Linux Study Notes: rehl as4 internet configuration, HTTP service installation and configuration, FTP service installation and configuration

Source: Internet
Author: User
Tags ftp login

Access the Internet in Linux.

In fact, accessing the Internet in Linux is as simple as accessing the Internet in windows. commonly used methods include ethernetconnection, XDSL connection, and wireless connection.
In rehl as4, you can easily configure it through the graphic interface.Program-> System Tools-> in network device control, you can call up the settings panel. Click "Add new device" to select a method based on your network conditions. For example:

Because I am a residential broadband access method, I chose an Ethernet connection. for example, if the student dormitory in the school education network uses a fixed Intranet IP address, this should also be selected. If the IP address is automatically obtained, it is also the same, but it is automatically obtained in the later IP settings.
For domestic ADSL dial-up Internet access, XDSL connection is used, and wireless network adapter is used for Internet access.
Because I use rehl to access the Internet in vmw, I also need to install some special services for virtual machines. my vmw network chooses the bridge mode. Therefore, you also need to install the VMware network service interface and the VMware bridge network service, and enable the DHCP service. these should be installed when installing vmw, but because I am using a green version, you need to install and start it manually, a little trouble.
After these settings are configured, select the "automatically obtain IP address and DNS" or "static input" option on the "Ethernet device properties" tab.
To ensure that your host can access the Internet normally, now Linux on your virtual machine can also access the internet. test:
Enter the ifconfig command in terminal to check the current network condition. Ping the gateway to test whether the connection is normal with the vro. Finally, ping the Internet address. If the connection is successful, it will be done.

HTTP service and Apache

As a Server OS, providing HTTP Services is a rare requirement. In Windows2000/2003, we often use IIS as a web server to provide HTTP Services. there is no IIS in Linux. The most widely used Web server here is Apache. Although I will eventually use lighthttpd as my web server, I should first understand Apache before that.
RHEL's default installation includes Apache. If you are not sure about it, you can use rpm-Q httpd to query it. If you have already installed RHEL, the version number will be returned, for example, in RHEL as4, the httpd-2.0.52-25.ent is returned after you enter it. if no installation is available, you can choose Applications> system Settings> Add/Remove applications, check the Web server (World Wide Web service), and click Update. if you are prompted to insert the installation disk, simply add the disk to the optical drive as prompted. you can also download the latest version from the Apache website, decompress the package, and use rpm-IVH for installation.
After Apache is installed, you need to start the HTTP service. rehl provides a very simple and intuitive graphical operation interface. You can select httpd in Applications> system Settings> service, then start it. or directly enter the Command Service httpd start.
After the service is started, you can access it. Open the browser and enter http: // localhost/in it to view the default Redhat page, as shown below:

At this time, if it is in a LAN, you can use other machines to enter IP addresses to directly access the page.
Next, there is a configuration problem. RHEL provides an HTTP service configuration tool, which can be called up in Applications> system Settings> Server Settings> HTTP, which is very simple to use. if you have experience configuring IIS, it is not difficult to configure it, but there is no virtual directory configuration function in it (No way I did not find it ?), Here I will introduce how to configure a virtual directory.
In Linux, the software relies heavily on configuration files, not only static information, but also dynamic generation of configuration files for functions and modules (the service is often restarted after storage ). this is very good for software expansion. If you want to add third-party components, it can be easily implemented, and its own configuration can be quite flexible. these years in. in the. NET project, a large number of configuration files are also used. Compared with earlier development methods, this method has many advantages, such as low coupling, easy maintenance, and flexibility, such as CS, Castle, dnn is typical.
Go back to Apache configuration. As mentioned above, the virtual directory must be created by modifying the configuration file.
First, find the configuration file and edit it.
VI/etc/httpd/CONF/httpd. conf
Adding a virtual directory to Apache is implemented through "alias (alias)", as follows:
For example, if I want to add a virtual directory user under the root directory to point to a file price of my own/userdata/Wiseman, I should write
Alias/user/"/userdata/Wiseman /"
Write the preceding sentence to the configuration file. note that the "/" Number of the path here and the "/" Number of the two paths should be consistent, that is, if the preceding path is included, it will also be followed, and if it is not included, it will not be included. if the "/" number is configured during access, the entered address must be written; otherwise, Error 404 will be returned. If the "/" number is not entered, the entered address is displayed correctly regardless of whether it contains the "/" number. that is:
If you have configured http: // localhost/user/, you can only access it through http: // localhost/user/. If you have entered http: // localhost/user, error 404 will be returned. if http: // localhost/user is configured, both http: // localhost/user and http: // localhost/user/are displayed correctly.
The alias is added. If you want to allow access, you also need to add the directory permission.
Enter the following content at the bottom of the conf file:
<Directory "/userdata/Wiseman">
Options indexes includes followsymlinks

AllowOverride none

Allow from all

Order allow, deny

</Directory>
AllowOverride none ensures that all users can access the pages under this directory.
Allow from all ensures that the contents in this directory can be displayed from all sources. This part can be used for anti-leech protection, and you can enter your own website address after from.
Order allow, deny indicates that access to any website is not allowed by default, and access to websites not in the allow scope or in the deny scope will be disabled.
All allow websites and deny websites do not exist. Therefore, the conclusion that all websites can be accessed is obtained.
For the allow, deny, and order commands, see this introduction: http://man.chinaunix.net/newsoft/ApacheManual/mod/mod_access.html
The meanings of other parameters are as follows:
Option: defines the operations that can be performed in the directory.
None: indicates that only browsing is allowed,
Followsymlinks: Allows page connections to other places,
Execcgi: Allows CGI execution,
Multiviews: allows operations such as watching animations or listening to music,
Indexes: allows the server to return a formatted list of directories,
Allowed des: SSI is allowed. You can check these settings.
ALL: You can do anything, but not Multiviews.
AllowOverride: adding the none parameter indicates that anyone can browse the files in this directory.
Other parameters include fileinfo, authconfig, and limit.
After the modification is complete, exit VI with: WQ, and then service httpd restart
You can use http: // localhost/user/to check whether it is accessible.

FTP service and vsftp

Finally, FTP is configured. in win2003, my most commonly used FTP server software is serveru, which has powerful functions. However, there are some security vulnerabilities that can be solved by configuring permissions, which are not described here.
Unfortunately, there is no serveru in Linux, but there are also other FTP software. The most respected here is vsftp (very safe FTP, it is a very secure FTP. the FTP configuration process is complex, and there are no configuration tools. You must manually enter commands. The following describes the simple process.
First, check the installation of vsftp. in RHEL as4, vsftp is not installed by default during installation. If vsftp is not checked during installation, you need to install it first. run the rpm-Qa | grep vsftpd command to check whether the Sub-host is installed. If any sub-host is installed, the version number is returned. The vsftp version included in the as4 CD is 2.0.x.
Like installing Apache, you can use the Add/delete tool in the rehl graphic interface to add the FTP service, insert the disc as prompted, and finally install vsftp. alternatively, find the RPM package on the CD and install it through rpm ivh. after the installation is complete, enter rpm-Qa | grep vsftpd to confirm that the installation is successful (for example ).

Next, service vsftpd start
Start the FTP service, and then FTP localhost (or IP address). Now you can connect to FTP, prompting you to enter the user name and password. at this time, if you enter the root and password, the system will prompt Login Failed. If you have another system user, enter the user name and the corresponding password to log on successfully.
By default, vsftp is configured to share the user library with Linux, that is, operating system users can log on to FTP. The default list is their user directory (/home/user name ), in/etc/vsftpd. conf can be used to modify the permissions of anonymous users.
However, what I want is not this FTP service. I want to establish a user like serveru. This user has nothing to do with the OS login user, the folder location that can be managed can also be customized. this type of user is called a virtual user. in Linux, there are two methods to implement the above functions. first, create a user, remove the shell logon permission, and set the file path. the other is to create a user library that contains several users, map them to a system user, and set the file path.
I am using the second method.
First, create a virtual user vuser. This user does not need to log on via ftp. As a virtual user, each virtual user can be considered as a user group.
Useradd-D/FTP address vuser // create a user group and specify the list folder of users in the group
Chmod 700/FTP address // set the folder to be operated only by this group of users.

next is the specific process.
1. Create the command file ftpuserinfo.txt.
Create the file by using the odd username and even password. for example, the file content is as follows:
Wiseman
12345
wiseman2
54321
indicates that there are two users, and the Wiseman password is 12345, the password of wiseman2 is 54321, which is used for FTP login.
you can run cat or VI to create a file.
the following error message is displayed during the subsequent build process.
db_load: unexpected end of input data or key/Data pair
db_load By default, a carriage return will also be added when you save the question in the graphic interface text editor. Therefore, this error will not occur if it is generated directly under the graphic interface text editor.
2) generate an encrypted user library
db_load-T-t hash-f ~ /Ftpuserinfo.txt/etc/vsftpd_login.db
chmod 600/etc/vsftpd_login.db // modify the permission to encrypt the user library file
This part is prone to problems. First, it is the hash parameter, this specifies that hash encryption (that is, MD5) is used. If other parameters are used or the parameter is not set, an error occurs during logon.
then the db_load command. It seems that many versions of Linux do not have this command, at least RHEL as4 is not installed by default, and many friends on the Internet also say that it is not installed. if the prompt "no command" appears when this command is specified, it means it is not installed.
first use rpm-Qa | grep db4 to check what your system has installed. in RHEL as4, A db4-4.XXX is installed by default, in fact, the command also needs db4-devel-xxx, db4-utils-xxx two files. in the RHEL 4 installation disk, all these files are available. You can find them in the RPM package if you have any problems.
after the installation is complete, you can run the db_load command.

3) added Pam verification for vsftp.
Create a file first
VI/etc/PAM. d/ftp. vu
Then add two commands to process FTP logon.
Auth required/lib/security/pam_userdb.so DB =/etc/vsftpd_login
Account required/lib/security/pam_userdb.so DB =/etc/vsftpd_login

4) modify the configuration file of vsftp
VI/etc/vsftpd. conf
Modify the following content
Listen = Yes
Anonymous_enable = No
Local_enable = Yes
Write_enable = No
Anon_upload_enable = No
Anon_mkdir_write_enable = No
Anon_other_write_enable = No
Chroot_local_user = Yes
Guest_enable = Yes

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.