Linux FTP Chroot_local_user and chroot_list_enable two small enemies

1. Build FTP Environment

1.1 Download Install FTP, use yum install-y vsftpd

1.2 Starting the FTP service

1.3 Create a new FTP user and configure the home directory//and permissions, the permissions are set very large, only limited to not allow SSH login

1.4 The default new FTP user is able to access other paths other than the home directory, if you want to set access permissions, modify the parameters in/etc/vsftpd/vsftpd.conf, let the Chroot_list_enable=yes rule take effect

Chroot_local_user=yes says that (global) restricts all user access to the home directory, and YES to limit No. The default is no limit

Chroot_list_enable=yes indicates whether the user in the list list is enabled as an exception. The default is no limit

Chroot_list_file=/etc/vsftpd/chroot_list

1.4.1 Chroot_local_user YES, when Chroot_list_enable=yes, all users can connect to FTP, limited to the home directory. Enable the user list within Chroot_list_file, as an exception, without restricting access

Chroot_local_user=no, when Chroot_list_enable=yes, all users can FTP connection, unrestricted range. Enable chroot_list_file inside the user list, as an exception, restrict access to the home directory

Chroot_local_user=no, when Chroot_list_enable=no, all users can FTP connection, unrestricted range. Do not enable the user list in Chroot_list_file, no exceptions

Chroot_local_user =yes, when Chroot_list_enable=no, all users can ftp connection, limited in the home directory is not enabled chroot_list_file inside the user list, no exceptions

1.4.2 Ftpusers, there is a list of users who are forbidden to access the FTP, always effective

The 1.4.3/etc/vsftpd/chroot_list file is not available by default and can be added by itself. Also note that the Chroot_list_enable=yes need to be enabled, the list will only take effect

2. Small test

2.1 I created the user yange, Yange is not in/etc/vsftpd/chroot_list this list, the environment is Chroot_local_user=no, Chroot_list_enable=no, can access all scopes

2.2.1 created the user yangetest yangetest in/etc/vsftpd/chroot_list this list, when the environment is Chroot_local_user=no, Chroot_list_enable=no,yang E can access all scopes, Yangetest does not enable this whitelist and still has access to all scopes

2.2.2 Yangetest in/etc/vsftpd/chroot_list this list, when the environment is Chroot_local_user=yes, Chroot_list_ Enable=no. Yange can only access the home directory, Yangetest does not enable this list, and the Yange property is the same

2.2.3 Yangetest in/etc/vsftpd/chroot_list this list, the environment is Chroot_local_user=yes, Chroot_list_enable=yes Yange only Access to the home directory, Yangetest enabled this list, so there is an exception, that is, access to all directories

2.2.4 Yangetest in/etc/vsftpd/chroot_list this list, when the environment is Chroot_local_user=no, CHROOT_LIST_ENABL E=yes Yange can access all scopes, Yangetest launches the list, with exceptions, access to the home directory only

3. Uninstalling the FTP service

3.1 Rpm-qa | grep vsftpd to see if the installation

Uninstalling Rpm-e VSFTPD

The rain is so big outside @@facesymbol@@￣▽￣) ~*

But I don't work, what's the matter with me? O (≧v≦) o~~

Linux FTP Chroot_local_user and chroot_list_enable two small enemies