File: vsftpd-2.3.2.tar.gz
First install vsftpd:
Cd/opt/software
Tar-zxvf vsftpd-2.3.2.tar.gz
Cd vsftpd-2.3.2
Modify configuration file
Vi builddefs. h
/*************************************** *****
# Ifndef VSF_BUILDDEFS_H
# Define VSF_BUILDDEFS_H
# Define VSF_BUILD_TCPWRAPPERS
# Undef VSF_BUILD_PAM
# Define VSF_BUILD_SSL
# Endif/* VSF_BUILDDEFS_H */
**************************************** ***********/
Compile
Make
Check whether compilation is completed
Ls-l vsftpd
-Rwxr-xr-x 1 root 84712 Jun 6 vsftpd // the executable program has been compiled successfully.
Create necessary accounts and directories:
Useradd nobody
Mkdir/usr/share/empty
Mkdir/var/ftp
Useradd-d/var/ftp
Chown root: root/var/ftp
Chmod og-w/var/ftp
If it already exists, you do not need to proceed.
Install the vsftp configuration file, executable program, man, and so on:
Install-m 755 vsftpd/usr/local/sbin/vsftpd
Install-m 644 vsftpd.8/usr/share/man/man8
Install-m 644 vsftpd. conf.5/usr/share/man/man5
Install-m 644 vsftpd. conf/etc/vsftpd. conf
Installation Complete
Modify vsftpd configuration file
Vi/etc/vsftpd. conf
Modify the following items:
Write_enable = yes
Local_enable = yes
If anonymous logon is also allowed, anonymous_enable = yes; Generally, anonymous users are not allowed to upload or modify permissions.
Add
Listen_port = 21
Tcp_wrappers = YES // supports tcp_wrappers and restrict access (/etc/hosts. allow,/etc/hosts. deny)
Listen = YES means to use standalone to start vsftpd, rather than super daemon (xinetd) to control it (standalone is recommended for vsftpd). For more information, see anonymous user configuration.
Start:/usr/local/sbin/vsftpd/etc/vsftpd. conf &
Add a vsftpd user!
Reference: hi.baidu.com/lssbing/blog/item/bae673506cc330571138c233.html
# Mkdir/opt/srsman // first create a directory
# Adduser-d/opt/srsman-g ftp-s/sbin/nologin srsman //-s
/Sbin/nologin makes it unable to log on to the system.-d specifies the user directory as/opt/srsman.
# Passwd srsman
Changing password for user beinan. // you will be prompted to set a new password.
New password:
Retype new password:
Passwd: all authentication tokens updated successfully
Restrict User Directories and do not change directories to superiors
Modify/etc/vsftpd. conf
Convert the two rows
# Chroot_list_enable = YES
# Chroot_list_file =/etc/vsftpd. chroot_list
Comment removed
Chroot_list_enable = YES
Chroot_list_file =/etc/vsftpd/chroot_list
Add a file:/etc/vsftpd/chroot_list
User name to be restricted for content writing:
Srsman
Restart vsftpd
========================================================== ====
Possible errors.
I. 500 OOPS: cocould not bind listening IPv4 socket,
Chkconfig vsftpd -- level 3 off
Ii. 500 OOPS: vsftpd: refusing to run with writable anonymous root
This indicates that the permissions on the home directory of the ftp user are incorrect and should be changed;
[Root @ localhost ~] # More/etc/passwd | grep ftp
Ftp: x: 1000: 1000: FTP User:/var/ftp:/sbin/nologin
The following method should be used to correct this error;
[Root @ localhost ~] # Chown root: root/var/ftp
[Root @ localhost ~] # Chmod 755/var/ftp
3. Socket Connection timeout
[Right] 227 Entering Passive Mode (192,168, 1,218 ).
[Right] opening data connection IP: 192.168.1.218 port: 15965
[Right] data Socket error: Unable to connect to host
[Right] list Error
[Right] PASV mode failed. Try PORT mode.
A: I often log on to various FTP servers and encounter socket errors. The solutions to several commonly used FTP software are as follows:
★Cute FTP 3.5 English version: FTP-> Settings-> Options-> Firewall. deselect the check box before "PASV mode.
★Cute FTP3.5 Chinese version: FTP-> Settings-> options-> firewall, clear the check box before "PASV mode (.
★Cute FTP4.0 Chinese version: Right-click the ftp site you created-> select properties-> remove the "use PASV mod" option
★Cute FTP Pro2.0 Chinese edition: Edit-> global settings-> connection type, select PORT from the "PASV/PORT" drop-down menu.
★Leap FTP2.7.2: Sites-> Site Manager-> Advanced. deselect the check box before "Use PASV mode.
★Flashfxp: Option-> parameter-> proxy-> remove "passive mode"
★Flashget: Option-> parameter-> Proxy Server-> edit-> deselect the check box before "Use PASV mode.
The cause of this problem is the conflict between the network egress of the client and the port settings of the server firewall. Therefore, if PASV is not selected as the connection type for other software, this type of problem can be solved.
4. the user successfully logs in but cannot upload files normally
This is a problem with insufficient permissions on the target folder. You can change the permission to 777.
Chmod 777/xxx/