Linux Cloud Automation system operations (VSFTPD service)

1. What is FTP
FTP is one of the oldest network protocols still commonly used on the internet, providing a simple way for the system to transmit over a network to a remote server

2. Install FTP

Yum Install Vsftpd-y

Firewall-config Open the FTP service and reload

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M02/9D/D2/wKiom1mG6hrz9yZ4AADQbKcywrw949.png "title=" Screenshot from 2017-08-06 03:32:51.png "alt=" Wkiom1mg6hrz9yz4aadqbkcywrw949.png "/>

Vim/etc/sysconfig/selinux to restart after setting it to disable
Systemctl Start VSFTPD

Systemctl Enable vsftpd set self-start

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/9D/D1/wKioL1mG6lCgk6VdAAFospG3Tm8995.png "title=" Screenshot from 2017-08-06 03:39:02.png "alt=" Wkiol1mg6lcgk6vdaafospg3tm8995.png "/>

Lftp IP # #能登陆并且显示, indicating successful installation

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/9D/D1/wKioL1mG6m6xTx9JAABnY_6m20A671.png "title=" Screenshot from 2017-08-06 03:46:18.png "alt=" wkiol1mg6m6xtx9jaabny_6m20a671.png/>3.vsftpd file info
/var/ftp/# #默认发布目录
/ETC/VSFTPD # #配置目录

Configuration parameters for 4.VSFTPD services
(1. Anonymous user settings
Anonymous_enable=yes|no # #匿名用户登陆限制

650) this.width=650; "Src=" https://s1.51cto.com/wyfs02/M02/9D/D2/ Wkiom1mg6szdfhftaaaxzrinhcw200.png "title=" screenshot from 2017-08-06 03:51:16.png "alt=" Wkiom1mg6szdfhftaaaxzrinhcw200.png "/>650) this.width=650;" Src= "https://s3.51cto.com/wyfs02/M01/9D/D2/ Wkiom1mg6pldq4dgaabghehzcoa491.png "title=" screenshot from 2017-08-06 03:50:38.png "alt=" Wkiom1mg6pldq4dgaabghehzcoa491.png "/>#< anonymous user upload;
vim/etc/vsftpd/vsftpd.conf
Write_enable=yes                         Write permissions for anonymous users
anon_upload_enable=yes        upload permissions for anonymous users
Chgrp ftp/var/ftp/pub                    Change pub group to FTP
chmod 775/var/ftp/pub    

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9D/D1/wKioL1mG6v3RCdyLAABFuqWs_Jg824.png "style=" float : none; "title=" screenshot from 2017-08-06 03:53:21.png "alt=" Wkiol1mg6v3rcdylaabfuqws_jg824.png "/>

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/9D/D2/wKiom1mG6v6wZsN9AACGf5wGDL4118.png "style=" float : none; "title=" screenshot from 2017-08-06 03:57:43.png "alt=" Wkiom1mg6v6wzsn9aacgf5wgdl4118.png "/>

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/9D/D1/wKioL1mG6v7DKzFjAADMfNWFCk0013.png "style=" float : none; "title=" screenshot from 2017-08-06 04:01:53.png "alt=" Wkiol1mg6v7dkzfjaadmfnwfck0013.png "/>

#< Anonymous user home directory modification >
Anon_root=/direcotry Setting the home directory for anonymous users
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/9D/D2/wKiom1mG6xvxAHKlAAAjRTG2i7M919.png "title=" Screenshot from 2017-08-06 04:05:14.png "alt=" Wkiom1mg6xvxahklaaajrtg2i7m919.png "/>

#< Anonymous user upload file default permissions modification >
Anon_umask=xxx

#< Anonymous user build directory >
Anon_mkdir_write_enable=yes|no

#< Anonymous user Download >
Anon_world_readable_only=yes|no # #设定参数值为no表示匿名用户可以下载

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M01/9D/D2/wKiom1mG64jgB7rdAAAq_hOQV5g029.png "style=" float : none; "title=" screenshot from 2017-08-06 04:16:53.png "alt=" Wkiom1mg64jgb7rdaaaq_hoqv5g029.png "/>

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/9D/D1/wKioL1mG64mCIspPAAAbb_Bevzc152.png "style=" float : none; "title=" screenshot from 2017-08-06 04:22:04.png "alt=" Wkiol1mg64mcisppaaabb_bevzc152.png "/>

#< Anonymous User Delete >
Anon_other_write_enable=yes|no Delete permissions for anonymous users
650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M01/9D/D1/wKioL1mG7A2S3jYNAAAt4C2vOZk545.png "title=" Screenshot from 2017-08-06 04:26:51.png "alt=" wkiol1mg7a2s3jynaaat4c2vozk545.png "/>#< user identity modification used by anonymous users >
Chown_uploads=yes turn on permissions to use identities
Chown_username=student permitted use of identity

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M02/9D/D2/wKiom1mG7CvjlUPTAAA6rAETx7k401.png "title=" Screenshot from 2017-08-06 04:30:58.png "alt=" Wkiom1mg7cvjluptaaa6raetx7k401.png "/>

#< Max upload rate >
anon_max_rate=102400

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9D/D2/wKiom1mG69_QVSWcAAAQ7_tkDVk157.png "style=" float : none; "title=" screenshot from 2017-08-06 04:33:14.png "alt=" Wkiom1mg69_qvswcaaaq7_tkdvk157.png "/>

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9D/D1/wKioL1mG69_CBhpAAAAeiebhzCw813.png "style=" float : none; "title=" screenshot from 2017-08-06 04:37:29.png "alt=" Wkiol1mg69_cbhpaaaaeiebhzcw813.png "/>

#< Maximum number of links >
max_clients=2 server at the same time the maximum number of hosts can connect

(2. Local User settings
Local_enable=yes|no # #本地用户登陆限制
Write_enable=yes|no # #本地用户写权限限制

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/9D/D1/wKioL1mG7LnhXwNNAAAeiebhzCw903.png "style=" float : none; "title=" screenshot from 2017-08-06 04:37:29.png "alt=" Wkiol1mg7lnhxwnnaaaeiebhzcw903.png "/>

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M00/9D/D2/wKiom1mG7LmhnrELAAAqwHm8d9s892.png "style=" float : none; "title=" screenshot from 2017-08-06 04:41:33.png "alt=" Wkiom1mg7lmhnrelaaaqwhm8d9s892.png "/>

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M00/9D/D2/wKiom1mG7LnANaypAABDqRLy5o4712.png "style=" float : none; "title=" screenshot from 2017-08-06 04:42:45.png "alt=" Wkiom1mg7lnanaypaabdqrly5o4712.png "/>

#< Local User home Directory modification >
Local_root=/directory

#< Local user upload file permissions >
Local_umask=xxx

#< Restrict local User browse/catalogue >
All users are locked into their home directory
Chroot_local_user=yes
chmod u-w/home/*

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M00/9D/D1/wKioL1mG7O7DF1K5AADkwUtFJrg345.png "title=" Screenshot from 2017-08-06 04:51:20.png "alt=" Wkiol1mg7o7df1k5aadkwutfjrg345.png "/>
User blacklist establishment
Chroot_local_user=no
Chroot_list_enable=yes
Chroot_list_file=/etc/vsftpd/chroot_list

By default, everyone can log in and appear on the list.


User Whitelist Creation
Chroot_local_user=yes
Chroot_list_enable=yes
Chroot_list_file=/etc/vsftpd/chroot_list

The default owner is not allowed to log in, and appears on the list to log in.

#< Restrict local User login >
Vim/etc/vsftpd/ftpusers # #用户黑名单
Vim/etc/vsftpd/user_list # #用户临时黑名单

User White list settings
Userlist_deny=no
/etc/vsftpd/user_list # #参数设定, this file becomes a user whitelist, only the user who appears in the list can log in to FTP



#<ftp settings for virtual users >
Create a virtual account identity)
Vim/etc/vsftpd/loginusers # #文件名称任意
Ftpuser1
123
Ftpuser2
123
Ftpuser3
123

Db_load-t-T hash-f/etc/vsftpd/loginusers loginusers.db Hash encryption of virtual account storage files

VIM/ETC/PAM.D/CKVSFTPD # #文件名称任意
Account Required Pam_userdb.so Db=/etc/vsftpd/loginusers
Auth Required pam_userdb.so Db=/etc/vsftpd/loginusers

Vim/etc/vsftpd/vsftpd.conf
Pam_service_name=ckvsftpd
Guest_enable=yes

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/9D/D1/wKioL1mG7a-RscuFAAB-pEAHa-E396.png "style=" float : none; "title=" screenshot from 2017-08-06 05:22:28.png "alt=" Wkiol1mg7a-rscufaab-peaha-e396.png "/>

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/9D/D2/wKiom1mG7a-zZR8QAAA0VSm0KFI166.png "style=" float : none; "title=" screenshot from 2017-08-06 05:27:44.png "alt=" Wkiom1mg7a-zzr8qaaa0vsm0kfi166.png "/>

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M00/9D/D2/wKiom1mG7bCBRTNzAAAtpiTJk-8626.png "style=" float : none; "title=" screenshot from 2017-08-06 05:29:32.png "alt=" Wkiom1mg7bcbrtnzaaatpitjk-8626.png "/>

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M00/9D/D1/wKioL1mG7bCillJHAABDY22tpUk455.png "style=" float : none; "title=" screenshot from 2017-08-06 05:46:10.png "alt=" Wkiol1mg7bcilljhaabdy22tpuk455.png "/>

Virtual Account identity designation)
Guest_username=ftpuser
chmod u-w/home/ftpuser

Virtual Account home directory independent settings)
Vim/etc/vsftpd/vsftpd.conf
local_root=/ftpuserhome/$USER
user_sub_token= $USER declaring $user in a configuration file is a variable in the shell

Mkdir/ftpuserhome
Chgrp Ftpuser/ftpuserhome
chmod g+s/ftpuserhome
MKDIR/FTPUSERHOME/FTPUSER{1..3}

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9D/D2/wKiom1mG7cezj1DnAABScCrFfG0486.png "style=" float : none; "title=" screenshot from 2017-08-06 05:48:30.png "alt=" Wkiom1mg7cezj1dnaabsccrffg0486.png "/>

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/9D/D1/wKioL1mG7ciAxSM5AAAu9BwRfxI578.png "style=" float : none; "title=" screenshot from 2017-08-06 05:56:26.png "alt=" Wkiol1mg7ciaxsm5aaau9bwrfxi578.png "/>

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M02/9D/D1/wKioL1mG7ciS7CAxAACNHwnWn5U178.png "style=" float : none; "title=" screenshot from 2017-08-06 06:00:40.png "alt=" Wkiol1mg7cis7caxaacnhwnwn5u178.png "/>

Virtual Account Configuration Standalone)
Vim/etc/vsftpd/vsftpd.conf
User_config_dir=/etc/vsftpd/userconf
Mkdir-p/etc/vsftpd/userconf

Vim/etc/vsftpd/userconf/ftpuser1
Set all parameters in the configuration file in this file, with high priority for this file

This article is from the "13122425" blog, please be sure to keep this source http://13132425.blog.51cto.com/13122425/1954048

Linux Cloud Automation system operations (VSFTPD service)