Introduction to the simple application of the FTP service and the FTP server configuration tool vsftpd in Linux

Source: Internet
Author: User
Tags ftp connection ftp client file transfer protocol
Today, we will introduce the most common application of file sharing, FTP. This is a very old file transfer protocol based on tcp, which was born for 40 years. Its full name is FileTransferProtocol, it is used to transmit control files over the Internet in two directions. It is also a CS-based service system, and has different FTP applications based on different operating systems, this Protocol introduces FTP, the most common application for file sharing today, which is a very old t-based CpFile Transfer Protocol, born for 40 years, full name: File Transfer Proto Col, Used on the Internet Control FileIt is also a C/S ArchitectureThe service system has different FTP applications based on different operating systems. This protocol is the same as other earlier protocols and is transmitted in plain text at the beginning of the design!
The following is a brief introduction to this Protocol!
I. FTP connection:

CommandCommandConnection: listening on port 21.FtpThe service is always active.

Data connection: the connection is enabled only when files are downloaded or uploaded. There are two data connection modes:

Active mode (Standard in some places ):In this mode, FTPClientFirst, establish a connection with tcp port 21 of the server to send commands. When the client needs to receive data, send the PORT command on this channel. The PORT command contains the PORT used by the client to receive data. When transmitting data, the server connects to the specified port of the client through its TCP port 20 to send data. The FTP server must establish a new connection with the client to transmit data. Generally, Port 20 on the server end establishes a new connection with the Port 1 on the client sending the request, for example: the client sends a command request to port 21 of the server through port 7000.Establish a connection. During data transmission, a new connection is established between Port 20 on the server and port 7001 on the client to transmit data.

Passive mode:The establishment of a control channel is similar to the active mode, but the Pasv command is sent after the connection is established. After the server receives the Pasv command, it opens a temporary port (the port number is greater than 1023 and less than 65535) and notifies the client to send data on this port. The client connects to this port of the FTP server, the FTP server then transmits data through this port.

The two transmission modes are used to protect data security. in passive mode, the port for data transmission on the server is temporarily opened and cannot be eavesdropped, however, the FTP server is usually located behind the firewall. This mode is complicated during access control, while the firewall setting in active mode is much simpler.   Ii. FTP user type: Anonymous user:This is what we often call anonymous logon. When an ftp server supports anonymous logon, ftp and anoymous users can be used for anonymous logon. Local User:This type of user means that the FTP service has an account, account name, and password information stored in PasswdIn the shadow file. When such users log on to the FTP server, their default home directory is the directory named by their account. However, it can also be changed to other directories. Such as the main directory of the system, which is very dangerous. We will introduce vsftp later! Virtual users (also called GUEST users in some places ):Using an independent account/password data file, this account has a feature that it can only access its own home directory. In this way, the server ensures the security of other files on the FTP service. This type of account, in VsftpdSoftwareIs called a Guest user. Accounts with such users can only access the directories in their home directories, rather than files other than the home directories.   Iii. Common FTP server programs: Windows: IIS, Serv-U LINUX: wu-ftpd Proftpd vsftpd Vsftpd is the default FTP server program provided by red hat. It is full name: Very Sceure FTP Dacmon, which provides complete ftp services with outstanding security performance, to put it down, Proftpd is a very powerful ftp server program that can meet various customization and needs!
4. Common FTP client programs: Ftp command CuteFTP, FlashFXP (known as the fastest FTP client), LeapFTP, Filezilla Gftp and kuftp Of course, we can also directly log on to the FTP server through IE and other browsers, but all of the above are professional FTPFTP client service programs. I will not explain it here. To avoid the impact of selinux on subsequent operations, we useSetEnforce 0 temporarily disables selinux.   The following describes the vsftpd server program: We directly install this package through yum: Yum-y install vsftpd Would you be surprised to find that this installation package is only kb in size! Install in this way, Install the main program file in/usr/sbin/vsftpd,The configuration file is in/etc/vsftpd: There are 3 files: Ftpusers configuration: List of ftp users prohibited from logging on User_list defines some user lists. Whether these users can log on depends on the settings in the main configuration file. The main configuration file of vsftpd. conf is the configuration file of this program. All the settings are defined here, and many options can be defined in it.
If you are interested, you can take a look at the following common options (For details, refer to encyclopedia or other materials ): 1. Default Configuration: Anonymous _ Enable= YES # Allow anonymous users to access Local_enable = YES # Allow access by local users    Write_ Enable = YES # Write Permission Local _ Umask= 022 # mask of the file or directory created by the local user Connect_from_port_20 = YES # enable port 20 2. Anonymous Users are allowed to write (upload/create directories)   Add the following content in the default configuration: Anon_upload_enable = YES Anon _ Mkdir_ Write_enable = YES Anon_world_readable_only = NO. allows anonymous accounts to write directories that require all permissions. 3. Shield all local users from accessing other directories (except home directories, anonymous users can only access Home Directories)
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.