FTP settings in linux

Article Title: FTP settings in linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

First install the vsftpd-2.0.1-5.i386.rpm In the first CD of Linux Enterprise Edition

# Rpm? Ivh/media/cdrom/RedHat/RPMS/vsftpd-3.0.1-5.i386.rpm

Start vsftpd

# Service vsftpd start

Refresh Firewall

# Iptables-F

Such a simple linux FTP has been set up!

Next we will slowly optimize our FTP Server:

Tutorial 1: If I do not allow anonymous FTP login, we can modify the main configuration file of vsftpd to implement

# Change anonymous_enable = YES to anonymous_enable = NO in vi/etc/vsftpd. conf

Restart vsftpd!

Experiment 2: In windows, the FTP server can set the welcome word and the maximum number of connections. What should we set in the Linux FTP server? I want to answer: Likewise, we can also implement the vsftpd master configuration file.

# Vi/etc/vsftpd. conf

Add ftpd_banner = welcome to here at the end! This is the welcome word.

Max_clients = 100, which means that a maximum of 100 users can access

Restart vsftpd!

Experiment 3: If I want to pay off my lilei colleague, I don't want him to log on to our FTP site, then I can add lilei to vi/etc/vsftpd. ftpusers restart the vsftpd service.

Experiment 4: In the morning, the General Manager said that a small part of the company should be promoted. When I heard the news, I quickly acted. I only allowed the General Manager to log on to the FTP server by himself, and others could not take a nap, restrict others. I can do this:

# Vi/etc/vsftpd. conf to add the last two,

Userlist_deny = NO/the persons in this list will not be rejected, and others will be rejected (including anonymous)

Userlist_file =/etc/mp/specifies the path of the List

Then: # vi/etc/mp Add the manager name

Restart the vsftpd service!

However, in the afternoon, the manager announced the name of the person who promoted the promotion, angry that since I was absent. To show off my anger, I decided that the manager could not log on to the FTP server, and anyone else could. I can do this:

# Vi/etc/vsftpd. conf set userlist_deny = NO added in the morning

Change to userlist_deny = YES/the person in this list is rejected. Others pass.

Restart the vsftpd service!

Experiment 5: We can give a registered user a high download speed (200 k). If an anonymous user gives them 20 k, we can do this:

# Add vi/etc/vsftpd. conf at the end

Local_max_rate = 200000

Anon_max_rate = 20000

Restart the vsftpd service!

Experiment 6: My colleague zhangsan gave me a cigarette and my colleague lisi gave me a pack of cigarettes yesterday. Today, my colleague wangwu) I gave me a smoke. I want to set different FTP download speeds based on the smoke they gave me. I can do this:

# Vi/etc/vsftpd. conf

User_config_dir =/etc/vsftpd/define the user's configuration file

# Add the following to vi/etc/vsftpd/zhangsan:

Local_max_rate = 3000/is equivalent to a cigarette

# Vi/etc/vsftpd/lisi Add the following

Local_max_rate = 30000/is equivalent to a package of cigarettes

# Add the following to vi/etc/vsftpd/wangwu:

Local_max_rate = 300000/equivalent to a smoke

Restart the vsftpd service!

Experiment 7: how to create a simple virtual user? I only want them to log on to FTP, but not to my linux system. This ensures the security of the FTP server. You can do this:

Adduser? G ftp? S/sbin/nolgin user01/directly add the user01 user to the ftp group,

Passwd user01/set password for user01

Experiment 8: although it is simple, it is still insecure. Is there any other way to create a safer virtual user? Yes! We can do this:

1. Create a password library file for a virtual user

# Vi logins.txt Add the following

Zhangsan/User Name

123/Password

Lisi

234

Wangwu

345

2. Production of vsftpd certification Database

# Db_load? T? T hash? F logins.txt/etc/vsftpd/vsftpd_logins.db

Change Database Permissions

# Chmod 600/etc/vsftpd/vsftpd_logins.db

3. Create the PAM Configuration File required by the virtual user

# Add the following to vi/etc/pam. d/vsftpd. vu:

Auth required/lib/security/pam_userdb.so db =/etc/vsftpd/vsftpd_logins

Account required/lib/security/pam_userdb.so db =/etc/vsftpd/vsftpd_logins

4. Create a virtual user and the directory to be accessed, and set the corresponding permissions.

# Useradd-d/home/ftpsite virtual/create the system account required by the vsftpd virtual user

# Chmod 700/home/ftpsite/set the permission of the home directory to 700

5. Set the vsftpd. conf configuration file.

# Add vi/etc/vsftpd. conf as follows:

Guest_enable = YES

Guest_username = virtual

Pan_service_name = vsftpd. vu

Anon_world_readable_only = NO

Restart the vsftpd service!

Tutorial 9: managing virtual users:

Wangwu has the permission to browse directories, upload, rename, delete, and so on.

Lisi has permission to browse directories, upload and download

Zhangsan has the permission to browse directories and download (and can only be in the/misc/abc directory at a speed of 20 k)

We can do this:

First, edit the main configuration file of vsftpd,

# Add vi/etc/vsftpd. conf as follows:

User_config_dir =/etc/vsftpd/specifies the storage location of the virtual user configuration file

Then meet wangwu's needs:

Add Vi/etc/vsftpd/wangwu as follows:

Anon_world_readable_only = NO // open read permission (If this option is not added, the directory you see is hidden)

Anon_upload_enable = YES

Anon_mkdir_write_enable = YES

Anon_other_write_enable = YES

Meet lisi requirements:

Add Vi/etc/vsftpd/lisi as follows:

Anon_world_readable_only = NO // open read permission (If this option is not added, the directory you see is hidden)

Anon_upload_enable = YES

Meet the needs of zhangsan:

Add Vi/etc/vsftpd/zhangsan as follows:

Anon_world_readable_only = NO // open read permission (If this option is not added, the directory you see is hidden)

Local_root =/misc/abc // set the directory to local

Anon_max_rate = 20000

Restart the vsftpd service!

Tutorial 10: how to set the upload and deletion permissions for anonymous users

We can do this:

# Add vi/etc/vsftpd. conf as follows:

Anon_upload_enable = YES

Anon_mkdir_write_enable = YES

Anon_other_write_enable = YES

# Chmod? R 777/var/ftp/pub/change pub Directory Permissions

Restart the vsftpd service.