Setup and configuration of VSFTP server

Vsftp with its simple and efficient, easy to deploy, not to perform external program security high reputation

VSFTP deployment has both anonymous and local Users:

Local User: The user has an account on the FTP server and the account is a local user account, and the login directory is/home/username

Anonymous User: User does not have account on FTP server, login directory is/var/ftp

Deployment of VSFTPD

CentOS By default is installed, we can use RPM-QA view, if not installed Yum installation, and then check the port or state.

Rpm-qa|grep vsftpd

Yum Install VSFTPD

VSFTPD configuration file

/etc/vsftpd/vsftpd.conf//Main configuration file

/etc/vsftpd/ftpusers//Specify which users cannot access the FTP server

/etc/vsftpd/user_list

When Userlist_enable=yes,userlist_deny=yes is set in the primary configuration file vsftpd.conf, the user specified in User_list cannot access the FTP server.

When Userlist_enable=yes,userlist_deny=no is set in the primary configuration file vsftpd.conf, only the user specified in User_list can access the FTP server.

Anonymous configuration of Vsftp

Anonymous FTP is generally used in public networks, as long as the guarantee anonymous_enable=yes, that is, open the anonymous way, reload the configuration file or restart the server.

You can download the/var/ftp/pub directory file at this time, but you cannot upload and modify files.

#anon_upload_enable =yes//upload

#anon_mkdir_write_enable =yes//Create a file

#anon_other_write_enable =yes//read/write access

Service vsftpd restart or service vsftpd reload

Priority selection, reload the configuration file without interrupting the connection, the first is to allow anonymous uploads, the second is to allow anonymous creation of files, and the third is to allow anonymous modifications, and to select permissions to anonymous users as needed.

Configuring local user logins for VSFTP

Local_enable=yes

Write_enable=yes

You can open these two items.

At this point, the customer can do the operation of the check, but users can also go to other directories to browse. Then we need to open "Chrooot_loacl_user=yes" so that users can only see their own directory, the security of the directory.

If you are allowing some users to switch to other directories outside the home directory:

Chroot_list_enable=yes

Chroot_list_file=/etc/chroot_list

/etc/chroot_list is used to specify that users outside the home directory cannot be accessed.

So vsftpd's simple and practical study finished, I hope you have some harvest

Note : More wonderful tutorials Please pay attention to the triple computer tutorial section, triple Computer office group: 189034526 welcome you to join