Experimental environment: AS4 Minimal Installation
Experiment goal: Set up VSFTP server
This time we'll learn about the configuration of the VSFTP servers in the Linux system.
Here we go! First we install the VSFTP server-side software.
The installation files for the VSFTPD server are located on the 1th installation CD.
Use the RPM name to successfully install the package.
# RPM-IVH vsftpd-2.0.1-5.i386.rpm
The VSFTP service can be started by default when the installation is finished.
[root@localhost ~]# Service vsftpd start
Starting vsftpd for VSFTPD: [OK]
But the default we can only see, can not upload.
1. Below we open anonymous user upload
[Root@localhost/]# vi/etc/vsftpd/vsftpd.conf
Will Anon_upload_enable=yes
Anon_mkdir_write_enable=yes
In front of the # Remove
[root@localhost/]# Service vsftpd restart
Shutting down VSFTPD: [OK]
Starting vsftpd for VSFTPD: [OK]
2. Imprison the FTP local user in the host directory
Add a settings item to the vsftpd.conf file.
Chroot_local_user=yes
Restart the VSFTPD service.
# Service VSFTPD Restart
3. Create a virtual account
A, create a virtual user password library file.
[Root@localhost ~]# Cat Logins.txt
Mike
123
John
321
The odd line in the password library file sets the user name, and even rows set the password.
b, generate the VSFTPD authentication file (installed on the 3rd CD).
[Root@localhost rpms]# RPM-IVH db4-utils-4.2.52-7.1.i386.rpm
Warning:db4-utils-4.2.52-7.1.i386.rpm:v3 DSA Signature:nokey, key ID db42a60e
Preparing ... ########################################### [100%]
1:db4-utils ########################################### [100%]
[Root@localhost rpms]# db_load-t-t hash-f/root/logins.txt/etc/vsftpd/vsftpd_login.db generate authentication files.
C, set the authentication file only to the user can read and write.
# chmod 600/etc/vsftpd/vsftpd_login.db
D, set up the PAM configuration file required by the virtual user.
Create vsftpd.vu files manually.
# CAT/ETC/PAM.D/VSFTPD.VU
Auth required/lib/security/pam_userdb.so Db=/etc/vsftpd/vsftpd_login
Account Required/lib/security/pam_userdb.so Db=/etc/vsftpd/vsftpd_login
E, establish the virtual user and the directory to be accessed and set the appropriate permissions.
Establish the System user account used by all FTP virtual user accounts and set permissions on the account host directory.
# useradd-d/home/ftpsite Virtual
# chmod 700/home/ftpsite
F, set the vsftpd.conf configuration file.
Add the configuration contents of the virtual user to the configuration file.
Guest_enable=yes
Guest_username=virtual
Pam_service_name=vsftpd.vu
Restart the VSFTPD service program.
G, the VSFTPD service program needs to be restarted after the vsftpd.conf file has been modified.
# Service VSFTPD Restart
You should be able to log in with a virtual account now.
4. Set different permissions on the virtual user
Set up the primary configuration file.
Add the user profile directory settings in the vsftpd.conf file.
User_config_dir=/etc/vsftpd_user_conf
Create a user profile directory.
Use the mkdir command to establish a user profile directory.
# mkdir/etc/vsftpd_user_conf
Create a separate configuration file for the virtual user.
The user profile name is the same as the user name.
/etc/vsftpd_user_conf/mike
/etc/vsftpd_user_conf/john
The contents are as follows:
Anon_world_readable_only=no says users can browse FTP directories and download files
Anon_upload_enable=yes says users can upload files
Anon_mkdir_write_enable=yes indicates that the user has permission to create and delete directories
Anon_other_write_enable=yes indicates that the user has permission to rename and delete files
No configuration items are configured by default according to the vsftpd.conf configuration content
Resource limits for 5.FTP servers
MAX_CLIENTS=100 allow maximum number of client connections
Max_per_ip=5 number of connections to the same IP maximum client
local_max_rate=5000000 set maximum transfer rate for local users
anon_max_rate=2000000 Maximum transmission rate of anonymous users