Set up FTP in Ubuntu)

1) install vsftpd
It is not difficult to install software in Ubuntu. Enter:

Sudo apt-Get install vsftpd
You may be prompted to use the CD and press Enter.

After installation, an FTP directory is created under/home. At this time, you can try to access the ftp: // ip address. You can see an FTP space with blank content.

By default, anonymous users can download files, but cannot write or upload files.

2) set the vsftpd. conf file
Now, we need to make anonymous users inaccessible and enter the user password on Linux before they can access the contents in their own directories.

First, find the file for setting vsftpd, which is located in/etc/vsftpd. conf.

Back up this file before modification:

Sudo CP/etc/vsftpd. CONF/etc/vsftpd. conf. Old

Then you can change the settings:

# Do not allow anonymous users to use it # anonymous_enable = yes # local users can use local_enable = Yes
# Write_enable = yes for write operations # file information in a directory does not need to be displayed # dirmessage_enable = Yes
# Add the banner prompt ftpd_banner = Hello ~~ # Max_clients = 100
# Restrict the process of each IP address max_per_ip = 5 # maximum transmission rate (B/S) local_max_rate = 256000
# Hiding account hide_ids = Yes
Okay. Restart the FTP server to check the effect.

Is it the same after restart as before? Haha, This is the default FTP directory. Let's delete it and check again. How is it? Enter the user name and password.

New Problems
1. After Entering the username and password, the user's root directory is displayed, and our web content is in the public_html directory.

2. You can jump to any other directory (very dangerous ..)

To solve these problems, we have to set vsftpd. conf.

# Start the chroot list (Change root) chroot_list_enable = yes # specify the list location (which is the default address) chroot_list_file =/etc/vsftpd. chroot_list

Next, we need to write it in vsftpd. chroot_list. We want to restrict users so that they will not "drift "..

Currently, linyupark is a user, so you only need to write sudo nano to it.

In this way, we have solved 2nd problems. login users can only activity in their user folders. Below we want to be more aggressive, so that they can only activity in public_html.

Still find vsftpd. conf

# This is not in the default setting. Add user_config_dir =/etc/to define a folder address for setting individual users.

Create a folder Based on the address you set, and then create a file with the same username as the folder. Nano:

# The root address of the local user. Assume that the user is linyuparklocal_root =/home/linyupark/public_html.

Okay. Restart the server. Let's see the effect.

6.5. Virtual User Configuration

6.5.1 introduction to vsftpd virtual users

Vsftpd virtual users are dedicated users of the FTP service. Virtual users can only access FTP Server resources.
Vsftpd virtual users use a separate user name/Password Storage Method, and are separated from the system account (passwd/shadow), which greatly increases

Enhanced system security. Because the user name/password of a virtual user is separate

Therefore, during verification, vsftpd needs to use the identity of a system user to read database files or database servers for verification,

This is the guest user, just as anonymous users also need a system user FTP. Of course, Guest users can also be considered

Used to map virtual users. In the following example, assume that there are virtual users xiaotong and Xiaowang.

6.5.2 User Creation and directory settings

Add a vsftpdguest user to the system as a virtual user representative in the system.

Useradd vsftpdguest

Create a virtual user
Useradd-D/home/vsftpd-S/sbin/nologin vsftpd

After a virtual user logs on, the user is located in the/home/vsftpdguest directory of vsftpdguest. If you want a virtual user to log on

To other directories such as/var/FTP, modify the Home Directory of vsftpdguest.

Install the db4.2-util package

Sudo apt-Get install db4
.
2
-Util

Create a login file that contains virtual user information, such

------------------------------------------


Test1 User Name

Passwd1 Password

Test2 Username

Passwd2
Password

Enter the last line.


-------------------------------------------

 

Create Database Files

Sudo db4
.
2_load-T-t hash-F Login
/
Etc
/
Vsftpd
/
Vsftpd_login
.
DB

Change Database File Permissions

Sudo chmod
600
 
/
Etc
/
Vsftpd_login
.
DB

Generate a new Pam file and create/etc/PAM. d/vsftpd. vu as follows:

Auth required
/
Lib
/
Security
/
Pam_userdb
.
So DB
=/
Etc
/
Vsftpd
/
Vsftpd_login

Account required
/
Lib
/
Security
/
Pam_userdb
.
So DB
=/
Etc
/
Vsftpd
/
Vsftpd_login

6.5.3 Configuration File Settings

6.5.3.1. Basic settings.

In the vsftpd. conf configuration file, add the following parameters:
Guest_enable = Yes
Guest_username = vsftpdguest

6.5.3.2. Virtual user permission configuration.

In the VSFTPD-1.2.0 when virtual_use_local_privs = Yes, you only need write_enable = Yes, the virtual user can

Write Permission.
6.5.3.3 other configurations of virtual users

① Restrict virtual users to their own directories.

Chroot_local_user = No
Chroot_list_enable = Yes
Chroot_list_file =/etc/vsftpd. chroot_list
Add xiaotong and Xiaowang to the/etc/vsftpd. chroot_list file.
Or, chroot_local_user = Yes

② Personal configurations of virtual users.

If you want individual virtual users to have their own special configurations, you can also create a virtual user's personal configuration file. In the main configuration file

Add:
User_config_dir =/etc/vsftpd/vsftpd_user_conf

Note: When user_config_dir is invalid during configuration, it is invalid if it is set to/etc/vsftpd/userconf,
The/etc/vsftpd/userconf does exist, and the following user files also exist. Later, create a directory named randomly under the etc directory and copy the two files.
Set user_config_dir to any Created directory. It may be because the name of guest_username is vsftpd.

Generate the/etc/vsftpd/vsftpd_user_conf directory to create a file with the same name as a specific virtual user:
[Root @ hpe45 vsftpd] # mkdir vsftpd_user_conf
[Root @ hpe45 vsftpd] # cd vsftpd_user_conf
[Root @ hpe45 vsftpd_user_conf] # Touch Xiaowang
Then, you can add the option settings for Xiaowang to the Xiaowang file.
NOTE: If chroot_local_user = yes is added to the personal configuration file, it is invalid.

6.5.3.4 virtual user personal directory settings

You can find that no matter which virtual user is, the directory in which the user logs on is/home/vsftpdguest, that is

The Home Directory of the guest_username user. The following describes how to create a directory for each virtual user.
One way is to use the local_root option in the virtual user's personal configuration file to specify the virtual user's own directory. Take Xiaowang

For example, based on step 1, add the following to the/etc/vsftpd/vsftpd_user_conf/Xiaowang file:
Local_root =/home/Xiaowang
Create the Xiaowang directory and set the permission to vsftpdguest:
[Root @ hpe45 Home] # mkdir Xiaowang
[Root @ hpe45 Home] # chown vsftpdguest. vsftpdguest./Xiaowang

Okay. Restart the FTP server:

/etc/init.d/vsftpd restart 

Note that when using CuteFTP, You must select the standard ftp mode instead of SFTP for logon.