Installation of vsFTPd server in Linux

After we have configured a web service for a Linux server, we need to upload a website program to verify that the server is running normally. This requires ftp support. This article will explain how to use it, detailed steps for installing the ftp server in Linux: VSFTP

The ftp server program we use is vsftpd, which is one of the most popular open-source FTP servers in Linux.

Install the vsftpd server program

The traditional installation software package of linuxis to download the tar.gz installation package, or RPM installation package. after decompression, compile the package, or use the RPM-I command to install the package. The process is cumbersome. We use the yum command to install it online, so that we can automatically select the latest program version, which is very convenient.

Enter yum install vsftpd and then press y to confirm the installation. When "Complete!" appears !" The installation is complete.

Enter chkconfig vsftpd on service vsftpd start, set vsftpd to start, and start the vsftpd service.

Modify vsftpd configuration file

The default location of the vsftpd configuration file is/etc/vsftpd. conf. Generally, you need to back up the original configuration file and then edit it. the procedure is as follows:
Enter mv vsftpd. conf vsftpd. conf-old change vsftpd. change the conf file to vsftpd. conf-old backup, input vi/etc/vsftpd. conf: create and edit vsftpd. conf file.

Connect to the new vsftpd. conf file and write the file as follows:

Anonymous_enable = NO // do not allow anonymous user logon. generally, ftp on our web server does not allow anonymous logon.
Local_enable = NO // disable (or allow) local user logon
Write_enable = YES // Grant write permission
Chroot_local_user = YES // lock the user directory. ftp users can only log on to the ftp directory.
Anon_upload_enable = NO
Anon_mkdir_write_enable = NO // Prohibit anonymous users from uploading or creating directories.
Dirmessage_enable = YES // allows ftp users to list file directories
Xferlog_enable = YES // write logs
Connect_from_port_20 = YES
Listen = YES // use port 20, which is usually the default
Pam_service_name = vsftpdpamconf
Userlist_enable = YES
Tcp_wrappers = YES // important. the configuration file for pam authentication is specified.
Guest_enable = YES // enable virtual user
Guest_username = apache // specifies the permission of the virtual user to use apache of the local user. This is especially important. The ftp virtual user on the web server must be set to the apache permission, otherwise, the file uploaded by ftp cannot be accessed normally, and the file generated by the website cannot be modified.
User_config_dir =/etc/vsftpd/vuser_conf // storage location of the configuration file of the Virtual User
Virtual_use_local_privs = YES // virtual users must have local user permissions. otherwise, ftp users cannot change file permissions.

Then save and exit the vi editor, execute: service vsftpd restart, and restart the vsftpd service to test whether the configuration file is correctly written.

Add vsftpd virtual account:

Go to the/etc/vsftpd directory to create a virtual user database:

Enter vi vuservsftpd.txt to create and edit the file vuservsftpd.txt, and write the virtual user and password you want to create. the single-behavior username and double-behavior password must not contain spaces, for example:

Vuser1
Password1
Vuser2
Password2

Save and exit after creation. then, run the db command to generate the Virtual User library file required for vsftpd verification:

Db-T-t hash-f vuservsftpd.txt vsftpdpamconf. db // note that the db file name must be the same as the pam authentication name set in vsftpd. conf.

To ensure security, you can delete the newly created vuservsftpd.txt. next time you need to add a new user name, you can also set the vsftpdpamconf. db file permission to 644.

Add the vsftpd virtual account configuration file:

No corresponding configuration file for the virtual account will not take effect. in step 1, we will go to vsftpd. in the conf file, the configuration file directory of the virtual account is:/etc/vsftpd/vuser_conf. next we will go to this directory:

The name of the configuration file must be the same as that of the virtual account. Therefore, we have created two new files: vuser1 and vuser2, and written the following configuration information as needed:

Local_root =/var/www/html/demo // set a directory for virtual users, because we need to manage one ftp account for each website, so his root directory is the virtual directory of the website that we need to manage.
Write_enable = YES
Download_enable = YES
Anon_upload_enable = YES
Anon_mkdir_write_enable = YES
Anon_other_write_enable = YES // grant other permissions to the virtual user, such as writing, downloading and uploading, and creating directories.
Anon_world_readable_only = no // You do not understand the meaning of this statement, but it must exist.

You can add or cancel some permissions as needed. to log out, you only need to add the "#" sign before the statement or delete it directly.

Now the FTP configuration of the Linux server is successful, and you can test whether it can be used normally.