd-d home_dir-s/sbin/nologin user

B. create the user name and password for the virtual account and create a file vi/etc/vsftp/vname

Add the user name and password to the vname. Format: One user name and one password.

C generate the database file db_load-T-t hash-f./vname. db

D. create the PAM authentication file, vi/etc/pam. d/vname. vu

Add two lines in the file: auth required pam_userdb.so db =/etc/vsftpd/vname

Account required pam_userdb.so db =/etc/vsftpd/vname

E. enable the configuration in/etc/vsftpd. conf and add the field guest_enable = YES local_enable = YES pam_service_name = vsftpd. vu.