Linux Eighth Week Lesson notes (1) VSFTPD service

Source: Internet
Author: User
Tags ftp protocol what is ftp

I. VSFTPD Services

1. What is FTP

A :FTP is a client/server system that connects to an FTP server program on a remote host through a client program that supports the FTP protocol. The user sends commands to the server program through the client program. The server program executes the commands issued by the customer and feeds the results back to the client.

two . Install FTP

Yum install vsftpd lftp-y # #安装两个服务

Systemctl Start VSFTPD

Systemctl Stop Firewalld

Systemctl Enable VSFTPD

Setenforce 0 # #关闭selinux

Results test:

lftp IP # #能登陆并且显示, indicating successful installation

650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M01/8A/3B/wKiom1grNr3Bz8hAAAGuoAy_Tso410.png-wh_500x0-wm_3 -wmp_4-s_3652116052.png "title=" 2016-11-15 17_25_19 screenshot. png "alt=" wkiom1grnr3bz8haaaguoay_tso410.png-wh_50 "/>

three . vsftpd File Information

/var/ftp # #默认发布目录

/ETC/VSTFPD # #配置目录

/etc/vsftpd/vsftpd.conf # #主配置文件

four . Service configuration parameters, i.e. function settings

1. Anonymous user settings

A. Anonymous user login restrictions

Vim/etc/vsftpd/vsftpd.conf

Anonymous_enable=yes|no # #匿名用户登陆限制 ()

And then restart the service

650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M01/8A/38/wKioL1grN2XhaIjaAAE2f-EF7bk035.png-wh_500x0-wm_3 -wmp_4-s_1894449891.png "title=" 2016-11-15 18_22_53 screenshot. png "alt=" wkiol1grn2xhaijaaae2f-ef7bk035.png-wh_50 "/>



B. Anonymous user uploads

Vim/etc/vsftpd/vsftpd.conf

Write_enable=yes

Anon_upload_enable=yes

chgrp ftp/var/ftp/pub # #将pub目录所有组改为ftp

chmod 775/var/ftp/pub # #设置权限775

Final Test:

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/8A/3B/wKiom1grN_ngTSAaAAGZ-_0QB8o587.png-wh_500x0-wm_3 -wmp_4-s_16037324.png "title=" 2016-11-15 18_11_01 screenshot. png "alt=" wkiom1grn_ngtsaaaagz-_0qb8o587.png-wh_50 "/>

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M02/8A/3C/wKiom1grOHzz7Wp7AAKD04wi6Ms201.png-wh_500x0-wm_3 -wmp_4-s_41620340.png "title=" 2016-11-15 17_30_52 screenshot. png "alt=" wkiom1grohzz7wp7aakd04wi6ms201.png-wh_50 "/>


C. Modification of the anonymous user home directory

Anon_root=/direcotry

d.#< Anonymous user build directory >

Anon_mkdir_write_enable=yes|no

#< Anonymous user Download >

Anon_world_readable_only=yes|no # #设定参数值为no表示匿名用户可以下载

#< Anonymous User Delete >

Anon_other_write_enable=yes|no

650) this.width=650; "Src=" Http://s3.51cto.com/wyfs02/M00/8A/38/wKioL1grOKXABpmWAALIPTIeJ7w949.png-wh_500x0-wm_3 -wmp_4-s_597882828.png "title=" 2016-11-15 19_22_56 screenshot. png "alt=" wkiol1grokxabpmwaaliptiej7w949.png-wh_50 "/>


e.#< Max upload rate >

anon_max_rate=102400

#< Maximum number of links >

Max_clients=1

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M02/8A/38/wKioL1grOM2xipMYAAHqF2-AQNA663.png-wh_500x0-wm_3 -wmp_4-s_1386063931.png "title=" 2016-11-15 19_44_51 screenshot. png "alt=" wkiol1grom2xipmyaahqf2-aqna663.png-wh_50 "/>

650) this.width=650; "Src=" Http://s3.51cto.com/wyfs02/M01/8A/38/wKioL1grOO6xlb4PAADgrb8yx9Y237.png-wh_500x0-wm_3 -wmp_4-s_2624314194.png "title=" 2016-11-15 19_45_41 screenshot. png "alt=" wkiol1groo6xlb4paadgrb8yx9y237.png-wh_50 "/>

2. Local user's settings

Local_enable=yes|no # #本地用户登陆限制

Write_enable=yes|no # #本地用户写权限限制

#< Local User home Directory modification >

Local_root=/directory

#< Local user upload file permissions >

Local_umask=xxx

#< Restrict local user browsing/target

All users are locked into their home directory

Chroot_local_user=yes

chmod u-w/home/*

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M02/8A/3C/wKiom1grORPz_ufEAAIHGlf_fkA751.png-wh_500x0-wm_3 -wmp_4-s_707998470.png "title=" 2016-11-15 19_59_08 screenshot. png "alt=" wkiom1grorpz_ufeaaihglf_fka751.png-wh_50 "/>

650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M00/8A/3C/wKiom1grOSrQVDv2AAE1wGQfsnM017.png-wh_500x0-wm_3 -wmp_4-s_2452436564.png "title=" 2016-11-15 20_04_46 screenshot. png "alt=" wkiom1grosrqvdv2aae1wgqfsnm017.png-wh_50 "/>

User blacklist establishment

Chroot_local_user=no

Chroot_list_enable=yes

Chroot_list_file=/etc/vsftpd/chroot_list

Touch /etc/vsftpd/chroot_liSt

Enter a local user name in the file

such as:test

650) this.width=650; "Src=" Http://s3.51cto.com/wyfs02/M02/8A/38/wKioL1grOWKBG_wJAAHamW_YQdI875.png-wh_500x0-wm_3 -wmp_4-s_1507730164.png "title=" 2016-11-15 20_13_18 screenshot. png "alt=" wkiol1growkbg_wjaahamw_yqdi875.png-wh_50 "/>


650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M00/8A/38/wKioL1grObGBo9LIAAKa8rerKoo575.png-wh_500x0-wm_3 -wmp_4-s_3048568881.png "title=" 2016-11-15 20_16_04 screenshot. png "alt=" wkiol1grobgbo9liaaka8rerkoo575.png-wh_50 "/>

User Whitelist Creation

Chroot_local_user=yes

Chroot_list_enable=yes

Chroot_list_file=/etc/vsftpd/chroot_list

650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M00/8A/3C/wKiom1grOc_DiPjSAAGGuE4otwk194.png-wh_500x0-wm_3 -wmp_4-s_1814800251.png "title=" 2016-11-15 20_20_23 screenshot. png "alt=" wkiom1groc_dipjsaaggue4otwk194.png-wh_50 "/>


#< Restrict local User login >

vim/etc/vsftpd/ftpusers # #用户黑名单

vim/etc/vsftpd/user_list # #用户临时黑名单

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M01/8A/3C/wKiom1grOfTTk5rAAAFHQDLSyjw605.png-wh_500x0-wm_3 -wmp_4-s_2051120881.png "title=" 2016-11-15 20_24_09 screenshot. png "alt=" wkiom1grofttk5raaafhqdlsyjw605.png-wh_50 "/>

User White list settings

Userlist_deny=no

/etc/vsftpd/user_list # #参数设定, this file becomes a user whitelist, only the user who appears in the list can log in to FTP

#<ftp settings for virtual users >

Create a virtual account

vim/etc/vsftpd/loginusers # #这个名字是任意设定的

Write your own defined virtual account within a file

xijinping # #虚拟用户名

111 # #密码

Baoyeye

111

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M00/8A/38/wKioL1grOg-S0OW5AABaGeI2Rfo124.png-wh_500x0-wm_3 -wmp_4-s_4090614320.png "title=" 2016-11-15 20_29_30 screenshot. png "alt=" wkiol1grog-s0ow5aabagei2rfo124.png-wh_50 "/>

Set the file encryption

Db_load-t-T Hash-f/etc/vsftpd/loginusers/etc/vsftpd/loginusers.db

Rm-fr/etc/vsftpd/loginusers

Description:-T represents a conversion

-T means cryptographic hash encryption

-F indicates that the encrypted file is followed by the location of the required encrypted files, which must be under/etc/vsftpd/

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M01/8A/3C/wKiom1grOj6BOO9wAABl0N_eQgs593.png-wh_500x0-wm_3 -wmp_4-s_2404743551.png "title=" 2016-11-15 22_14_06 screenshot. png "alt=" wkiom1groj6boo9waabl0n_eqgs593.png-wh_50 "/>

and then compile it in the /etc/pam.d/directory.

Vim/etc/pam.d/linux # #此文件名字是自定义的

The content of the writing is as follows:

Account Required pam_userdb.so db=/etc/vsftpd/loginusers

Auth Required pam_userdb.so db=/etc/vsftpd/loginusers

Description:db=/etc/vsftpd/loginusers The Loginusers file here is the Loginusers.db file that was previously generated. We're going to remove this suffix from the db.

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M01/8A/38/wKioL1grOm3w5-q8AACx2X5epRc698.png-wh_500x0-wm_3 -wmp_4-s_2508653541.png "title=" 2016-11-15 20_33_13 screenshot. png "alt=" wkiol1grom3w5-q8aacx2x5eprc698.png-wh_50 "/>

finally compile the VSTFPD configuration file

Vim/etc/vsftpd/vsftpd.conf

Pam_service_name=ckvsftpd

Guest_enable=yes

Guest_username=ftp

Save exit

Test:

650) this.width=650; "Src=" Http://s3.51cto.com/wyfs02/M02/8A/3C/wKiom1grOoaDFvKdAAI4Q6C3Es4286.png-wh_500x0-wm_3 -wmp_4-s_3080721984.png "title=" 2016-11-15 20_59_01 screenshot. png "alt=" wkiom1grooadfvkdaai4q6c3es4286.png-wh_50 "/>

Virtual Account home directory independent settings)

A. Creating a user home directory

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M02/8A/38/wKioL1grOp_ywi2IAAD-JHGqzZc412.png-wh_500x0-wm_3 -wmp_4-s_3330897682.png "title=" 2016-11-15 21_48_27 screenshot. png "alt=" wkiol1grop_ywi2iaad-jhgqzzc412.png-wh_50 "/>

B. Home directory settings

Vim/etc/vsftpd/vsftpd.conf

local_root=/ftpdir/$USER

user_sub_token= $USER

Save exit

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/8A/3C/wKiom1grOsKjuRjSAAFi7NEgMb8422.png-wh_500x0-wm_3 -wmp_4-s_1546840841.png "title=" 2016-11-15 21_48_23 screenshot. png "alt=" wkiom1groskjurjsaafi7negmb8422.png-wh_50 "/>

Final Test:

650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M00/8A/38/wKioL1grOtmgF9moAAJFHMtdHTY556.png-wh_500x0-wm_3 -wmp_4-s_1075598990.png "title=" 2016-11-15 21_49_44 screenshot. png "alt=" wkiol1grotmgf9moaajfhmtdhty556.png-wh_50 "/>

Linux Eighth Week Lesson notes (1) VSFTPD service

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.