Linux system FTP File transfer service

1.FTP Connection and Transfer mode

the FTP server uses the TCP protocol's 20,21 port to communicate with the client by default. The 20 port is used to establish a data connection and transfer file data; 21 ports are used to establish a control connection and transfer FTP control commands.

FTP data connection divided into active mode and passive mode

Active mode: The server actively initiates a data connection.

Passive mode: The service passively waits for a data connection.

after the client has established the data connection with the server, it can be divided into text mode and binary mode when transferring the file according to whether character conversion is performed.

Text mode: Also known as ASCII (American Standard Code for information Interchange, US Information Interchange Code) mode, which uses the ASCLL standard sequence when transferring files, typically used only for the transmission of plain text files.

Binary mode: Also known as binary mode, this mode does not convert the characters in the file sequence, more suitable for transferring programs, pictures and other non-plain text characters of the file.

2.FTP User Type

anonymous users (FTP or anonymous) Local Users and virtual users (increased security)

Types of 3.FTP Server software.

In Linux system, VSFTPD is a kind of FTP service software which is widely used in Linux/unix field. The name of the VSFTPD service is derived from "Very Secure FTP Daemon".

Types of 4.FTP Client Tools

the simplest FTP client tool is the FTP command program. Windows and Linux systems are self-equipped with ftp command programs, which can be connected to an FTP server for interactive uploads and download communications.

Configuration file for 5.vsftpd

The configuration file for the VSFTPD service is located in the/etc/vsftpd/directory, including the user list file (ftpusers,user_list) and the master configuration file (vsftpd.conf).

user list Files Ftpusers and user_list

ftpusers File: Users listed in this file will be prevented from logging into the VSFTPD server, regardless of whether the user appears in the User_list file. The default includes special users such as Root,bin,daemon for system operation.

User_list files: Users included in this file may be prevented from logging in, or may be allowed to log on, depending on the settings in the Master profile vsftpd.conf. The User_list list file can take effect when there is a "userlist_enable=yes" configuration entry, and if "Userlist_deny=yes" is specified, only users in this list are allowed to log on, and if "Userlist_deny=no" is specified, Only the users in the list are allowed to log on.

6. Main configuration file vsftpd.conf common configuration items and meaning description

Scope configuration Item and example meaning description

Anonymous user Anonymous_enable=yes Whether anonymous access is allowed

anon_umask=022 setting default permissions for files uploaded by anonymous users Mask Value

Anon_root=/var/ftp Setting the FTP root directory for anonymous users (default is/var/ftp/)

Anon_upload_enable=yes whether anonymous users are allowed to upload files

Anon_mkdir_write_enable=yes allow anonymous users to have write permission to create directories

Anon_other_write_enable=yes whether to allow anonymous users to have additional write permissions, such as

File renaming, overwriting and deleting files, etc.

Anon_max_rate=0 limit the maximum transfer rate for anonymous users (0 is unlimited) in bytes per second

Local user Local_enable=yes whether to allow local system users access

local_umask=022 setting default permission mask values for files uploaded by local Users

Local_root=/var/ftp Setting the FTP root directory for local users (default to the user's host directory)

Chroot_local_user=yes If the FTP local user is imprisoned in the host directory

Local_max_rate=0 limit the maximum transfer rate for Local users (0 is unlimited), in bytes per second

Global configuration Listen=yes whether to monitor the service in a stand-alone manner

listen_address=0.0.0.0 Setting the IP address of the Listening FTP service

listen_port=21 setting the port number of the Listening FTP service

Write_enable=yes enable any form of write permission (such as uploading, deleting files, etc.), you need to turn this on

Download_enable=yes whether to allow files to be downloaded

Dirmessage_enable=yes the contents of the. message file when the user switches into the directory

Xferlog_enable=yes enable Xferlog logging, default logging to/var/log/xferlog

Xferlog_std_format=yes enables the standard Xferlog log format, and if disabled, uses VSFTPD's own log format

Connect_from_port_20=yes Allow server active mode (data connection is established from Port 20)

Pasv_enable=yes Allow passive mode connection

pasv_max_port=24600 Setting the server maximum port number for passive mode

pasv_min_port=24500 setting the server's minimum port number for passive mode

PAM_SERVICE_NAME=VSFTPD Set the Pam file location for user authentication (the corresponding file name in the/etc/pam.d/directory)

Userlist_enable=yes whether the User_list user list file is enabled

Userlist_deny=yes whether to prohibit user accounts in user_list list file

Max_clients=0 Maximum number of clients allowed simultaneous connections (0 is unlimited)

Max_per_ip=0 the maximum number of concurrent connections allowed for clients from the same IP address

Tcp_wrappers=yes whether Tcp_wrappers host access control is enabled

This article is from the "Live to learn old" blog, please be sure to keep this source http://nihaozqy.blog.51cto.com/10511002/1681028

Linux system FTP File transfer service