Article Title: Linux networking entry (2): FTP server. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Among many network applications, FTP (File Transfer Protocol) plays an important role. Software resources are a very important resource on the Internet. Most of the various software resources are stored on the FTP server. FTP and WEB services occupy more than 80% of Internet applications.
The FTP service can be divided into two categories based on different service objects: one is the system FTP Server, which only allows valid users on the system to use; the other is the Anonymous FTP Server, Anonymous FTP Server, it can be used by anyone to log on to the FTP server to obtain files.
5.1 select and install FTP server software
If you select "ftpd" when selecting to start the process during LINUX installation, after installing the LINUX system, it has installed a default FTP server to the system. We can use it to implement the functions of the system FTP server. We only need to customize the settings based on our needs.
Washington University FTP is used in most LINUX releases. It is a famous FTP server software, generally referred to as wu-ftp. It is powerful and can run well on many UNIX operating systems, such as ibm aix, FreeBSD, HP-UX, NeXTstep, Dynix, SunOS, and Solaris. More than half of FTP servers on the Internet use it.
Wu-ftp has many powerful functions and is suitable for the management requirements of FTP servers with high throughput:
1) The user can automatically compress or decompress the file while downloading the file;
2) Different access restrictions can be imposed on machines on different networks;
3) records the upload and download times of files;
4) information about transmission can be displayed, so that you can understand the current transmission status in a timely manner;
5) You can set the maximum number of connections to improve efficiency and effectively control the load.
5.2 Composition of wu-ftp
After wu-ftp is installed, you will see the following five executable files in the/bin directory:
Ftpd FTP server program
Ftpshut is used to close FTP server programs
Ftpcount shows current online users
Ftpwho: view the current FTP server connection status
Ckconfig check if FTP server settings are correct
In addition to these executable files, it also generates seven configuration files under the/etc and/var directories:
/Etc/ftpusers
/Etc/ftpaccess
/Var/run/ftp. pids
/Etc/ftpconversions
/Var/log/xferlog
/Etc/ftpgroups
/Etc/ftphosts
After wu-ftp is installed, a special user ftp is created and an ftpd directory is created under the/home directory. When you log on anonymously, will be automatically located in this directory. In this directory, several subdirectories are usually created.
/Home/ftpd/bin: stores executable files for FTP users.
/Home/ftpd/etc: stores configuration files for FTP users.
/Home/ftpd/pub: stores the information for download.
/Home/ftpd/incoming: space for uploading information
5.3 wu-ftp Configuration
5.3.1 view and modify the/etc/inetd. conf file
The/etc/inetd. conf file is the configuration file of the LINUX super server inetd. It monitors multiple TCP/IP ports. When it receives the request, it derives a corresponding server based on the configuration file. By using super servers, other services can be derived only when needed, thus greatly saving system resources.
However, wu-ftp uses the superpolar server inetd to listen for requests. When the super server inetd receives the FTP request from the client, it opens an FTP service process according to the configuration file. Therefore, to use wu-ftp, you must confirm that the configuration file inetd. conf of the super server contains the following sentence:
Ftp stream tcp nowait root/usr/sbin/tcpd wu. ftpd
This allows the super server to derive a wu-FTP ftp service process when receiving an FTP request. (Note: To confirm whether there is such a line, you can use the File Content SEARCH Command to confirm:
Cat/etc/inetd. conf | if grep ftp does not exist, manually add or modify it.
5.3.2 Command Options for wu-ftpd
Wu-ftpd is the service process of wu-ftp. It can be executed without parameters or parameters. The following describes the execution parameters of wu-ftpd.
-D when an error occurs on the FTP server, the error is sent to the system syslog;
-L connect each FTP client to the syslog of the system;
-T set the FTP client to be connected for several minutes. If no operation is performed, the connection is closed;
-A enables wu-ftp to use the/etc/ftpaccess setting;
-A: Disable/etc/ftpaccess settings for wu-ftp;
-L records the programs executed after connecting the FTP client to the system syslog;
-I records the logs of files uploaded by the FTP client in the/usr/adm. xferlog file;
-O records the FTP client download file logs in the/usr/adm/xferlog file.
Through understanding the above parameters, we recommend that you change the default configuration during system installation:
Ftp stream tcp nowait root/usr/sbin/tcpd wu. ftpd? A? I
5.3.3 automatic compression and decompression
If you want the FTP server to have the automatic compression and decompression functions, you must first copy the compressed and decompressed command files, such as tar, gzip, gunzip, compress, and uncompress, to the/home/ftpd/bin directory.
5.3.4 setting of/etc/ftpaccess
This configuration file is the most important configuration file on the FTP server. It is directly related to whether your FTP server can work normally and has many permission settings. The following is a typical configuration instance.
Loginfails 3
Class local real *
Class remote anonymous guest *
Limit remote 100 Any/etc/ftpd/toostrap.
Msgmessage/etc/ftpd/welcome. msg login
Compress yes local remote
Tar yes local remote
Private yes
Passwd-check rfc822 warn
Log commands real
Log transfer anonymous guest inbound outbound
Log transfer real inbound
Shutdown/etc/ftpd/shut. msg
Delete no anonymous, guest
Overwrite no anonymous, guest
Rename no anonymous
Chmod no anonymous, guest
Umask no anonymous
Upload/home/ftpd * no
Upload/home/ftpd/bin no
Upload/home/ftpd/etc no
Upload/home/ftpd/pub yes real 0644 dirs
Upload/home/ftpd/incoming yes real guest anonymous 0644 dirs
Alias in/incoming
Email guest@xxx.net
Email guest@yyy.net
Deny * .com.tw/etc/ftpd/deny. msg
Next, we will explain each setting one by one and give the meaning of each setting so that you can bypass the settings and make reasonable settings based on the specific circumstances of your FTP server.
1. Format: loginfails [times]
Function: sets the number of times a user can enter the wrong password when logging on to the FTP server.
Instance: loginfails 3: If the password is entered incorrectly three times, the connection is disconnected.
2. Format: class [class name] [real/guest/anonymous] [IP address]
Function: sets the user category on the FTP server. You can also restrict the IP addresses of the client to allow access from some or all IP addresses. Users on the FTP server can basically be divided into the following three types:
Real users with valid accounts on the FTP server;
Anonymous Users with records in guest;
Anonymous users with the lowest anonymous permissions
Instance: class local real *: defines a class named local, which contains real users logging on anywhere (* representing all IP addresses.
Class remote anonymous guest *: defines a class named remote, which contains anonymous users and guest users logging on anywhere.
3. Format: limit [category] [number of people] [time] [file name]
Function: This command sets the maximum number of users allowed to connect to a specified category within the specified time. When the maximum number of users is reached, the content of the specified file is displayed.
Instance: limit remote 100 Any/etc/ftpd/toostrap. msg: at any time, when the number of remote users reaches 100, no new connections are allowed. When the number of 101st users wants to connect, the connection will fail, the user can present the file/etc/ftpd/too.pdf. msg content.
4. Format: message [file name] [command]
Function: when a user executes a specified command, the system displays the specified file content.
Instance: message/etc/ftpd/welcome. msg login: When you execute the login command, that is, when you log on to the FTP server, the system displays the file/etc/ftpd/welcome. msg content.
5. Format: compress [yes/no] [category]
Function: sets which category users can use the compress function.
Instance: compress yes local remote: allows both local and remote users to use the compress function.
6. Format: tar [yes/no] [category]
Function: sets the type of user to use the tar (archive) function.
Instance: tar yes local remote: allows both local and remote users to use the tar function.
7. Format: private [yes/no]
Function: sets whether a group can access files.
Instance: private yes: supports group access to files.
8. Format: passwd-check [none/trivial/rfc822] [enforce/warn]
Function: sets the password usage method for anonymous users.
None indicates that password verification is not performed, and any password can be logged on;
Trival indicates that you can log on as long as the entered password contains the "@" character;
Rfc822 indicates that the password must comply with the E-Mail format specified in RFC822 before logon;
Enfore indicates that the entered password will not be logged in if it does not conform to the format specified above.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.