VSFTP encrypted transmission built on LINUX

VSFTP encrypted transmission built on a LINUX system-Linux Enterprise Application-Linux server application information. The following is a detailed description. OS: LINUX

Reference documents: ftp://vsftpd.beasts.org/users/ce... pd-2.0.1/README. ssl

Among the many FTP servers, VSFTP is secure and small. It has been favored by people in recent years. In general, FTP includes the authentication process, and transmission is in plain text. It is always difficult to transmit sensitive data. Today, I found some scattered information on the Internet and wrote a post based on my own practice to contribute to everyone.

Download the latest VSFTPD:

# Wget ftp://vsftpd.beasts.org/users/cevans/vsftpd-2.0.3.tar.gz

Compile and install VSFTPD:
# Tar? Zxvf vsftpd-2.0.3.tar.gz
# Cd vsftpd-2.0.3

Modify VSFTPD to support SSL transmission:
Modify the following content in builddefs. h:
# Undef VSF_BUILD_TCPWRAPPERS
# Define VSF_BUILD_PAM
# Undef VSF_BUILD_SSL
Is:
# Define VSF_BUILD_TCPWRAPPERS
# Undef VSF_BUILD_PAM
# Define VSF_BUILD_SSL

Start compilation and installation:
# Make
# Make install
# Cp vsftpd. conf/etc/

Create an SSL certificate:
# Openssl req-new-x511-nodes-out vsftpd. pem-keyout vsftpd. pem
# Cp vsftpd. pem/usr/share/ssl/certs/vsftpd. pem

Create accounts and directories:
# Useradd? D/dev/null? S/sbin/nologin nobody
# Mkdir/usr/share/empty
# Mkdir/var/ftp
# Useradd-d/var/ftp? S/sbin/nologin ftp
# Chown root: root/var/ftp
# Chmod og-w/var/ftp

Configure VSFTPD:
# Vi/etc/vsftpd. conf
=====================
Anonymous_enable = NO
Local_enable = YES
Write_enable = YES
Local_umask = 022
# Anon_upload_enable = YES
# Anon_mkdir_write_enable = YES
Dirmessage_enable = YES
Xferlog_enable = YES
Connect_from_port_20 = YES
# Chown_uploads = YES
# Chown_username = whoever
# Xferlog_file =/var/log/vsftpd. log
# Xferlog_std_format = YES
# Idle_session_timeout = 600
# Data_connection_timeout = 120
# Nopriv_user = ft1_cure
# Async_abor_enable = YES
Ascii_upload_enable = YES
Ascii_download_enable = YES
Ftpd_banner = Welcome to Serv-u ftp Server v5.0 for WinSock.
# Deny_email_enable = YES
# Banned_email_file =/etc/vsftpd. banned_emails
Chroot_list_enable = YES
Chroot_list_file =/etc/vsftpd. chroot_list
Ls_recurse_enable = NO
Hide_ids = YES
Userlist_enable = NO
Use_localtime = YES
Listen = YES
Listen_port = 21
Tcp_wrappers = YES
Ssl_enable = YES
Ssl_sslv2 = YES
Allow_anon_ssl = YES
Force_local_data_ssl = YES
Force_local_logins_ssl = YES
Rsa_cert_file =/usr/share/ssl/certs/vsftpd. pem
=====================

# Touch/etc/vsftpd. chroot_list

Write a VSFTPD boot Tutorial:
# Vi/etc/init. d/vsftpd
=====================
#! /Bin/sh
# Copyright (c) 2004 by LLZQQ
# All rights reserved.
#
# Chkconfig:-110 30
# Description: Starts and stops the Vsftpd Service
# Config:/etc/vsftpd. conf
#

Case "$1" in
Start)
/Usr/local/sbin/vsftpd &
;;
Stop)
Pkill vsftpd
;;
*)
Echo "Usage: $0 {start | stop }"
Exit 1
;;
Esac
Exit 0
=====================

# Chmod 755/etc/init. d/vsftpd
# Chkconfig? -Add vsftpd
# Chkconfig vsftpd on

At this point, the ftp server has been installed and configured. I used FileZilla, which is free of charge, to log on to the server client. (the last two days, I saw that FileZilla supports SSL ). FileZilla settings are also relatively simple, such:




(400) {this. resized = true; this. width = 400; this. alt = 'click here to open new window';} "onmouseover =" if (this. resized) this. style. cursor = 'hand'; "onclick =" window. open ('HTTP: // bbs.chinaunix.net/attachments/month_0511/33_Tcvkzrrxo5yS.jpg'); ">




(400) {this. resized = true; this. width = 400; this. alt = 'click here to open new window';} "onmouseover =" if (this. resized) this. style. cursor = 'hand'; "onclick =" window. open ('HTTP: // bbs.chinaunix.net/attachments/month_0511/34_CSuwIv5ZQP8S.jpg'); ">