Linux top-notch FTP

Linux top-notch FTP-Linux Enterprise Application-Linux server application information. The following is a detailed description. First install the vsftpd-2.0.1-5.i386.rpm In the first CD of Linux Enterprise Edition
# Rpm? Ivh/media/cdrom/RedHat/RPMS/vsftpd-3.0.1-5.i386.rpm
Start vsftpd
# Service vsftpd start
Refresh Firewall
# Iptables-F
Such a simple linux FTP has been set up!
Next we will slowly optimize our FTP Server:

Tutorial 1: If I do not allow anonymous FTP login, we can modify the main configuration file of vsftpd to implement
# Change anonymous_enable = YES to anonymous_enable = NO in vi/etc/vsftpd. conf
Restart vsftpd!

Experiment 2: In windows, the FTP server can set the welcome word and the maximum number of connections. What should we set in the Linux FTP server? I want to answer: Likewise, we can also implement the vsftpd master configuration file.
# Vi/etc/vsftpd. conf
Add ftpd_banner = welcome to here at the end! This is the welcome word.
Max_clients = 100, which means that a maximum of 100 users can access
Restart vsftpd!

Experiment 3: If I want to pay off my lilei colleague, I don't want him to log on to our FTP site, then I can add lilei to vi/etc/vsftpd. ftpusers restart the vsftpd service.

Experiment 4: In the morning, the General Manager said that a small part of the company should be promoted. When I heard the news, I quickly acted. I only allowed the General Manager to log on to the FTP server by himself, and others could not take a nap, restrict others. I can do this:
# Vi/etc/vsftpd. conf to add the last two,
Userlist_deny = NO/the persons in this list will not be rejected, and others will be rejected (including anonymous)
Userlist_file =/etc/mp/specifies the path of the List
Then: # vi/etc/mp Add the manager name
Restart the vsftpd service!
However, in the afternoon, the manager announced the name of the person who promoted the promotion, angry that since I was absent. To show off my anger, I decided that the manager could not log on to the FTP server, and anyone else could. I can do this:
# Vi/etc/vsftpd. conf set userlist_deny = NO added in the morning
Change to userlist_deny = YES/the person in this list is rejected. Others pass.
Restart the vsftpd service!

Experiment 5: We can give a registered user a high download speed (200 k). If an anonymous user gives them 20 k, we can do this:
# Add vi/etc/vsftpd. conf at the end
Local_max_rate = 200000
Anon_max_rate = 20000
Restart the vsftpd service!

Experiment 6: My colleague zhangsan gave me a cigarette and my colleague lisi gave me a pack of cigarettes yesterday. Today, my colleague wangwu) I gave me a smoke. I want to set different FTP download speeds based on the smoke they gave me. I can do this:
# Vi/etc/vsftpd. conf
User_config_dir =/etc/vsftpd/define the user's configuration file
# Add the following to vi/etc/vsftpd/zhangsan:
Local_max_rate = 3000/is equivalent to a cigarette
# Vi/etc/vsftpd/lisi Add the following
Local_max_rate = 30000/is equivalent to a package of cigarettes
# Add the following to vi/etc/vsftpd/wangwu:
Local_max_rate = 300000/equivalent to a smoke
Restart the vsftpd service!

Experiment 7: how to create a simple virtual user? I only want them to log on to FTP, but not to my linux system. This ensures the security of the FTP server. You can do this:
Adduser? G ftp? S/sbin/nolgin user01/directly add the user01 user to the ftp group,
Passwd user01/set password for user01

Experiment 8: although it is simple, it is still insecure. Is there any other way to create a safer virtual user? Yes! We can do this:
1. Create a password library file for a virtual user
# Vi logins.txt Add the following
Zhangsan/User Name
123/Password
Lisi
234
Wangwu
345
2. Production of vsftpd certification Database
# Db_load? T? T hash? F logins.txt/etc/vsftpd/vsftpd_logins.db
Change Database Permissions
# Chmod 600/etc/vsftpd/vsftpd_logins.db
3. Create the PAM Configuration File required by the virtual user
# Add the following to vi/etc/pam. d/vsftpd. vu:
Auth required/lib/security/pam_userdb.so db =/etc/vsftpd/vsftpd_logins
Account required/lib/security/pam_userdb.so db =/etc/vsftpd/vsftpd_logins
4. Create a virtual user and the directory to be accessed, and set the corresponding permissions.
# Useradd-d/home/ftpsite virtual/create the system account required by the vsftpd virtual user
# Chmod 700/home/ftpsite/set the permission of the home directory to 700
5. Set the vsftpd. conf configuration file.
# Add vi/etc/vsftpd. conf as follows:
Guest_enable = YES
Guest_username = virtual
Pan_service_name = vsftpd. vu
Anon_world_readable_only = NO
Restart the vsftpd service!

Tutorial 9: managing virtual users:
Wangwu has the permission to browse directories, upload, rename, delete, and so on.
Lisi has permission to browse directories, upload and download
Zhangsan has the permission to browse directories and download (and can only be in the/misc/abc directory at a speed of 20 k)
We can do this:
First, edit the main configuration file of vsftpd,
# Add vi/etc/vsftpd. conf as follows:
User_config_dir =/etc/vsftpd/specifies the storage location of the virtual user configuration file
Then meet wangwu's needs:
Add Vi/etc/vsftpd/wangwu as follows:
Anon_world_readable_only = NO // open read permission (If this option is not added, the directory you see is hidden)
Anon_upload_enable = YES
Anon_mkdir_write_enable = YES
Anon_other_write_enable = YES

Meet lisi requirements:
Add Vi/etc/vsftpd/lisi as follows:
Anon_world_readable_only = NO // open read permission (If this option is not added, the directory you see is hidden)
Anon_upload_enable = YES

Meet the needs of zhangsan:
Add Vi/etc/vsftpd/zhangsan as follows:
Anon_world_readable_only = NO // open read permission (If this option is not added, the directory you see is hidden)
Local_root =/misc/abc // set the directory to local
Anon_max_rate = 20000
Restart the vsftpd service!

Tutorial 10: how to set the upload and deletion permissions for anonymous users
We can do this:
# Add vi/etc/vsftpd. conf as follows:
Anon_upload_enable = YES
Anon_mkdir_write_enable = YES
Anon_other_write_enable = YES
# Chmod-R 777/var/ftp/pub/change pub Directory Permissions

Restart the vsftpd service.