1. Installation
Execute yum-y Install vsftpd
Note: (1) You can check whether the VSFTPD is installed by Rpm-qa|grep vsftpd .
(2) The default configuration file is/etc/vsftpd/vsftpd.conf
2. Create a virtual user for the VSFTPD server
(1) Select Create FTP folder in root directory or user directory:mkdir ftpfile
I started by entering the root directory to create the folder product and then into product to create the Ftpfile folder.
CD/mkdir PRODUCTCD productmkdir ftpfile
·
(2) Add anonymous User: Useradd ftpuser-d/ftpfile-s/sbin/nologin
Execute command
/product/ftpfile -s/sbin/nologin
/product/ftpfile is an FTP folder.
Because a folder is created first, a duplicate warning appears for the directory name.
(3) Modify Ftpfile permissions: Chown-r ftpuser.ftpuser/ftpfile
Execute chown-r ftpuser.ftpuser./ftpfile
(4) Reset ftpuser password: passwd ftpuser
Execute passwd ftpuser , then access the new password two times.
3. Configuration
Perform
cd/etc/Vsftpdvim chroot_list
Add the FTP username : Wq save to exit.
Vim/etc.selinux/config
Modify to Selinux=disabled
Perform vim vsftpd.conf Edit as
# Example Config file/etc/vsftpd/vsftpd.conf## thedefaultCompiledinchsettings is fairly paranoid. This is a sample file# loosens things up a bit, to make the ftp daemon more usable.# please see vsftpd.conf.5 forAll compiledinchdefaults.## READ this:this Example File isNot a exhaustive list of vsftpd options.# please read the vsftpd.conf.5Manual page toGetA full idea of vsftpd's# capabilities.## Allow anonymous FTP? (Beware-allowed bydefault ifYou comment This out). Local_root=/product/ftpfile #chroot_local_user=YES Anon_root=/product/Ftpfileuse_localtime=yes# Anonymous #anonymous_enable=yesanonymous_enable=no## Uncomment ThisTo allow local users to loginch. Local_enable=yes## Uncomment ThisTo enable any form of FTP write Command.write_enable=yes## Default umask forLocal Users is 077. wish to change ThisTo022,# ifYour users expect that (022 isUsed by the most other ftpd's)local_umask=022# # Uncomment ThisThe anonymous FTP user to upload files. This only# have an effectifThe aboveGlobalWrite enable isactivated. Also, you will# obviously need to create a directory writable by the FTP user. #anon_upload_enable=yes## Uncomment This ifYou want the anonymous FTP user to being able to create#Newdirectories. #anon_mkdir_write_enable=yes## Activate Directory Messages-messages given to remote users while they# go into a certain directory.dirmessage_enable=yes## The target log file can be Vsftpd_log_file or xferlog_file.# this depends on setting Xferlog_std_format paramete Rxferlog_enable=yes## Make sure PORT transfer connections originate fromPort -(ftp-data). connect_from_port_20=yes## If you want, can arrange foruploaded anonymous files to be owned by# a different user. Note! Using"Root" forUploaded files isnot# Recommended!#chown_uploads=Yes#chown_username=whoever## The name of the log file when Xferlog_enable=yes and xferlog_std_format=yes# WARNING-changing ThisFileName affects/etc/logrotate.d/Vsftpd.log#xferlog_file=/var/log/xferlog## switches between logging into Vsftpd_log_file and xferlog_file files.# NO writes to Vsftpd_log_file, YES to Xferlog_filexferlog_std_format=yes## thedefaultValue forTiming outAn idle session. #idle_session_timeout= -# # you could change thedefaultValue forTiming outa data connection. #data_connection_timeout= -# # It isrecommended that's define on your system a unique user which the# FTP server can use asa totally isolated and unprivileged user. #nopriv_user=ftpsecure## Enable ThisAnd the server would recognise asynchronous ABOR requests. not# Recommended forSecurity (The Code isnon-trivial). Not enabling it,# However, may confuse older FTP clients. #async_abor_enable=yes## bydefaultThe server would pretend to allow ASCII mode butinchfact ignore# the request. Turn on the below options to the server actually Doascii# mangling on files wheninchASCII mode.# beware, some FTP servers, ASCII support allows a denial of service# attack (DoS) via the command "Size/big/file" inchASCII mode. vsftpd# predicted Thisattack and have always been safe, reporting the size of the# raw file.# ASCII mangling isa horrible feature of the protocol. #ascii_upload_enable=yes#ascii_download_enable=yes## fully customise the login bannerstring: Ftpd_banner=Welcome to Mmall FTP server## your may specify a file of disallowed anonymous E-mail addresses. apparently# Useful forcombatting certain DoS attacks. #deny_email_enable=yes# (defaultfollows) #banned_email_file=/etc/vsftpd/banned_emails## Specify anExplicitList of Local users to Chroot () to their home# directory. If Chroot_local_user isYES, then Thislist becomes a list of# users to not chroot (). Chroot_local_user=nochroot_list_enable=yes# (defaultfollows) Chroot_list_file=/etc/vsftpd/chroot_list## Activate the"- R"option to the BUILTIN LS. This isDisabled by#defaultTo avoid remote users being able to cause excessive i/O on large# sites. However, some broken FTP clients such as "ncftp"and"Mirror"assume# The presence of the"- R"option, so there isA strong Case forenabling it. #ls_recurse_enable=yes## when"Listen"directive isEnabled, VSFTPD runsinchStandalone mode and# listens on IPV4 sockets. This directive cannot is usedinchconjunction# with the Listen_ipv6 directive.listen=yes## This directive enables listening on IPV6 sockets. To listen on IPV4 and ipv6# sockets, you must run-copies of VSFTPD with-configuration files.# make sure, that one Of the Listen options isCommented!!#listen_ipv6=Yespam_service_name=vsftpduserlist_enable=yestcp_wrappers=yes#pasv_enable=Yespasv_min_port=61001Pasv_max_port=62000
vsftpd.conf file Address
Installation and configuration of VSFTPD under Linux