Set up vsftpd in OpenBSD

Old Article 1

-----------------

I recently played OpenBSD. Since my machine is not there, I had to use a virtual machine on another machine.

Compared with the previous NetBSD, OpenBSD gives me the greatest impression that it is simple. The configuration of Web Services, ftp services, and other uncertain things are not as easy as they are in OpenBSD: that is, the configuration is to look at the configuration file. Running and stopping the service is done by hitting a command (or the internal work may be improved without knowing it, I used to get used to things that I used to think I couldn't understand ).

Start with the question.

 

1. Install vsftpd

The network configuration of OpenBSD has been completed during installation. Set it to 192.168.1.103 and use putty to connect to the operating machine.

I will not introduce vsftpd, but Baidu will know it at a moment. I installed it in the form of package. The steps are described as follows:

(1) set PKG_PATH

# Export PKG_PATH = ftp://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/

You can also write the environment variable to the user's shell configuration file so that the environment variable will be automatically set when the shell is started later. Otherwise, you need to manually set the environment variable every time you use it:

# Cd

# Vi. profile

Add the following code:

PKG_PATH = ftp://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/

Export PKG_PATH

Save and exit. Restart shell.

Check whether the settings are valid:

# Echo $ PKG_PATH

If

Ftp://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/

The setting is successful.

(2) install vsftpd

# Pkg_add-v vsftpd-2.0.5.tgz

Wait until the installation is complete.

2. Configure vsftpd

Configuration reference: http://bbs.chinaunix.net/viewthread.php? Tid = 561183 & extra = & page = 1

Vsftpd can be started in either of the following ways: run the vsftpd command in shell to start the vsftpd service.

# Vsftpd

The root permission is required to start this service. If the prompt is that the permission is insufficient:

# Su-

At startup.

The vsftp configuration file is/etc/vsftpd. conf. Open it with vi to view detailed configuration information. Each item has a specific description. Keep the default configuration unchanged. Enter ftp: // 192.168.1.103 in the browser to log on. However, it is strange that the default configuration clearly allows anonymous login, but the user name and password are required during actual login, and the local user (that is, the system user) is used for login, you can directly open the user's home directory.

At this time, although the service is started, you have to continue to make some settings for a real ftp server.

Let's talk about three vsftpd users: anonymous Users (this is our most common anonymous), local users (that is, system users), and virtual users (users who are dedicated to ftp services, cannot log on to the system). The reason for setting so many types is mainly to consider system security and user permission management. Different types of user configurations may be different. Here I will simply say anonymous users.

Generally, the following settings are required:

# Useradd nobody // your system may already have this account, so you do not need to create
# Mkdir/usr/share/empty // This directory may already exist in your system, so you do not need to create
# Mkdir/var/ftp // This directory may already exist in your system, so you do not need to create
# Useradd-d/var/ftp // This account may already exist in your system, so you do not need to create
# Chown root: root/var/ftp
# Chmod og-w/var/ftp
Remember, if you do not want a user to log on locally, you need to set the login SHELL to/sbin/nologin, for example, the above nobody and ftp are set to/sbin/nologin.
As I mentioned earlier, anonymous users cannot log on by default, probably because no directories are added for anonymous users. Anonymous Users can log on after mkdir/var/ftp.

In order to test, create some directories under/var/ftp, place some files, and log on to leapftp to see that the configuration is OK.

Grant upload permissions to anonymous users:

Because vsftpd is for security purposes, the/var/ftp directory cannot open all permissions, so we need to create a directory pub, of course, we still need to modify the configuration file.
# Mkdir/var/ftp/pub
# Chmod-r 777/var/FTP/pub

Upload now is OK.

However, an error occurred while downloading the uploaded file: 550 Failed to open file.
Remember that we set anon_umask = 077? So you cannot download it. If you touch a file (644) on the server and test it, it can be downloaded. Well, the anonymous server will talk about it here.

Or permission issues:

# Cd/var/ftp/pub

# Chmod 644 *.*

That is, the permission for all files in the directory is opened, and the download is successful.