Set up FTP service

Setting the FTP service file transfer protocol (FTP) is one of the most common network services in UNIX. It is quite easy to set up an anonymous server. Some skills are required to set up a virtual FTP host and a separate FTP account. 1. Anonymous FTP is the most common service: a machine is a separate FTP server. Most UNIX versions automatically complete this setting: Usually the root directory of FTP is/home/ftp. If for some reason, the anonymous FTP service is not set on your machine, the configuration is as follows ~ FTP is the home directory of anonymous ftp users specified in the/etc/passwd file. The FTP daemon, FTPD, recognizes anonymous users and makes appropriate adjustments to the Account. The accessed root directory is set ~ FTP. This means that the user can only access at most ~ FTP files and directories. Of course, more restrictions can be imposed. Because the root of the file system has been modified, you need to set several directories and files to meet the minimum functional requirements .~ The FTP owner should be root and only root can be written .~ The owner of FTP/bin should also be root and only root can be written. It should contain the LS program .~ The owner of FTP/bin/ls should be root, and its access permission should be in-X-x mode. If not, you can use chmod 111 ~ FTP/bin/ls to modify .~ FTP/lib should contain libc. so.5. These contents can be found in the/lib directory. If you want the list to translate user and group ID into names, you need to create ~ /FTP/etc directory. It should have 755 access permissions and should contain passwd and group files associated with the name and ID. The encrypted password field is not used and should be left blank. The unique fields that need to exist are username, uid, and GID. Upload and download directories ~ FTP/pub should have 755 access mode, and the owner should be FTP. This allows others to upload content to or read content from the directory. You can also modify the ownership and access permissions as expected. The FTP user's entries in/etc/passwd should be: ftp: *: 14: 50: FTP user:/home/FTP; FTP is a service controlled by inetd, therefore, there must be a corresponding item in/etc/services. Generally, it is set. If not, you can manually Add the following item: ftp 21/tcp2. other users in the system access the ftp. When other user accounts (not anonymous or FTP) connect to the system, only when three conditions are met can access permissions be granted. (1) The user name and password must be valid. (2) The user name must not be in/etc/ftpusers. (3) The user must have a valid shell, that is, his shell must appear in the/etc/shells list. 3. Set only accounts with FTP connections. It is possible to set only user accounts with FTP connections. These accounts are similar to anonymous accounts and can coexist with them. Because the root directory has been reset, you need to set the bin, Lib, and etc directories. The setting method is the same as that for anonymous accounts. To set a specific account, you only need to edit the/etc/ftpaccess file for FTP access. In the following example, two users are set, ftpbob and Jane, which can only use the FTP function. #/Etc/ftpaccess # class all real, guest, anonymous * class ftponly ftpbob, Jane * loginfails 5 readme * loginreadme readme * CWD = * message/welcome. MSG loginmessage. message CWD = * compress Yes alltar Yes alloverwrite Yes realchmod no guest, anonymousdelete no guest, anonymousrename no guest, region no guest, anonymousguestgroup ftponlyclass row sets the user group and host matching mode to match. "*" Matches all hosts. The corresponding/etc/passwd item is: JANE: 9 pthxxoqvw: 518: 518: Jane's FTP-only acount:/a/FTP/JANE:/bin/falseftpbob: l8leijpehfp: 518: 518: Bob's FTP-only acount:/a/FTP/ftpbob /. /incoming:/bin/Fales both have valid shells and deny shell access. The main directory is changed to the root directory of the FTP session. In addition, the ftpbob account modifies the directory to/A/FTP/ftpbob/incoming. Note that some other parameters are set in the ftpaccess file. Real is the keyword of any valid account. "anonymous" indicates any anonymous user, and "guest" indicates a guest-level access account. The compress and tar items tell ftpd when to allow dynamic compression and decompression, archiving and recovery (TAR/untar ). The readme and messages items set the file search mode so that information is automatically displayed when you connect to and enter the directory (Readme. In the preceding example, a low-level access account (anonymous and guest) cannot delete files, modify file modes, or rename files. Loginfails completes the desired work and gives up after the number of failed login attempts.