VsFTPd server beginner's Guide

Source: Internet
Author: User

VsftpdIt is one of the most popular FTP server programs in the Linux release. It is very easy to use and I have spent a long time. Next I will introduce you to the vsftpd Getting Started Guide.

1. Implementation of some common vsFTPd server functions;

1.1. Implementation of anonymous upload/download;

Anonymous upload is actually relatively simple. First, we need to modify vsftpd. conf, which is located in the/etc/directory. It may be/etc/vsftpd. conf, or/etc/vsftpd. conf file. Your system environment shall prevail;

First, we need to change vsftpd. conf to make sure there are the following lines;

Anonymous_enable = YES

Anon_upload_enable = YES

Anon_mkdir_write_enable = YES

Anon_umask = 022

Second, create a folder under the ftp user's home directory and change its permissions to fully open;

Where is the home directory of an ftp user? As we have already said, you can view it through/etc/passwd; you can also view it through finger ftp;

[Root @ localhost beinan] # finger ftp

Login: ftp Name: FTP User

Directory:/var/ftp Shell:/sbin/nologin

This indicates that the ftp user's home directory is in/var/ftp. We need to create a directory under this directory and set its permissions to readable, writable, and executable by any user; in general, there is a/var/ftp/pub directory in the release. If not, you can create one by yourself. After you change the configuration file, you only need to enable the permission of any directory under/var/ftp to upload and download anonymously;

For example, if you want anonymous users to upload and download files in/var/ftp/pub, you can open the/var/ftp/pub permission. If you do not have this directory, you must create one by yourself;

[Root @ localhost ~] # Mkdir/var/ftp/pub

[Root @ localhost ~] # Chmod 777/var/ftp/pub

In this way, it is OK to upload the data to the pub directory during the upload, right ??

1.2 examples of adding local users and enabling read/write permissions;

FTP users generally cannot log on to the system, which is also for security. In the system, users who do not have the permission to log on to the system are also known as virtual users. Virtual users also need to be written into/etc/passwd. This is just a virtual user method, but it is not really a virtual user, but the permission to log on to the SHELL is removed, so he is not able to log on to the system;

If we want to locate the beinan user directory in the/opt/beinan directory and cannot log on to the system, we should perform the following operations:

[Root @ localhost ~] # Adduser-d/opt/beinan-g ftp-s/sbin/nologin beinan

[Root @ localhost ~] # Passwd beinan

Changing password for user beinan.

New password:

Retype new password:

Passwd: all authentication tokens updated successfully.

[Root @ localhost ~] #

In fact, this is not enough. We need to change the configuration file vsftpd. conf to ensure that the local virtual user has the read and write permissions;

Local_enable = YES

Write_enable = YES

Local_umask = 022

1.4. How to implement a virtual path?

For example:

/Home/a ing is ftp: // localhost/

/Home/B/c is set to ftp: // localhost/c

In fact, this cannot be said to be the content of vsFTPd. In fact, we have been using it for a long time. We may not have noticed it. We can implement it through the following methods.

[Root @ localhost ~] # Mount -- bind [original directory] [new directory]

For example, if my default ftp directory is/var/ftp, I want to map the/mnt/LinG/WinSoft folder to the/var/ftp directory. I will perform the following operations:

Create a directory in the/var/ftp directory first.

[Root @ localhost ~] # Mkdir/var/ftp/WinSoft

Run the mount command.

[Root @ localhost ~] # Mount -- bind/mnt/LinG/WinSoft/var/ftp/WinSoft

In this case, OK.

1.5 enable the log function of the vsFTP server;

Correct # In Front Of xferlog_file below, that is, enable the log function of vsftp, so that we can view vsftpd. log in the/var/log directory. This is the log function of vsFTP, which is extremely important for us.

Xferlog_file =/var/log/vsftpd. log

1.6. How to customize the welcome information;

How to customize the welcome information, that is, after we log on to some FTP, there will be a similar: Welcome to LinuxSir FTP, here, you will get the most sincere help, if you have any questions or suggestions, please send me a letter. Thank you.

It is not difficult to implement this. We can check whether this line exists in the vsftpd. conf file.

Dirmessage_enable = YES

Message_file =. message

If no, add it. If there is a # sign before dirmessage_enable = YES, remove the # sign. In fact, the default FTP information is. message, so it can be specified without message_file =. It doesn't matter if you specify it yourself;

Then, we create a. message file and write what you want to write. For example, the content of. message is as follows:

-- Welcome to LinuxSir FTP!

-- Here, you will get the most sincere help;

-- If you have any questions or suggestions, please send me a letter. Thank you.

We can use the editor to write this. message. I don't need to talk about this process.

Then we copy the. message file to the Home Directory of each user. For example, if one of my FTP users is beinan and the Home Directory of this user is/opt/beinan

We need to put. message in the/opt/beinan directory. If the system user ftp, his directory is the/var/ftp directory, which is the default. When anonymous users log on, they will access the/var/ftp directory. We want anonymous users to see the welcome information. Put. message in the/var/ftp directory. Other users are nothing more than similar operations.

1.7 if hard disk space is limited, How can I change the default home directory of the ftp account to another place?

My hard disk space is limited. How can I change the default ftp path/var/ftp of my account to another place? Or, all my linux directories are placed in the/root partition. Due to space shortage, can I put the default path of the ftp user to another partition ??

For ftp user management, we should check/etc/passwd and then modify the ftp user line;

Ftp: x: 14: 50: FTP User:/var/ftp:/sbin/nologin

For example, to change the Home Directory of an ftp user to/opt/ftp

Ftp: x: 14: 50: FTP User:/opt/ftp:/sbin/nologin

Then we will create a new home directory for ftp users;

[Root @ localhost ~] # Mkdir/opt/ftp

[Root @ localhost ~] # Chmod 755/opt/ftp

[Root @ localhost ~] # Chown root: root/opt/ftp

If the default ftp disk space is insufficient, we can also use the virtual path ing method, that is, the mount-bind method. Depending on the situation, which method is best;

1.8. How can I limit the number of connections on the vsFTP server and the maximum number of connections per IP address?

Modify the vsFTPd server configuration file vsftpd. conf and add the following two lines:

Max_clients = Number

Max_per_ip = Number

For example, I want to add up to 100 vsFTP connections and up to five connections for each IP address. Therefore, I should add the following two lines in vsftpd. conf:

Max_clients = 100

Max_per_ip = 5

After modifying the configuration file, do not forget to start the vsftp server.

1.9. How do I limit the transmission speed?

Anon_max_rate = Number

Note: This is an anonymous speed.

Local_max_rate = Number

Note: This is the speed of local users on the vsFTP server.

Note: The unit of this number is byte, so we need to calculate it. For example, if I want Anonymous Users and vsFTP users to download data at 80 KB, the number should be 1024x80 = 81920.

Therefore, we need to add the following two lines to vsftpd. conf:

Anon_max_rate = 81920

Local_max_rate = 81920

1.10. How can I restrict users to the home directory?

We need to create a file by ourselves in the/etc directory or in the/etc/vsftpd directory (If your vsftpd configuration files are all in this directory );

# Touch/etc/vsftpd. chroot_list

Beinan and nanbei users are restricted to their home directories, while other FTP users do not.

In the vsftpd. chroot_list file, add beinan and nanbei. Note that each user occupies one row.

Beinan

Nanbei

Modify the/etc/vsftpd. conf file and find the following two lines:

Chroot_list_enable = YES

Chroot_list_file =/etc/vsftpd. chroot_list

If there are no such two rows, you can add them by yourself.

After the configuration, restart the vsFTPD server.

Supplement 1: How to restrict all FTP users in the system to the home directory ?? As prompted by juliaugong, I found the foreign description of vsFTPd, proving that this option is a one-size-fits-all solution. All users can restrict access to the home directory.

You can add the following line by changing the vsftpd. conf file:

Chroot_local_user = YES

After modifying the configuration file, do not forget to restart the vsFTPd server;

1.11. How can I bind an IP address to vsFTPd?

How can I bind an IP address to vsFTPd? That is to say, how can users access FTP only through an IP address. In fact, this function is very interesting. If you are bound to an intranet IP address, there is no way to access the outside. If the IP address of the external service is bound, the Intranet can only access the FTP through the IP address of the external service.

Add a line in vsftpd. conf. Take my lan as an example. Please refer to the operating environment in the first post, so that the Internet cannot access my FTP, and the Intranet may also access FTP through 192.168.0.2;

Listen_address = 192.168.0.2

Through the above introduction, I believe that those beginners know the basic knowledge of vsFTPd and hope to help you!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.