For more information about FTP servers, see the previous blog: http://yttitan.blog.51cto.com/70821/1178663.
It should be emphasized that the file server we previously implemented with Samba can only be used within the lan. If users on the internet need to download or upload files, most of them have to use the FTP server.
The FTP function in RHEL6 is provided by a software named vsftpd. In the Name, vs is short for very secure. Therefore, vsftpd features outstanding security and stability. Official site: http://vsftpd.beasts.org /.
Vsftpd is not installed by default. First, run the yum command to install the service:
# Yum install vsftpd
The service process name of vsftpd is also vsftpd. It starts the service and is set to Automatic startup upon startup:
# Service vsftpd start
# Chkconfig vsftpd on
The default home directory of vsftpd is "/var/ftp/", and the main configuration file is/etc/vsftpd. conf. The configuration file contains more than one hundred lines, which is not complicated.
This file has the following settings by default:
650) this. width = 650; "title =" 001.jpg" src = "http://www.bkjia.com/uploads/allimg/131227/1P604I06-0.jpg"/>
"Anonymous_enable = YES" indicates that anonymous users are allowed to access the service. In vsftpd, there are two anonymous users: anonymous and ftp. On the client, you can use either of the two anonymous users to access the server.
"Local_enable = YES" indicates that access by system users is allowed. However, by default, system users can only access their own home directories instead of the vsftpd home directory/var/ftp /.
"Write enable = YES" indicates that write is allowed. This setting is only a switch. To grant write permissions to anonymous users or system users, you must set other settings.
We keep the default settings and create a test file in the pub directory of the FTP default home directory/var/ftp:
# Touch/var/ftp/pub/test.txt
Then, on a Windows client, we first use anonymous users to access the test,
650) this. width = 650; "title =" 001.jpg" src = "http://www.bkjia.com/uploads/allimg/131227/1P604D44-1.jpg"/>
Anonymous Users can successfully access the FTP server, provided that the firewall on the FTP server is disabled.
However, anonymous users cannot upload files at this time, and the reason is also very simple, because anonymous users do not have the write permission for the/var/ftp/pub directory:
650) this. width = 650; "title =" 001.jpg" src = "http://www.bkjia.com/uploads/allimg/131227/1P604A01-2.jpg"/>
Change the owner of the "/var/ftp/pub" directory to ftp to grant the write permission to anonymous users.
# Chown ftp/var/ftp/pub
At this time, the client accesses the file again and cannot write data. This is because we still need to set the configuration file.
Add the following lines to the configuration file/etc/vsftpd. conf:
650) this. width = 650; "title =" 001.jpg" src = "http://www.bkjia.com/uploads/allimg/131227/1P604L37-3.jpg"/>
"Anon_upload_enable = YES" indicates that anonymous users are allowed to upload files.
"Anon_mkdir_write_enable = YES" indicates that anonymous users are allowed to create directories.
"Anon_umask = 022" indicates setting umask values for anonymous users. The umask value is an anti-code. When an anonymous user creates a directory or file in the FTP home directory, the default permissions of the directory or file are determined by the umask value. For directories, we can have a maximum of 777 permissions, and for files, we can have a maximum of 666 permissions. Because the x execution permission is required for the directory, the directory cannot be accessed without the execution permission. For files, the x execution permission is not required by default. Therefore, for directories created by anonymous users, the default permission is to subtract umask value from 777, that is, 755. For files created, the default permission is to subtract umask value from 666, that is, 644.
"Anon_max_rate = 500000" indicates that the transmission rate of anonymous users is limited in bytes.
After modification, reload the service:
# Service vsftpd reload
In this way, the anonymous user can upload the file again on the client.
This article is from the "one pot of turbidity wine" blog. For more information, please contact the author!