The FTP service can be divided into two categories based on different service objects: one is the system FTP Server, which only allows valid users on the system to use; the other is the Anonymous FTP Server, Anonymous FTP Server, it can be used by anyone to log on to the FTP server to obtain files. Next, this article describes how to use wu-ftp to set up an FTP server in LINUX.
1. Select and install FTP server software
If you select "ftpd" when selecting to start the process during LINUX installation, after installing the LINUX system, it has installed a default FTP server to the system. We can use it to implement the functions of the system FTP server. We only need to customize the settings based on our needs.
In most LINUX versions, mongoingtonuniversity FTP is used. It is a famous FTP server software, generally referred to as wu-ftp. It is powerful and can run well on many UNIX operating systems, such as ibm aix, FreeBSD, HP-UX, NeXTstep, Dynix, SunOS, and Solaris. More than half of FTP servers on the Internet use it. Wu-ftp has many powerful functions and is suitable for the management requirements of FTP servers with high throughput:
1. the user can automatically compress or decompress the file while downloading the file;
2. Different access restrictions can be imposed on machines on different networks;
3. You can record the upload and download time of a file;
4. Information related to transmission can be displayed to help you understand the current transmission status in a timely manner;
5. You can set the maximum number of connections to improve efficiency and effectively control the load.
Ii. Composition of wu-ftp
After wu-ftp is installed, you will see the following five executable files in the/bin directory:
Ftpd FTP server program
Ftpshut is used to close FTP server programs
Ftpcount shows current online users
Ftpwho: view the current FTP server connection status
Ckconfig check if FTP server settings are correct
In addition to these executable files, it also generates seven configuration files under the/etc and/var directories:
/Etc/ftpusers
/Etc/ftpaccess
/Var/run/ftp. pids
/Etc/ftpconversions
/Var/log/xferlog
/Etc/ftpgroups
/Etc/ftphosts
After wu-ftp is installed, a special user ftp is created and an ftpd directory is created under the/home directory. When you log on anonymously, will be automatically located in this directory. In this directory, several subdirectories are usually created.
/Home/ftpd/bin stores executable files for FTP users
/Home/ftpd/etc stores configuration files for FTP users
/Home/ftpd/pub storage for download information
/Home/ftpd/incoming space for uploading information
Iii. wu-ftp Configuration
1. view the/etc/inetd. conf file.
The/etc/inetd. conf file is the configuration file of the LINUX super server inetd. It monitors multiple TCP/IP ports. When it receives the request, it derives a corresponding server based on the configuration file. By using super servers, other services can be derived only when needed, thus greatly saving system resources. However, wu-ftp uses the superpolar server inetd to listen for requests. When the super server inetd receives the FTP request from the client, it opens an FTP service process according to the configuration file.
Therefore, if you want to use wu-ftp, you must confirm the configuration file inetd in the super server inetd. in the conf file, the ftp stream tcp nowait root/usr/sbin/tcpd wu. ftpd allows the super server to derive a wu-FTP ftp service process when receiving an FTP request. (Note: To confirm whether there is such a line, you can use the File Content SEARCH Command to confirm: cat/etc/inetd. conf grep if ftp does not exist, manually add or modify it ).
2. wu-ftpd command Option
Wu-ftpd is the service process of wu-ftp. It can be executed without parameters or parameters. The following describes the execution parameters of wu-ftpd:
-D when an error occurs on the FTP server, the error is sent to the system syslog;
-L connect each FTP client to the syslog of the system;
-T set the FTP client to be connected for several minutes. If no operation is performed, the connection is closed;
-A enables wu-ftp to use the/etc/ftpaccess setting;
-A: Disable/etc/ftpaccess settings for wu-ftp;
-L records the programs executed after connecting the FTP client to the system syslog;
-I records the logs of files uploaded by the FTP client in the/usr/adm. xferlog file;
-O logs of downloading files from the FTP Client
In the/usr/adm/xferlog file.
Through understanding the above parameters, we recommend that you change the default configuration during system installation to: ftp stream tcp nowait root/usr/sbin/tcpd wu. ftpd-a-I
3. Automatic compression and decompression
If you want the FTP server to have the automatic compression and decompression functions, you must first copy the compressed and decompressed command files, such as tar, gzip, gunzip, compress, and uncompress, to the/home/ftpd/bin directory.
4. About/etc/ftpaccess settings
This configuration file is the most important configuration file on the FTP server. It is directly related to whether your FTP server can work normally and has many permission settings. The following is a typical configuration instance.
Copy codeThe Code is as follows: loginfails 3
Class local real *
Class remote anonymous guest *
Limit remote 100 Any/etc/ftpd/tooworkflow. msg
Message/etc/ftpd/welcome. msg login
Compress yes local remote
Tar yes local remote
Private yes
Passwd-check rfc822 warn
Log commands real
Log transfer anonymous guest inbound outbound
Log transfer real inbound
Shutdown/etc/ftpd/shut. msg
Delete no anonymous, guest
Overwrite no anonymous, guest
Rename no anonymous
Chmod no anonymous, guest
Umask no anonymous
Upload/home/ftpd * no
Upload/home/ftpd/bin no
Upload/home/ftpd/etc no
Upload/home/ftpd/pub yes real 0644 dirs
Upload/home/ftpd/incoming yes real guest anonymous 0644 dirs
Alias in/incoming
Email guest@xxx.net
Email guest@yyy.net
Deny * .com.tw/etc/ftpd/deny. msg
Next, we will explain each setting one by one and give the meaning of each setting so that you can bypass the settings and make reasonable settings based on the specific circumstances of your FTP server.
1) Format: loginfails [times]
Function: sets the number of times a user can enter the wrong password when logging on to the FTP server.
Instance: loginfails 3: If the password is entered incorrectly three times, the connection is disconnected.
2) Format: class [class name] [real/guest/anonymous] [IP address]
Function: sets the user category on the FTP server. You can also restrict the IP addresses of the client to allow access from some or all IP addresses. Users on the FTP server can basically be divided into the following three types:
Real users with valid accounts on the FTP server;
Anonymous Users with records in guest;
Anonymous users with the lowest anonymous permissions
Instance: class local real *: defines a class named local, which contains real users logging on anywhere (* representing all IP addresses.
Class remote anonymous guest *: defines a class named remote, which contains anonymous users and guest users logging on anywhere.
3) Format: limit [category] [number of people] [time] [file name]
Function: This command sets the maximum number of users allowed to connect to a specified category within the specified time. When the maximum number of users is reached, the content of the specified file is displayed.
Instance: limit remote 100 Any/etc/ftpd/toostrap. msg: at any time, when the number of remote users reaches 100, no new connections are allowed. When the number of 101st users wants to connect, the connection will fail, the user can present the file/etc/ftpd/too.pdf. msg content.
4) Format: message [file name] [command]
Function: when a user executes a specified command, the system displays the specified file content.
Instance: message/etc/ftpd/welcome. msg login: When you execute the login command, that is, when you log on to the FTP server, the system displays the file/etc/ftpd/welcome. msg content.
5) Format: compress [yes/no] [category]
Function: sets which category users can use the compress function.
Instance: compress yes local remote: allows both local and remote users to use the compress function.
6) Format: tar [yes/no] [category]
Function: sets the type of user to use the tar (archive) function.
Instance: tar yes local remote: allows both local and remote users to use the tar function.
7) Format: private [yes/no]
Function: sets whether a group can access files.
Instance: private yes: supports group access to files.
8) Format: passwd-check [none/trivial/rfc822] [enforce/warn]
Function: sets the password usage method for anonymous users.
None indicates that password verification is not performed, and any password can be logged on;
Trival indicates that you can log on as long as the entered password contains the "@" character;
Rfc822 indicates that the password must comply with the E-Mail format specified in RFC822 before logon;
Enfore indicates that the entered password is not allowed to log on if it does not conform to the preceding format;
Warn indicates that only warning information is displayed when the password does not comply with the regulations, and you can still log on.
Instance: passwd-check rfc822 warn: You want to obtain a qualified email as the password, but if not, you can also log on.
9) Format: log command [real/guest/anonymous]
Function: set which users log on to the/usr/adm/xferlog file.
Instance: log command real: when a real user logs on, his operations are recorded. Because the permissions of other users are low, operations do not cause too many security risks. Therefore, you only need to write down the operations of real users.