Wu_ftpd server configuration in Linux

To achieve FTP server configuration in Linux, most Linux release packages use the Washington University FTP (wu-ftpd), which is a server software with excellent performance, because of its many powerful functions and ultra-high throughput, over 60% of FTP servers on the Internet use it.

Installation and running

The following uses RedHat Linux as an example.

1. Installation

Based on different service objects, FTP services can be divided into two types: System FTP server, which only allows valid users on the system to use, and anonymous FTP server, it allows anyone to log on to the FTP server. After connecting to the server, enter anonymous in the logon prompt to access the server. For these two services, you can install the RPM package of WU-FTPd on the first disc of RedHat. You only need to enter the system as root and run the following command:

RPMs-IVH anonftp-X. x-x.i386.rpm

Rpm-IVH wu-ftpd-x.x.x-x.i386.rpm

-X. X-X and-x. x. x-X are version numbers.

2. Start

Like Apache, wu-ftpd can also be configured to automatically start: run the setup program attached to RedHat, and select wu-ftpd in the "System Service" option, click [OK] to exit.

Automatic Start is convenient, but when we change the WU-FTPd configuration file, we need to use manual start:

Start:/usr/sbin/ftprestart

Disable:/usr/sbin/ftpshut

FTP Server Configuration

To ensure the security of the FTP server, you must set some important configuration files to better control the user's access permissions. These configuration files are:/etc/ftpusers,/etc/ftpconversions,/etc/ftp-groups,/etc/ftpphosts,/etc/ftpaccess. Using these files, you can precisely control who, at what time, from where the server can be connected, and check and track the work they have done after connection.

/Etc/ftpusers: users in this folder cannot log on to the server through FTP, and sometimes the user accounts that need to be banned are written to the/etc/ftpuser file, in this way, some users are prohibited from using the FTP service.

/Etc/ftpconversions: used to configure the compression/decompression program.

/Etc/ftpgroups: create a user group. Members in this group can access the FTP server in advance.

/Etc/ftpphosts: Used to prohibit or allow remote host access to a specific account. For example:

Allow czc 192.168.0.0/24

Deny cdd 10.0.0.0/8

Allow the czc user to access from the CIDR Block 192.168.0 And Deny Access From the CIDR block 10.

/Etc/ftpaccess: is a very important configuration file used to control access permissions. Each row in the file defines an attribute and sets the attribute value. The following describes some of its common configurations:

1. Define user categories

Format: class [class name] [real/guest/anonymous] [IP address]

Function: sets the user category on the FTP server. You can also restrict the IP addresses of the client to allow specific or all IP addresses to access the FTP server.

2. Number of Logon retries

Enter loginfails 10 in the command line. This indicates that the connection is disconnected if the logon fails for 10 times.

3. Password check

Format: passwd-check <strictness> warn

Checks the password usage of anonymous users. The strictness is one of three possible strings: None, trivial, and rfc822. If none is selected, the password will not be checked. If trivial is selected, the password must have at least one @ symbol. If rfc822 is selected, it indicates the strictest, requiring the e-mail address to comply with rfc822 packet title standards (such as: czc@domain.com ).

For example, passwd-check rfc822 warn indicates that the password is strictly required. When the password does not comply with the regulations, a warning is reported.

4. Number of logon users

Format: limit [category] [number of people] [time] [file name]

Set the number of users who can log on to FTP within the specified category within the specified time. For example, limit remote any/etc/limits. MSG indicates that the number of Logon persons in the remote category cannot exceed 20 at any time. Otherwise, the warning message of limit. MSG is displayed.

Reasonable Use of these configurations can effectively protect our servers.

Verify

After the FTP server is installed and configured, you can verify that the FTP server can be accessed using graphical tools and command lines. The most common command in Linux is FTP, which provides an uncomplicated FTP server interface. To connect to the FTP server, you only need to enter: ftp servername at the command prompt, replace servername with the host name or IP address of the FTP server to be connected, and enter the user name and password as prompted, then, use the standard Linux system to move up or down the FTP server directory structure. In addition, graphical FTP programs, including window-type gftp, can be used to access the FTP server through a web browser.

The above are the key points for configuring the FTP server in Linux. I hope it will help you.