Set up FTPserver in Red Hat Linux 9

Source: Internet
Author: User
Tags best ftp

Set up FTPserver 1 in Red Hat Linux 9. installing vsftpd is one of the best FTP server tools in Linux. vs is short for "Very Secure" (Very Secure). It can be seen that its biggest advantage is security. In addition, it also has the advantages of small size, customizable, and high efficiency. If you choose to fully install Red Hat Linux 9.0, the system will install the vsftpd server by default. You can enter the following command in the terminal command window for verification: [root @ ahpeng root] rpm-qagrep vsftpd if the result shows "vsftpd-1.1.3-8", it means the system has installed the vsftpd server. If you do not select a vsftpd server when installing Red Hat Linux 9.0, you can click the "Main Menu> system Settings> add or delete application" menu in the graphic environment, in the displayed "soft package management" dialog box, make sure that the "FTP server" option is selected, click the "Update" button, and insert 3rd installation discs as prompted to start installation. Alternatively, you can insert 3rd installation discs, locate the vsftpd-1.1.3-8.i386.rpm installation package under/RedHat/RPMS, and then run the following command in the terminal command window to start the installation process: [root @ ahpeng RPMS] rpm-ivh vsftpd-1.1.3-8.i386.rpm. start/restart/stop the vsftpd service from Red Hat Linux 9.0. By default, vsftpd only starts the vsftpd service in standalone mode by running the following command in the terminal command window: [root @ ahpeng root]/etc/rc. d/init. d/vsftpd start restart the vsftpd service: [root @ ahpeng root]/etc/rc. d/init. d/vsftpd restart disable the vsftpd service: [root @ ahpeng root]/etc/rc. d/init. d/ Ftpd stop: After confirming that the vsftpd service has been started, you can enter "ftp FTPAddres" in the doscommand window of any Windows host (replace FTPAddres with the actual FTP Server IP address or domain name ), note that the username and password are all ftp (ftp is the ing Account Number of anonymous users), as described below: Microsoft Windows XP [version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. f: \ Peter> ftp FTPAddress Connected to FTPAddress 220 (vsFTPd 1.1.3) // User (FTPAddress :( none) in the Response Request of vsftpd )): ftp // enter the user account ftp 331 Please specify the password. password: // enter the Password ftp 230 Login success Ful. Have fun. ftp> 3. vsftpd configuration in Red Hat Linux 9.0 vsftpd has three configuration files: vsftpd. ftpusers: located in the/etc directory. It specifies which user accounts cannot access the FTP server, such as root. Vsftpd. user_list: located in the/etc directory. The user account in this file cannot access the FTP server by default. Access is allowed only when the userlist_enable = NO option is enabled in the vsftpd. conf configuration file. Vsftpd. conf: located in the/etc/vsftpd directory. It is a text file. We can use text editing tools such as Kate and Vi to modify it, this allows you to customize FTP server configurations such as user logon control, user permission control, timeout settings, server function options, server performance options, and server response messages. (1) User Logon control anonymous_enable = YES, allowing anonymous users to log on. No_anon_password = YES. You do not need to enter a password when logging on as an anonymous user. Local_enable = YES, allow local users to log on. Deny_email_enable = YES, you can create a file to save the blacklist of some anonymous emails to prevent these people from using Dos attacks. Banned_email_file =/etc/vsftpd. banned_emails. When the deny_email_enable function is enabled, the required path for saving the email blacklist is/etc/vsftpd. banned_emails by default ). (2) The user permission control write_enable = YES, enable the global upload permission. Local_umask = 022. The umask of the local user's uploaded file is set to 022 (the default value is 077. Generally, it can be changed to 022 ). Anon_upload_enable = YES, which allows anonymous users to have the upload permission. Obviously, you must enable write_enable = YES to use this option. At the same time, we must create a directory that allows ftp users to read and write data (as mentioned earlier, ftp is mapped to user accounts by anonymous users ). Anon_mkdir_write_enable = YES. Anonymous Users are allowed to create directories. Chown_uploads = YES. If this option is enabled, the owner of the file to be uploaded anonymously will be changed to another user account. Note that you are advised not to specify the root account as the owner of the file to be uploaded anonymously! Chown_username = whoever. When chown_uploads = YES is enabled, the specified owner account must be replaced by an appropriate user account. Chroot_list_enable = YES. You can use a list to specify which local users can only be active in their own directories. If chroot_local_user = YES, the specified users in this list are unrestricted. Chroot_list_file =/etc/vsftpd. chroot_list. If chroot_local_user = YES, specify the Save path for the List (chroot_local_user) (/etc/vsftpd. chroot_list by default ). Nopriv_user = ft1_cure: Specifies a secure User Account to allow the FTP server to be used as an independent user with full isolation and no privileges. This is a recommended option For vsftpd systems. Async_abor_enable = YES. We strongly recommend that you do not enable this option, otherwise it may cause errors! Ascii_upload_enable = YES; ascii_download_enable = YES. By default, the server will pretend to accept requests in asc ii mode but ignore such requests, enabling these two options enables the server to implement transmission in asc ii mode. Note: enabling the ascii_download_enable option will enable malicious remote users to use commands such as SIZE/big/file in asc ii mode to consume a large amount of FTP server I/O resources. The configuration options in asc ii mode are divided into upload and download, so that we can allow upload in asc ii mode (this can prevent the upload of malicious files such as scripts from crashing ), this vulnerability does not cause DoS attacks. (3) The idle_session_timeout option is set to 600. You can set the default idle time-out period. If you do not wait for this period, the server will be kicked out. Data_connection_timeout = 120, set the default data connection timeout time. (4) The server log and welcome information dirmessage_enable = YES, which allows displaying information for directory configuration and displaying the content of the message_file file under each directory. Ftpd_banner = Welcome to blah FTP service. You can customize the Welcome information that FTP users can see when they log on to the server. Xferlog_enable = YES, enabling the function of recording upload/Download activity logs. Xferlog_file =/var/log/vsftpd. log. You can customize the log file storage path and file name. The default value is/var/log/vsftpd. log.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.