Vsftp Server instance resolution on Linux system

Experimental environment: AS4 Minimal Installation

Experiment goal: Set up VSFTP server

This time we'll learn about the configuration of the VSFTP servers in the Linux system.

Here we go! First we install the VSFTP server-side software.

The installation files for the VSFTPD server are located on the 1th installation CD.

Use the RPM name to successfully install the package.

# RPM-IVH vsftpd-2.0.1-5.i386.rpm

The VSFTP service can be started by default when the installation is finished.

[root@localhost ~]# Service vsftpd start

Starting vsftpd for VSFTPD: [OK]

But the default we can only see, can not upload.

1. Below we open anonymous user upload

[Root@localhost/]# vi/etc/vsftpd/vsftpd.conf

Will Anon_upload_enable=yes

Anon_mkdir_write_enable=yes

In front of the # Remove

[root@localhost/]# Service vsftpd restart

Shutting down VSFTPD: [OK]

Starting vsftpd for VSFTPD: [OK]

2. Imprison the FTP local user in the host directory

Add a settings item to the vsftpd.conf file.

Chroot_local_user=yes

Restart the VSFTPD service.

# Service VSFTPD Restart

3. Create a virtual account

A, create a virtual user password library file.

[Root@localhost ~]# Cat Logins.txt

Mike

123

John

321

The odd line in the password library file sets the user name, and even rows set the password.

b, generate the VSFTPD authentication file (installed on the 3rd CD).

[Root@localhost rpms]# RPM-IVH db4-utils-4.2.52-7.1.i386.rpm

Warning:db4-utils-4.2.52-7.1.i386.rpm:v3 DSA Signature:nokey, key ID db42a60e

Preparing ... ########################################### [100%]

1:db4-utils ########################################### [100%]

[Root@localhost rpms]# db_load-t-t hash-f/root/logins.txt/etc/vsftpd/vsftpd_login.db generate authentication files.

C, set the authentication file only to the user can read and write.

# chmod 600/etc/vsftpd/vsftpd_login.db

D, set up the PAM configuration file required by the virtual user.

Create vsftpd.vu files manually.

# CAT/ETC/PAM.D/VSFTPD.VU

Auth required/lib/security/pam_userdb.so Db=/etc/vsftpd/vsftpd_login

Account Required/lib/security/pam_userdb.so Db=/etc/vsftpd/vsftpd_login

E, establish the virtual user and the directory to be accessed and set the appropriate permissions.

Establish the System user account used by all FTP virtual user accounts and set permissions on the account host directory.

# useradd-d/home/ftpsite Virtual

# chmod 700/home/ftpsite

F, set the vsftpd.conf configuration file.

Add the configuration contents of the virtual user to the configuration file.

Guest_enable=yes

Guest_username=virtual

Pam_service_name=vsftpd.vu

Restart the VSFTPD service program.

G, the VSFTPD service program needs to be restarted after the vsftpd.conf file has been modified.

# Service VSFTPD Restart

You should be able to log in with a virtual account now.

4. Set different permissions on the virtual user

Set up the primary configuration file.

Add the user profile directory settings in the vsftpd.conf file.

User_config_dir=/etc/vsftpd_user_conf

Create a user profile directory.

Use the mkdir command to establish a user profile directory.

# mkdir/etc/vsftpd_user_conf

Create a separate configuration file for the virtual user.

The user profile name is the same as the user name.

/etc/vsftpd_user_conf/mike

/etc/vsftpd_user_conf/john

The contents are as follows:

Anon_world_readable_only=no says users can browse FTP directories and download files

Anon_upload_enable=yes says users can upload files

Anon_mkdir_write_enable=yes indicates that the user has permission to create and delete directories

Anon_other_write_enable=yes indicates that the user has permission to rename and delete files

No configuration items are configured by default according to the vsftpd.conf configuration content

Resource limits for 5.FTP servers

MAX_CLIENTS=100 allow maximum number of client connections

Max_per_ip=5 number of connections to the same IP maximum client

local_max_rate=5000000 set maximum transfer rate for local users

anon_max_rate=2000000 Maximum transmission rate of anonymous users