Linux (Red Hat) FTP Solution

After RHEL is installed, although you can log on remotely or FTP files through SSH, it is not convenient and flexible enough. This article describes how to activate the FTP service and the possible problems.

1. Install the FTP service

Environment: Red Hat 4.1

Installation:

1. Log On As the root user and mount the installation disc: # Mount/dev/CDROM/mnt/CDROM,

2. Enter/mnt/CDROM/server and find the xinetd and vsftpd services for installation: Enter the first few letters and press

The tab key can be associated with the subsequent commands. If there are duplicates, you can press the tab key twice to list all duplicates.

# Rpm-IVH vsftpd-*. rpm

# Rpm-IVH xinetd *. rpm

3. Log On As the root user, edit and modify the gssftp file, and enable the FTP service:

# Vi/etc/xinetd. d/gssftp

# Default: Off
# Description: The specified FTP Server accepts FTP connections \
# That can be authenticated with Kerberos 5.
Service ftp
{
Flags = Reuse
Socket_type = stream
Wait = No
User = root
Server =/usr/Kerberos/sbin/ftpd
Server_args =-l (the original-1-A is changed to-1)
Log_on_failure + = userid
Disable = No (the original yes is changed to no)
}

After modification, save and exit.

4. Execute the command: # sestatus
-B | grep FTP

[Root @ localhost xinetd. d] # sestatus-B | grep FTP

Allow_ftpd_anon_write off

Allow_ftpd_full_access off

Allow_ftpd_use_cifs off

Allow_ftpd_use_nfs off

Ftp_home_dir on (changed from off to on; otherwise, transmission fails)

Ftpd_disable_trans on (same as above)

Ftpd_is_daemon onhttpd_enable_ftp_server off

Tftpd_disable_trans off

Modify the command: # setsebool
-P ftpd_disable_trans on or setsebool-P ftp_home_dir on

5. Restart the vsftpd service and xinetd service. Note that the two services are started sequentially! Start the vsftpd service and then start the xinetd service. The vsftpd service is down before the xinetd service is down. Otherwise, the service may not be stopped.

[Root @ localhost ~] # Service vsftpd restart
Disable vsftpd: [OK]

Start vsftpd For vsftpd: [OK]
[Root @ localhost ~] # Service xinetd restart
Disable xinetd: [OK]
Start xinetd for xinetd: [OK]

6. Remote Test on Windows platform (you can also connect to the test on another Linux platform ):

Start-run-cmd, enter the DOS window, and enter: ftp
XXX. XXX (XXX. XXX is the IP address of the Linux host)

C: \ Documents ents and Settings \ Administrator> ftp xxx. XXX
Connected to XXX.
220 (vsftpd 2.0.5)
User (XXX. XXX :( none )):

The user name and password are accepted and configured successfully.

Ii. problem summary:

1. 500 Oops: cannot change Directory:/root

Solution: 1) invalid user permission error. Delete root and user_list in/etc/vsftpd/ftpuser
So that the root user can directly

FTP.

2) check by referring to the fourth configuration.

3) All-purpose power generation: it is best to turn off the Linux Firewall: chkconfig iptables off

2. FTP: CONNECT: No route to the host

Solution: the iptables firewall does not set the open port 21 rule, which is the same as other ports such as port 23. For more information, see iptables firewall settings.

3,User Root cannot directly Telnet
Linux Server

Solution:

A: VI/etc/PAM. d/login
# % PAM-1.0
# Auth [user_unknown = ignore success = OK ignore = ignore default = bad] pam_securetty.so \ annotate this row
Auth include system-auth
Account required pam_nologin.so
Account include system-auth
Password include system-auth
# Pam_selinux.so close shocould be the first session rule
Session required pam_selinux.so close
Session include system-auth
Session required pam_loginuid.so
Session Optional pam_lele.so
# Pam_selinux.so open shoshould only be followed by sessions to be executed in the user Context
Session required pam_selinux.so open
Session Optional pam_keyinit.so force revoke

B: VI/etc/PAM. d/remote
# % PAM-1.0
# Auth required pam_securetty.so \ annotate this line
Auth include system-auth
Account required pam_nologin.so
Account include system-auth
Password include system-auth
# Pam_selinux.so close shocould be the first session rule
Session required pam_selinux.so close
Session include system-auth
Session required pam_loginuid.so
Session Optional pam_lele.so
# Pam_selinux.so open shoshould only be followed by sessions to be executed in the user Context
Session required pam_selinux.so open
Session Optional pam_keyinit.so force revoke
Save and exit.