In order to achieve the Linux environment FTP server configuration, the vast majority of Linux distribution suite is the use of Washington University FTP (WU-FTPD), which is a good performance of the server software, because it has a number of powerful features and very large throughput, More than 60% of the FTP servers on the Internet are using it.
Installation and operation
Here's an example of Redhat Linux.
1, installation
Depending on the service object, the FTP service can be divided into two categories: one is the system FTP server, it only allows legitimate users on the system, and the other is an anonymous FTP server, which allows anyone to log on to the FTP server, and after the server connection, in the login prompt input anonymous, can access the server. For both of these services, you can install the WU-FTPD RPM package through the first CD-ROM of redhat, simply enter the system as root and run the following command:
RPM-IVH anonftp-x.x-x.i386.rpm
RPM-IVH wu-ftpd-x.x.x-x.i386.rpm
Where-x.x-x and-x.x.x-x are version numbers.
2, start
Like Apache, WU-FTPD can also be configured to start automatically: Execute the Setup program that came with Redhat, select Wu-ftpd in the System Service option, and press the [OK] button to confirm the exit.
It is convenient to start automatically, but when we change the WU-FTPD configuration file, we need to start by hand:
Start:/usr/sbin/ftprestart
OFF:/usr/sbin/ftpshut
FTP Server Configuration
To ensure the FTP server is secure, you must set up some important configuration files to better control the user's access rights. These profiles are:/etc/ftpusers,/etc/ftpconversions,/etc/ftp-groups,/etc/ftpphosts,/etc/ftpaccess. These files enable you to control exactly who, at what time, from where you can connect to the server, and to check and track the work they do after they connect.
/etc/ftpusers: This folder contains users who cannot log on to the server via FTP, and sometimes write user accounts that need to be blocked to file/etc/ftpuser, which prevents some users from using the FTP service.
/etc/ftpconversions: Used to configure compression/decompression programs.
/etc/ftpgroups: Create a user group in which members are predefined to access the FTP server.
/etc/ftpphosts: Used to prevent or allow access to a particular account by a remote host, for example:
Allow CZC 192.168.0.0/24
Deny CDD 10.0.0.0/8
Indicates that the CZC user is allowed to access the network segment from 192.168.0, rejecting the CDD from 10. This network segment is connected to access.
/etc/ftpaccess: is a very important configuration file that controls access permissions, and each row in the file defines a property and sets the value of the property. Here are some of its common configurations to do a little introduction:
1. Define User Categories
Form: Class [class name] [Real/guest/anonymous][ip address]
Function: The function of this instruction sets the user's category on the FTP server. The IP address of the client can be restricted to allow specific or full IP addresses to access the FTP server.
2, the number of login retries
At the command line, enter: Loginfails 10, which indicates that the connection is disconnected if 10 times have not been successfully logged in.
3. Password check
Format: Passwd-check〈strictness〉warn
is a check of how anonymous users ' passwords are used, where 〈strictness〉 is one of three possible strings: None, Trivial, RFC822. If you choose None, you will not check the password, if the selection of trivial, indicating that the password has a certain requirement, it needs to have at least one at the password at the @ symbol, if the choice of RFC822, the most stringent, Require e-mail address must comply with RFC822 message header standard (such as: czc@domain.com).
For example: Passwd-check rfc822 warn, indicating that the password requirements are very strict, when the password does not meet the requirements of the warning message.
4, the number of login restrictions
Format: limit [category] [people] [TIME] [filename]
Sets the number of people in the specified category who can log on to FTP at the appointed time. For example: Limit remote any/etc/many.msg, stating that the category remote category has no more than 20 people logged in at any one time, or a MANY.MSG warning message will be displayed.
Reasonable use of these configurations, can effectively protect our servers.
Verify
After installing and configuring the FTP server, you can authenticate and access the FTP server with graphical tools and command lines. The most commonly used command in Linux is FTP, which provides an uncomplicated FTP server interface. To connect to the FTP server, simply enter at the command prompt: FTP Servername, replace Servername with the host name or the IP address of the FTP server you wish to connect to, enter your username and password as prompted, and then move the FTP server directory structure up or down with standard Linux. In addition, you can also use a graphical FTP program, including window-type GFTP, you can access the FTP server with the help of a Web browser.
These are the main points of FTP server configuration under Linux, I hope to help you.