FTP Server
Main program:/USR/SBIN/VSFTPD
User Control List File
/etc/vsftpd/ftpusers
/etc/vsftpd/user_list
Master configuration file
/etc/vsftpd/vsftpd.conf
Common Global Configuration Items
Listen=yes whether to monitor the service in a separate way
listen_address=192.168.134.2 Setting the IP address of the listener
Listen_port=21 setting up ports to listen for FTP services
Write_enable=yes whether Write permission is enabled
Download_enable=yes whether to allow files to be downloaded
Userlist_enable=yes whether the User_list list file is enabled
Userlist_deny=yes whether to disable users in User_list
Max_clients=0 Limit number of concurrent client connections
Max_per_ip=0 limit the number of concurrent connections for the same IP address
Common Anonymous FTP configuration entries
Anonymous_enable=yes Enable anonymous Access
anon_umask=022 permission mask for files uploaded by anonymous users
Anon_root=/var/ftp FTP root directory for anonymous users
Anon_upload_enable=yes allow uploading of files
Anon_mkdir_write_enable=yes Allow directory creation
Anon_other_write_enable=yes Allow other write rights
Anon_max_rate=0 Limit Maximum transfer rate (Bytes/sec)
Common local user FTP configuration entries
Local_enable=yes whether local system users are enabled
local_umask=022 permission mask for files uploaded by local Users
Local_root=/var/ftp Setting the FTP root directory for Local Users
Chroot_local_user=yes whether to imprison users in the home directory
Local_max_rate=0 Limit Maximum transfer rate (Bytes/sec)
Anonymous user access
1. Prepare directory for anonymous FTP access
Write permission to this directory using anonymous user FTP
Chown ftp/var/ftp/pub/
ls-ld/var/ftp/pub/
2, open Anonymous User Configuration, and start the service
Vim/etc/vsftpd/vsftpd.conf
Anonymous_enable=yes
Local_enable=no
Write_enable=yes
anon_umask=022
Anon_upload_enable=yes
Anon_mkdir_write_enbale=yes
Dirmessage_enable=yes
Local User access
Service VSFTPD Start
NETSTAT-ANPT | grep "VAFTPD"
Grep-v "^#" Vsftpd.conf.bak > vsftpd.conf
Service VSFTPD Reload
Other common configurations
Vim/etc/vsftpd/vsftpd.conf
1, modify the VSFTPD service's listening address, port
Listen=yes
listen_address=192.168.1.2
listen_port=2121
2. Passive mode that allows FTP server to be used
Pasv_enable=yes
pasv_min_port=24500
pasv_max_port=24600
3. Limit the number of concurrent FTP connections, transfer rate
Max_clients=20
max_per_ip=2
anon_max_rate=50000
local_max_rate=200000//Unit kb/s
Oops:cannot Change Directory
Oops:priv_sock_get_cmd
Setsebool Ftp_home_dir on
Setsebool-p Ftp_home_dir on
FTP Operation commands
Lrzsz
RZ Uploading Files
SZ Download
Ls
PWD queries the directory where the Linux host resides
Lpwd Query the directory where the machine is located
CD switch directory (FTP)
Bin binary Transfer
LCD switch Download directory (local)
Get download Single File
Mput Download multiple
Put uploads a single
Mput Upload Multiple
PRONPT closing Interactive mode
Bye exit
Quit Disconnect FTP connection
Open Connect to FTP server
User input FTP server username and password
Nmap Port Scan Tool
Listen_address=ip Address
Specify the Listening IP
Listen_port=port_value
Specify the listening port, default 21
Anonymous_enable=yes
Allow anonymous accounts to be used
Local_enable=yes
Whether to allow local users to log on
Nopriv_user=ftp
Specify the run account for the VSFTPD service, using FTP when not specified
Write_enable=yes
Whether to allow write
Anon_upload_enable=yes
Whether anonymous users can upload files
Anon_mkdir_write_enable=yes
Whether anonymous users create directories
Dirmessage_enable=yes
Enter each directory to display welcome information, create a. message file in each directory and write a welcome message inside.
Xferlog_enable=yes
Log logging when uploading/downloading files
Connect_from_port_20=yes
Whether to transfer data using 20 ports (active mode is used)
Chown_uploads=yes, Chown_username=whoever
Modify the owner of an anonymous user upload file
Xferlog_file=/var/log/vsftpd.log
Log file
Xferlog_std_format=yes
Using standard file Logs
idle_session_timeout=600
Session timed out, client connected to FTP but not operational
data_connection_timeout=120
Data transfer Timeout
Async_abor_enable=yes
Whether to allow clients to use commands such as Sync
Ascii_upload_enable=yes, Ascii_download_enable=yes
Allow upload/download of binary files
Chroot_local_user=yes
Restrict all local users in your home directory
Chroot_list_enable=yes, Chroot_list_file=/etc/vsftpd/chroot_list
Specifies that users who cannot leave the home directory will write a line of user names in the/etc/vsftpd/chroot_list file, which must be chroot_local_user=no when using this method
Ls_recurse_enable=yes
Allow commands such as ls-r to be used
Listen=yes
Turn on IPv4 monitoring
Listen_ipv6=yes
Turn on IPv6 monitoring
Pam_service_name=vsftpd
Using PAM module control, the Vsftpd file is in the/ETC/PAM.D directory
Userlist_enable=yes
When this option is activated, VSFTPD will read the list of users in the file specified by the Userlist_file parameter. When a user in the list logs on to an FTP server, the user is disabled before prompting for a password. That is, after the user name is entered, vsftpd the user name in the list, VSFTPD directly prohibit the user, no longer ask for password, such as subsequent steps to gather
Userlist_deny=yes
Decide whether to disallow or allow only users in the Userlist_file specified file to log on to the FTP server. This option does not take effect until the userlist_enable option is started. YES, the default value, prevents users in the file from logging in, and does not give these users a hint to enter a password. NO, only allow users in the file to log in to the FTP server
Tcp_wrappers=yes
Whether to allow Tcp_wrappers management
Local_root=/home/ftp
root directory for all users, invalid for anonymous user
Anon_max_rate
Maximum transfer speed for anonymous users, in units of BYTS/S
Local_max_rate
Maximum transfer speed for local users, in BYTS/S
Download_enable= YES
Whether to allow download
This article is from the "Baby God" blog, make sure to keep this source http://babyshen.blog.51cto.com/8405584/1976121
Linux FTP Service