How to Use VSFTPD in LINUX-Linux Enterprise Application-Linux server application information. This article describes VSFTP configuration in detail.
Environment: linux as 3.0 + vsftpd-1.2.0-4 system architecture, which is under an independent server!
1. Configure the FTP address accessed by the Local Group
First, create the main directory of the user group test and FTP
Groupadd test
Mkdir/tmp/test
Then create a user
Useradd-G test? D/tmp/test? M usr1
Note: G: the user's Group d: indicates that the location of the user's own directory is specified.
M: do not create a default home directory, that is, there is no home directory.
Useradd? G test? D/tmp/test? M usr2
Then, change the owner and permissions of the folder.
Chown usr1.test/tmp/test ---- This indicates that the owner of/tmp/test is set to usr1
The purpose of this experiment is that usr1 has the upload, deletion, and download permissions.
However, usr2 only has the download permission and does not have the upload and deletion permissions.
Of course, don't forget our main configuration file vsftpd. conf.
Make sure that the local_enable = yes, write_enable = yes, And chroot_local_usr = yes options are available!
2. Configure non-port standard mode for independent FTP servers for Data Connection
This is very easy: In VSFTPD. Add in CONF
Listen_port= 33333
That's it!
Now, the most important thing is why I am a master! ^_^ (Do not throw eggs !)
3. configure a separate virtual FTP, use a virtual FTP user, and grant different permissions to the created four accounts.
(Two permissions are available for reading directories, one for browsing, uploading, and downloading, and the other for browsing, downloading, deleting, and modifying file names)
A: configure the NIC
The first NIC address is 10.2.3.4 and the mask is 255.255.0.0.
Ifconfig eth0: 1 211.131.4.253 netmask 255.255.255.0 up
B: Write to/etc/sysconfig (the IP address will not be lost after restarting)
Cd/etc/sysconfig/network-scripts
Cp ifcfg-eth0 ifcfg-eth0: 1
Vi ifcfg-eth0: 1 where the changes are as follows
DEVICE = eth0: 1
BROADCAST = 211.131.4.255
HWADDR = MAC address of the NIC
IPADDR = 211.131.4.253
NETMASK = 255.255.255.0
NETWORK = 211.131.4.0
ONBOOT = yes
TYPE = Ethernet
Wq released
C: Enter the folder where vsftpd. conf is located.
Cp vsftpd. conf vsftpd2.conf
Modify vsftpd. conf and add the following information:
Listen_address = 10.2.3.4
Modify vsftpd2.conf and add the following information:
Listen_address = 211.131.4.253
Ftpd_banner = this is a virtual ftp test
The virtual FTP server has been established.
D: Create logins.txt
Vi/tmp/logins.txt
Add the following information:
Longlei ------------ User Name
Longlei ------------ Password
Zhangweibo
Zhangweibo
Jinhui
Jinhui
Lxp
Lxp
The format follows my instructions. One user name and one password.
F: Create a password library file for the visitor and modify its permissions.
Db_load? T? T hash? F/tmp/logins.txt/etc/vsftpd_login.db
G: Create ftp. vu in/etc/pam. d /.
Add the following information to this file:
Auth required/lib/security/pam_userdb.so db =/etc/vsftpd_login
Account required/lib/security/pam_userdb.so db =/etc/vsftpd_login
H: create a directory in/var/ftp/and change its attributes and its owner
Useradd-d/var/ftp/test qiang
Chmod 700/var/ftp/test
Add the test_file test file to the directory.
I: Go to vsftpd2.conf to modify the information (I added it)
Listen_yes
Anonymous_enable = no
Local_enable = yes
Write_enable = no
Anon_upload_enable = no
Anon_mkdir_write_enable = no
Anon_other_write_enable = no
Chroot_local_user = yes
Guest_enable = yes ---------- starting with a virtual user
Guest_username = qiang ------ map virtual users to local users
Listen_port= 5555
Max_client = 10
Max_per_ip = 1
Ftpd_banner = this is a virtual server and users
Pam_service_name = ftp. vu
Note: The lower the permissions given in the master configuration file, the larger the space for permission classification during user management, because the highest limit of the master configuration file is that the service first reads the master configuration file and then reads the user configuration file
Restart service
Now the virtual USER is created.
J: In VSFTPD. Create the volume aul file directory in the CONF directory.
Create a configuration file named after your user name in the file directory.
Longlei zhangweibo o jinhui lxp
Add the following to longlei:
Anon_world_readable_only = no
Add in lxp
Anon_world_readable_only = no
In this way, the two users have permission to browse the directory.
Add in jinhui
Anon_world_readable_only = no
Write_enable = yes
Anon_upload_enable = yes
This user has the permission to upload, download, and browse
Add
Anon_world_readable_only = no
Write_enable = yes
Anon_upload_enable = yes
Anon_other_write_enable = yes
This user has the permission to upload, download, delete file directories, modify file names, and browse
K: Modify vsftpd2.conf
Add user_config_dir =/vsftpd. conf to the directory/virtual
Restart the server.
Well, don't go away. Now we are introducing VSFTPD. All configuration information I know in CONF
Anonymous_enable = yes (anonymous login allowed)
Dirmessage_enable = yes (The. message content under the directory is displayed when the directory is switched)
Local_umask = 022 (local file permission on FTP, default: 077)
Connect_form_port_20 = yes (enable data connection on the FTP data port )*
Xferlog_enable = yes (enable upload and download logs)
Xferlog_std_format = yes (use the standard log format)
Ftpd_banner = XXXXX (welcome information)
Pam_service_name = vsftpd (Verification Method )*
Listen = yes (independent VSFTPD server )*
Anon_upload_enable = yes (Open upload permission)
Anon_mkdir_write_enable = yes (you can create a directory and upload files to it)
Write_enable = yes (grant write permission to local users)
Anon_other_write_enable = yes (anonymous accounts can have the permission to delete)
Anon_world_readable_only = no (open anonymous user browsing permission)
Ascii_upload_enable = yes (enable the upload ASCII transfer mode)
Ascii_download_enable = yes (enable the ASCII transmission mode for download)
Banner_file =/var/vsftpd_banner_file)
Idle_session_timeout = 600 (seconds) (10 minutes after the user's session is idle)
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.