Linux FTP Service

FTP Server

Main program:/USR/SBIN/VSFTPD

User Control List File

/etc/vsftpd/ftpusers

/etc/vsftpd/user_list

Master configuration file

/etc/vsftpd/vsftpd.conf

Common Global Configuration Items

Listen=yes whether to monitor the service in a separate way

listen_address=192.168.134.2 Setting the IP address of the listener

Listen_port=21 setting up ports to listen for FTP services

Write_enable=yes whether Write permission is enabled

Download_enable=yes whether to allow files to be downloaded

Userlist_enable=yes whether the User_list list file is enabled

Userlist_deny=yes whether to disable users in User_list

Max_clients=0 Limit number of concurrent client connections

Max_per_ip=0 limit the number of concurrent connections for the same IP address

Common Anonymous FTP configuration entries

Anonymous_enable=yes Enable anonymous Access

anon_umask=022 permission mask for files uploaded by anonymous users

Anon_root=/var/ftp FTP root directory for anonymous users

Anon_upload_enable=yes allow uploading of files

Anon_mkdir_write_enable=yes Allow directory creation

Anon_other_write_enable=yes Allow other write rights

Anon_max_rate=0 Limit Maximum transfer rate (Bytes/sec)

Common local user FTP configuration entries

Local_enable=yes whether local system users are enabled

local_umask=022 permission mask for files uploaded by local Users

Local_root=/var/ftp Setting the FTP root directory for Local Users

Chroot_local_user=yes whether to imprison users in the home directory

Local_max_rate=0 Limit Maximum transfer rate (Bytes/sec)

Anonymous user access

1. Prepare directory for anonymous FTP access

Write permission to this directory using anonymous user FTP

Chown ftp/var/ftp/pub/

ls-ld/var/ftp/pub/

2, open Anonymous User Configuration, and start the service

Vim/etc/vsftpd/vsftpd.conf

Anonymous_enable=yes

Local_enable=no

Write_enable=yes

anon_umask=022

Anon_upload_enable=yes

Anon_mkdir_write_enbale=yes

Dirmessage_enable=yes

Local User access

Service VSFTPD Start

NETSTAT-ANPT | grep "VAFTPD"

Grep-v "^#" Vsftpd.conf.bak > vsftpd.conf

Service VSFTPD Reload

Other common configurations

Vim/etc/vsftpd/vsftpd.conf

1, modify the VSFTPD service's listening address, port

Listen=yes

listen_address=192.168.1.2

listen_port=2121

2. Passive mode that allows FTP server to be used

Pasv_enable=yes

pasv_min_port=24500

pasv_max_port=24600

3. Limit the number of concurrent FTP connections, transfer rate

Max_clients=20

max_per_ip=2

anon_max_rate=50000

local_max_rate=200000//Unit kb/s

Oops:cannot Change Directory

Oops:priv_sock_get_cmd

Setsebool Ftp_home_dir on

Setsebool-p Ftp_home_dir on

FTP Operation commands

Lrzsz

RZ Uploading Files

SZ Download

Ls

PWD queries the directory where the Linux host resides

Lpwd Query the directory where the machine is located

CD switch directory (FTP)

Bin binary Transfer

LCD switch Download directory (local)

Get download Single File

Mput Download multiple

Put uploads a single

Mput Upload Multiple

PRONPT closing Interactive mode

Bye exit

Quit Disconnect FTP connection

Open Connect to FTP server

User input FTP server username and password

Nmap Port Scan Tool

Listen_address=ip Address

Specify the Listening IP

Listen_port=port_value

Specify the listening port, default 21

Anonymous_enable=yes

Allow anonymous accounts to be used

Local_enable=yes

Whether to allow local users to log on

Nopriv_user=ftp

Specify the run account for the VSFTPD service, using FTP when not specified

Write_enable=yes

Whether to allow write

Anon_upload_enable=yes

Whether anonymous users can upload files

Anon_mkdir_write_enable=yes

Whether anonymous users create directories

Dirmessage_enable=yes

Enter each directory to display welcome information, create a. message file in each directory and write a welcome message inside.

Xferlog_enable=yes

Log logging when uploading/downloading files

Connect_from_port_20=yes

Whether to transfer data using 20 ports (active mode is used)

Chown_uploads=yes, Chown_username=whoever

Modify the owner of an anonymous user upload file

Xferlog_file=/var/log/vsftpd.log

Log file

Xferlog_std_format=yes

Using standard file Logs

idle_session_timeout=600

Session timed out, client connected to FTP but not operational

data_connection_timeout=120

Data transfer Timeout

Async_abor_enable=yes

Whether to allow clients to use commands such as Sync

Ascii_upload_enable=yes, Ascii_download_enable=yes

Allow upload/download of binary files

Chroot_local_user=yes

Restrict all local users in your home directory

Chroot_list_enable=yes, Chroot_list_file=/etc/vsftpd/chroot_list

Specifies that users who cannot leave the home directory will write a line of user names in the/etc/vsftpd/chroot_list file, which must be chroot_local_user=no when using this method

Ls_recurse_enable=yes

Allow commands such as ls-r to be used

Listen=yes

Turn on IPv4 monitoring

Listen_ipv6=yes

Turn on IPv6 monitoring

Pam_service_name=vsftpd

Using PAM module control, the Vsftpd file is in the/ETC/PAM.D directory

Userlist_enable=yes

When this option is activated, VSFTPD will read the list of users in the file specified by the Userlist_file parameter. When a user in the list logs on to an FTP server, the user is disabled before prompting for a password. That is, after the user name is entered, vsftpd the user name in the list, VSFTPD directly prohibit the user, no longer ask for password, such as subsequent steps to gather

Userlist_deny=yes

Decide whether to disallow or allow only users in the Userlist_file specified file to log on to the FTP server. This option does not take effect until the userlist_enable option is started. YES, the default value, prevents users in the file from logging in, and does not give these users a hint to enter a password. NO, only allow users in the file to log in to the FTP server

Tcp_wrappers=yes

Whether to allow Tcp_wrappers management

Local_root=/home/ftp

root directory for all users, invalid for anonymous user

Anon_max_rate

Maximum transfer speed for anonymous users, in units of BYTS/S

Local_max_rate

Maximum transfer speed for local users, in BYTS/S

Download_enable= YES

Whether to allow download

This article is from the "Baby God" blog, make sure to keep this source http://babyshen.blog.51cto.com/8405584/1976121

Linux FTP Service