Linux Installation FTP Service-----VSFTPD

Check if the VSFTPD service is already installed

Rpm-qa | grep vsftpd

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/82/7C/wKiom1dWk_KDXuzrAABHnkNhmRM901.jpg "title=" 2016-06-07_17-28-31.jpg "alt=" Wkiom1dwk_kdxuzraabhnknhmrm901.jpg "/>

Does not appear vsftpd-xxx word indicates no installation

1. Download the VSFTPD.RPM format installation package

redhat5:http://down.51cto.com/data/2221831

Other version: Http://rpmfind.net/linux/rpm2html/search.php?query=vsftpd&submit=Search+ ...

Or it can be found in Linux system installation files.

2. Upload the VSFTPD installation package to the Linux directory

3. Installing the VSFTPD Service

RPM-IVH Package Name

4. Start the VSFTPD service

Service VSFTPD Start

5. Allow the root user to access the FTP directory remotely

Open the/etv/vsftpd/vsftpd.user_list file to comment or remove the root

Open the/etv/vsftpd/vsftpd.ftpusers file to comment or remove the root

6. Allow users to access FTP different directories

Setsebool-p Ftp_home_dir 1

Service VSFTPD Restart

5. Change the vsftpd to boot from the boot

Chkconfig vsftpd on

The connection may not be successful for the following reasons:

1.windows is not connected to Linux

2.Linux Firewall

SELinux security Policy for 3.Linux systems

Workaround: Check network-related settings, turn off the firewall, turn off SELinux and try again

User Access control:

(1) Set the user account to disable login

     set the/etc/vsftpd/vsftpd.conf file userlist_enable=yes   userlist_deny=no

set Vsftpd.user_list and vsftpd.ftpusers the user is forbidden to log in the file

(2) set the user account that is allowed to log in

Set the parameters in the/etc/vsftpd/vsftpd.conf file userlist_enable=yes userlist_deny=no

Set the Allow login user in vsftpd.user_list and vsftpd.ftpusers files

VSFTPD configuration file parameter explanation:

Anonymous_enable=yes(whether to allow anonymous logons to the FTP server, the default setting is YES allow, that is, users can use the user name FTP or anonymous FTP login, password for the user's e-mail address.) If anonymous access is not allowed remove the previous # and set to No)

Local_enable=yes(whether to allow local users (that is, user accounts in the Linux system) to log on to the FTP server, the default setting is YES, Local users log on to the user home directory, and anonymous users log in to the anonymous user's download directory/var/ ftp/pub; If only anonymous user access is allowed, add # to the front to prevent local users from accessing the FTP server. ）

Write_enable=yes (whether local users are allowed to have write access to the FTP server file, the default setting is YES allowed)

# local_umask=022(or other value, set local user's file mask to default 022, can also be set to other values according to personal preference, default value is 077)

#anon_upload_enable =yes(whether to allow anonymous users to upload files, the Write_enable=yesmust be set to allow by default)

#anon_mkdir_write_enable =yes (whether to allow anonymous users to create new folders, the default setting is YES allowed)

#dirmessage_enable =yes(whether to activate the directory welcome feature, the FTP server displays a welcome message when the user first accesses a directory on the server in CMD mode, by default, Welcome information is obtained from the. message file in this directory, which saves custom welcome information, which is established by the user himself)

xferlog_enable=yes(the default is no if this option is enabled, log files are maintained for record server uploads and downloads, and by default the log file is/var/log/vsftpd.log, You can also set it by using the Xferlog_file option below. ）

Connect_from_port_20=yes(Setting the FTP server to enable connection requests for FTP data ports, ftp-data data transfer, 21 for connection control ports)

#chown_uploads =yes(set whether to allow changes to the owner of the uploaded file, in conjunction with one of the following settings)

#chown_username =whoeveR (Set the owner of the upload file you want to change, if necessary, enter a system user name, for example, you can change the uploaded file to the root owner. Whoever: anyone)

#xferlog_file =/var/log/vsftpd.log (Set the system maintenance record FTP server upload and download the log file,/var/log/vsftpd.log is the default, you can also set another)

#xferlog_std_format =yes(if this option is enabled, the transfer log file will be written in a standard xferlog format, the log file of that format defaults to/var/log/xferlog, or through Xferlog_ File option to set it, default value is NO)

#dual_log_enable (If you add and enable this option, two similar log files will be generated, by default in the/var/log/xferlog and/var/log/vsftpd.log directories.) The former is a wu_ftpd type of transport log, which can be analyzed using standard logging tools, which are vsftpd types of logs)

#syslog_enable (If you add and enable this option, the log that should be output to/var/log/vsftpd.log will be output to the system log)

#idle_session_timeout =600(set the data transfer interrupt interval, this statement indicates that the idle user session is interrupted for 600 seconds, that is, when the data transfer ends, the user should not connect to the FTP server for more than 600 seconds. The value can be modified according to the actual situation)

#data_connection_timeout =120(sets the data connection time-out period, which indicates that the data connection time-out is 120 seconds and can be modified according to the actual situation)

#nopriv_user =ftpsecure (non-privileged system user running VSFTPD required, default is nobody)

#async_abor_enable =yes(This setting only needs to be enabled if the FTP client releases the "async Abor" command, which is generally not secure, so it is usually canceled)

#ascii_upload_enable =yes(most FTP servers choose to transfer data in ASCII mode, the # can be removed to enable the uploading and downloading of files in ASCII mode)

#ascii_download_enable =yes(the # will be removed to enable ASCII loading of the pieces)

#ftpd_banner =welcome to blah FTP service. (# Remove the welcome message that is displayed when you sign in to the FTP server, and you can modify the welcome message content after =. In addition, if you create a file named. Message in the directory where you need to set the change directory welcome information, and write the welcome message after saving, a custom welcome message will appear when you enter this directory.

#deny_email_enable =yes(some special email address can be resisted.) If you log in to the server with anonymous, you will be asked to enter a password, that is, your email address, if you hate some email address, you can use this setting to cancel his login privileges, but must match with the following settings.

#banned_email_file =/etc/vsftpd/banned_emails(when the deny_email_enable=yes above, you can use this setting to specify the email Address can not login VSFTPD server, this file needs to be created by the user, one line an email address can! ）

#chroot_list_enable =yes(set to No, users are locked in their home directory when they log on to the FTP server and have permission to access files other than their own directory, set to YES VSFTPD will find the Chroot_list file at the location below the Chroot_list_file option value, which needs to be set up by the user, and then the user who needs to lock in their home directory, one user per line.

#chroot_list_file =/etc/vsftpd/chroot_list(this file needs to be created by itself, the user who is included in this file will not be able to switch to a directory other than his or her directory after logging in. By the FTP server automatically chrooted to the user's own home directory, so that the user in the Chroot_list file can not be arbitrarily transferred to the other user's FTP home directory, thereby facilitating the security management and privacy protection of the FTP server.

#ls_recurse_enable =yes ( whether recursive queries are allowed, the FTP server at a large site enables this to make it easier for remote users to query )

Listen=yes(if set to YES, the VSFTPD will run in standalone mode, and the connection request is being monitored and processed by vsftpd)

#listen_ipv6 =yes (Set whether IPV6 is supported)

#pam_service_name =vsftpd(set the profile name used by the authentication service provided by the PAM plug-in module.

That is, the/etc/pam.d/vsftpd file, the File=/etc/vsftpd/ftpusers field in this file, indicating that the PAM module can withstand the account content from the file/etc/vsftpd/ftpusers)

#userlist_enable =yes/no(this option defaults to NO, the user in the Ftpusers file is prevented from logging on to the FTP server, and if this is set to YES, users in the User_list file are allowed to log on to the FTP server. If Userlist_deny=yes is set at the same time, the user in the User_list file will not be allowed to log on to the FTP server, even if the input password hint information is not, directly rejected by the FTP server)

#userlist_deny =yes/no(This default is YES, set whether to drag the user in the User_list file to log on to the FTP server)

Tcp_wrappers=yes (indicating that the server uses Tcp_wrappers as the host access control mode, Tcp_wrappers can implement the host address-based access control of the network service in the Linux system, The Hosts.allow and Hosts.deny two files in the ETC directory are used to set the access control for Tcp_wrappers, which sets the Allow access record, which sets the access record. For example, to restrict the anonymous access of some hosts to the FTP server 192.168.57.2, edit the /etc/hosts.allow file, such as adding two lines of command below:Vsftpd:192.168.57.1:deny and Vsftpd:192.168.57.9:deny indicates that the limit IP is 192.168.57.1/192.168.57.9 Host access to the IP 192.168.57.2 FTP server, the FTP server can ping, but cannot connect)

This article is from the "Azure Blue" blog, please be sure to keep this source http://chenchaop.blog.51cto.com/7152559/1787076

Linux Installation FTP Service-----VSFTPD