How to Use VSFTPD in LINUX

How to Use VSFTPD in LINUX-Linux Enterprise Application-Linux server application information. This article describes VSFTP configuration in detail.

Environment: linux as 3.0 + vsftpd-1.2.0-4 system architecture, which is under an independent server!
1. Configure the FTP address accessed by the Local Group

First, create the main directory of the user group test and FTP

Groupadd test

Mkdir/tmp/test

Then create a user

Useradd-G test? D/tmp/test? M usr1

Note: G: the user's Group d: indicates that the location of the user's own directory is specified.

M: do not create a default home directory, that is, there is no home directory.

Useradd? G test? D/tmp/test? M usr2

Then, change the owner and permissions of the folder.

Chown usr1.test/tmp/test ---- This indicates that the owner of/tmp/test is set to usr1

Chmod 750/tmp/test ---- 7 indicates wrx 5 indicates rx 0 indicates no Permissions

The purpose of this experiment is that usr1 has the upload, deletion, and download permissions.

However, usr2 only has the download permission and does not have the upload and deletion permissions.

Of course, don't forget our main configuration file vsftpd. conf.

Make sure that the local_enable = yes, write_enable = yes, And chroot_local_usr = yes options are available!

2. Configure non-port standard mode for independent FTP servers for Data Connection

This is very easy: In VSFTPD. Add in CONF

Listen_port= 33333

That's it!

Now, the most important thing is why I am a master! ^_^ (Do not throw eggs !)

3. configure a separate virtual FTP, use a virtual FTP user, and grant different permissions to the created four accounts.

(Two permissions are available for reading directories, one for browsing, uploading, and downloading, and the other for browsing, downloading, deleting, and modifying file names)

A: configure the NIC

The first NIC address is 10.2.3.4 and the mask is 255.255.0.0.

Ifconfig eth0: 1 211.131.4.253 netmask 255.255.255.0 up

B: Write to/etc/sysconfig (the IP address will not be lost after restarting)

Cd/etc/sysconfig/network-scripts

Cp ifcfg-eth0 ifcfg-eth0: 1

Vi ifcfg-eth0: 1 where the changes are as follows

DEVICE = eth0: 1

BROADCAST = 211.131.4.255

HWADDR = MAC address of the NIC

IPADDR = 211.131.4.253

NETMASK = 255.255.255.0

NETWORK = 211.131.4.0

ONBOOT = yes

TYPE = Ethernet

Wq released

C: Enter the folder where vsftpd. conf is located.

Cp vsftpd. conf vsftpd2.conf

Modify vsftpd. conf and add the following information:

Listen_address = 10.2.3.4

Modify vsftpd2.conf and add the following information:

Listen_address = 211.131.4.253

Ftpd_banner = this is a virtual ftp test

The virtual FTP server has been established.

D: Create logins.txt

Vi/tmp/logins.txt

Add the following information:

Longlei ------------ User Name

Longlei ------------ Password

Zhangweibo

Zhangweibo

Jinhui

Jinhui

Lxp

Lxp

The format follows my instructions. One user name and one password.

F: Create a password library file for the visitor and modify its permissions.

Db_load? T? T hash? F/tmp/logins.txt/etc/vsftpd_login.db

G: Create ftp. vu in/etc/pam. d /.

Add the following information to this file:

Auth required/lib/security/pam_userdb.so db =/etc/vsftpd_login

Account required/lib/security/pam_userdb.so db =/etc/vsftpd_login

H: create a directory in/var/ftp/and change its attributes and its owner

Useradd-d/var/ftp/test qiang

Chmod 700/var/ftp/test

Add the test_file test file to the directory.

I: Go to vsftpd2.conf to modify the information (I added it)

Listen_yes

Anonymous_enable = no

Local_enable = yes

Write_enable = no

Anon_upload_enable = no

Anon_mkdir_write_enable = no

Anon_other_write_enable = no

Chroot_local_user = yes

Guest_enable = yes ---------- starting with a virtual user

Guest_username = qiang ------ map virtual users to local users

Listen_port= 5555

Max_client = 10

Max_per_ip = 1

Ftpd_banner = this is a virtual server and users

Pam_service_name = ftp. vu

Note: The lower the permissions given in the master configuration file, the larger the space for permission classification during user management, because the highest limit of the master configuration file is that the service first reads the master configuration file and then reads the user configuration file

Restart service

Now the virtual USER is created.

J: In VSFTPD. Create the volume aul file directory in the CONF directory.

Create a configuration file named after your user name in the file directory.

Longlei zhangweibo o jinhui lxp

Add the following to longlei:

Anon_world_readable_only = no

Add in lxp

Anon_world_readable_only = no

In this way, the two users have permission to browse the directory.

Add in jinhui

Anon_world_readable_only = no

Write_enable = yes

Anon_upload_enable = yes

This user has the permission to upload, download, and browse

Add

Anon_world_readable_only = no

Write_enable = yes

Anon_upload_enable = yes

Anon_other_write_enable = yes

This user has the permission to upload, download, delete file directories, modify file names, and browse

K: Modify vsftpd2.conf

Add user_config_dir =/vsftpd. conf to the directory/virtual

Restart the server.

Well, don't go away. Now we are introducing VSFTPD. All configuration information I know in CONF

Anonymous_enable = yes (anonymous login allowed)

Dirmessage_enable = yes (The. message content under the directory is displayed when the directory is switched)

Local_umask = 022 (local file permission on FTP, default: 077)

Connect_form_port_20 = yes (enable data connection on the FTP data port )*

Xferlog_enable = yes (enable upload and download logs)

Xferlog_std_format = yes (use the standard log format)

Ftpd_banner = XXXXX (welcome information)

Pam_service_name = vsftpd (Verification Method )*

Listen = yes (independent VSFTPD server )*

Anon_upload_enable = yes (Open upload permission)

Anon_mkdir_write_enable = yes (you can create a directory and upload files to it)

Write_enable = yes (grant write permission to local users)

Anon_other_write_enable = yes (anonymous accounts can have the permission to delete)

Anon_world_readable_only = no (open anonymous user browsing permission)

Ascii_upload_enable = yes (enable the upload ASCII transfer mode)

Ascii_download_enable = yes (enable the ASCII transmission mode for download)

Banner_file =/var/vsftpd_banner_file)

Idle_session_timeout = 600 (seconds) (10 minutes after the user's session is idle)

Data_connection_timeout = 120 (seconds) (idle 2 minutes)

Accept_timeout = 60 (seconds) (disconnect the client one minute later)

Connect_timeout = 60 (seconds) (disconnect again after 1 minute)

Local_max_rate = 50000 (bite) (Local User transfer rate: 50 K)

Anon_max_rate = 30000 (bite) (anonymous user transfer rate: 30 K)

Pasv_min_port = 50000 (change the client's data connection port

Pasv_max_port = 60000 between and)

Max_clients = 200 (maximum number of FTP connections)

Max_per_ip = 4 (maximum number of connections per IP)

Listen_port = 5555 (data connection from port 5555)

Local_enble = yes (the local account can log on)

Write_enable = no (You are not authorized to delete or modify files after logging on to the local account)

This is a group

Chroot_local_user = yes (all local accounts can only be in their own directories)

Chroot_list_enable = yes (the list in the file can be called)

Chroot_list_file =/any specified path/vsftpd. chroot_list

(Prerequisite: chroot_local_user = no)

This is another group

Userlist_enable = yes (users in the specified file cannot access it)

Userlist_deny = yes

Userlist_file =/specified path/vsftpd. user_list

I started the ticket again.

Banner_fail =/path/file name (the file content is displayed when the connection fails)

Ls_recurse_enable = no

Async_abor_enable = yes

One_process_model = yes

Listen_address = 10.2.2.2 (bind the virtual service to a port)

Guest_enable = yes (Virtual users can log on)

Guest_username = User Name (ing virtual users to local users)

User_config_dir =/any specified path/folder created by the user policy

(Specify the path of different virtual user configuration files)

Another group

Chown_uploads = yes (change the owner of the uploaded file to root)

Chown_username = root

Another group

Deny_email_enable = yes (whether anonymous users are allowed to use certain email addresses)

Banned_email_file = // any specified path/xx/

Yes

Pasv_enable = yes (server uses passive mode)

User_config_dir =/any specified path // any file directory (specify the path where the virtual user stores the configuration file)