Installation and configuration of VSFTPD under Linux

Source: Internet
Author: User

1. Installation

Execute yum-y Install vsftpd

Note: (1) You can check whether the VSFTPD is installed by Rpm-qa|grep vsftpd .

(2) The default configuration file is/etc/vsftpd/vsftpd.conf

2. Create a virtual user for the VSFTPD server

(1) Select Create FTP folder in root directory or user directory:mkdir ftpfile

I started by entering the root directory to create the folder product and then into product to create the Ftpfile folder.

CD/mkdir PRODUCTCD productmkdir ftpfile

·

(2) Add anonymous User: Useradd ftpuser-d/ftpfile-s/sbin/nologin

Execute command

/product/ftpfile -s/sbin/nologin
/product/ftpfile is an FTP folder.

Because a folder is created first, a duplicate warning appears for the directory name.

(3) Modify Ftpfile permissions: Chown-r ftpuser.ftpuser/ftpfile

Execute chown-r ftpuser.ftpuser./ftpfile

(4) Reset ftpuser password: passwd ftpuser

Execute passwd ftpuser , then access the new password two times.

3. Configuration

Perform

cd/etc/Vsftpdvim chroot_list

Add the FTP username : Wq save to exit.

Vim/etc.selinux/config

Modify to Selinux=disabled

Perform vim vsftpd.conf Edit as

# Example Config file/etc/vsftpd/vsftpd.conf## thedefaultCompiledinchsettings is fairly paranoid. This is a sample file# loosens things up a bit, to make the ftp daemon more usable.# please see vsftpd.conf.5  forAll compiledinchdefaults.## READ this:this Example File isNot a exhaustive list of vsftpd options.# please read the vsftpd.conf.5Manual page toGetA full idea of vsftpd's# capabilities.## Allow anonymous FTP? (Beware-allowed bydefault ifYou comment This  out). Local_root=/product/ftpfile #chroot_local_user=YES Anon_root=/product/Ftpfileuse_localtime=yes# Anonymous #anonymous_enable=yesanonymous_enable=no## Uncomment ThisTo allow local users to loginch. Local_enable=yes## Uncomment ThisTo enable any form of FTP write Command.write_enable=yes## Default umask forLocal Users is 077. wish to change ThisTo022,# ifYour users expect that (022  isUsed by the most other ftpd's)local_umask=022# # Uncomment ThisThe anonymous FTP user to upload files. This only# have an effectifThe aboveGlobalWrite enable isactivated. Also, you will# obviously need to create a directory writable by the FTP user. #anon_upload_enable=yes## Uncomment This ifYou want the anonymous FTP user to being able to create#Newdirectories. #anon_mkdir_write_enable=yes## Activate Directory Messages-messages given to remote users while they# go into a certain directory.dirmessage_enable=yes## The target log file can be Vsftpd_log_file or xferlog_file.# this depends on setting Xferlog_std_format paramete Rxferlog_enable=yes## Make sure PORT transfer connections originate fromPort -(ftp-data). connect_from_port_20=yes## If you want, can arrange foruploaded anonymous files to be owned by# a different user. Note! Using"Root"  forUploaded files isnot# Recommended!#chown_uploads=Yes#chown_username=whoever## The name of the log file when Xferlog_enable=yes and xferlog_std_format=yes# WARNING-changing ThisFileName affects/etc/logrotate.d/Vsftpd.log#xferlog_file=/var/log/xferlog## switches between logging into Vsftpd_log_file and xferlog_file files.# NO writes to Vsftpd_log_file, YES to Xferlog_filexferlog_std_format=yes## thedefaultValue forTiming outAn idle session. #idle_session_timeout= -# # you could change thedefaultValue forTiming outa data connection. #data_connection_timeout= -# # It isrecommended that's define on your system a unique user which the# FTP server can use asa totally isolated and unprivileged user. #nopriv_user=ftpsecure## Enable ThisAnd the server would recognise asynchronous ABOR requests. not# Recommended forSecurity (The Code isnon-trivial). Not enabling it,# However, may confuse older FTP clients. #async_abor_enable=yes## bydefaultThe server would pretend to allow ASCII mode butinchfact ignore# the request. Turn on the below options to the server actually Doascii# mangling on files wheninchASCII mode.# beware, some FTP servers, ASCII support allows a denial of service# attack (DoS) via the command "Size/big/file" inchASCII mode. vsftpd# predicted Thisattack and have always been safe, reporting the size of the# raw file.# ASCII mangling isa horrible feature of the protocol. #ascii_upload_enable=yes#ascii_download_enable=yes## fully customise the login bannerstring: Ftpd_banner=Welcome to Mmall FTP server## your may specify a file of disallowed anonymous E-mail addresses. apparently# Useful forcombatting certain DoS attacks. #deny_email_enable=yes# (defaultfollows) #banned_email_file=/etc/vsftpd/banned_emails## Specify anExplicitList of Local users to Chroot () to their home# directory. If Chroot_local_user isYES, then Thislist becomes a list of# users to not chroot (). Chroot_local_user=nochroot_list_enable=yes# (defaultfollows) Chroot_list_file=/etc/vsftpd/chroot_list## Activate the"- R"option to the BUILTIN LS. This isDisabled by#defaultTo avoid remote users being able to cause excessive i/O on large# sites. However, some broken FTP clients such as "ncftp"and"Mirror"assume# The presence of the"- R"option, so there isA strong Case  forenabling it. #ls_recurse_enable=yes## when"Listen"directive isEnabled, VSFTPD runsinchStandalone mode and# listens on IPV4 sockets. This directive cannot is usedinchconjunction# with the Listen_ipv6 directive.listen=yes## This directive enables listening on IPV6 sockets. To listen on IPV4 and ipv6# sockets, you must run-copies of VSFTPD with-configuration files.# make sure, that one Of the Listen options isCommented!!#listen_ipv6=Yespam_service_name=vsftpduserlist_enable=yestcp_wrappers=yes#pasv_enable=Yespasv_min_port=61001Pasv_max_port=62000
vsftpd.conf file Address





Installation and configuration of VSFTPD under Linux

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.