Yesterday, I started to install the company server Dell PowerEdge750, Redhat 9.0 couldn't find the NIC. I didn't install it. Time, I didn't look back, so I installed Redhat Linux as3.0, today's sudden network service error: I can't find it SMB server, anxious to copy things, then rack ftp, some basic things, advanced configuration in the future, detachment system environment: redhat Linux AS3.0 vSFTPD-1.2.1-3 vsftp overview
FTP, File Transfer Protocol, file transfer communication protocols are also generally most commonly used to transfer files. FTP is divided into two categories, one is port ftp, that is, the normal FTP is another type of PASVFTP, which is described below: Port FTP This is a general form of FTP, first establish a control channel, the default is Port 21, that is Create online with PORT 21 and under the instructions through this online. Second, the data transfer channel will be established by the FTP Server terminal. The default is 20, that is, it is built with the Port 20, and transmits the port 20 for data transmission. PASV FTP is similar to Port FTP, first establish a control channel, the default value is Port 21, which is to establish online with Port 21 and underline the instruction. Second, a request for data transmission is made by the Client side, including the number of data transfer ports. What are the differences between these? The data transfer port in Port FTP is specified by FTP Server, and the PASV FTP data transfer port is determined by the FTP Client. Usually we use the PASV FTP, under the environment with the firewall, through the communication of the client and Server, determines the port of the data.
Easy VSFTPD server construction
1. Confirm whether you install VSFTPD software: #RPM -QA | grep vsftpd 2. Start the FTP server: #service vsftpd start 3. The default FTP directory is / var / ftp / pub 4.FTP 127.0.0.1 Anonymous test, Name: Anonymous Pass:
VSFTP installation (I didn't tried it, directly with rhel3.0 itself, there may be a bit entry) # 解压 tar -zf vsftpd-xx.tar.gz cd ./vsftpd-xx #vsftpd need to use Nobody as a runner, general There is already a USERADD NOBODY # installation requires / usr / share / empty / as a temporary directory, generally already existing MKDIR / USR / Share / Empty / # Compile Make Make Install # If Make Install does not have a file, you may need to manually perform the following Command #CP vsftpd / usr / local / sbin / vsftpd #cp vsftpd.conf.5 / usr / local / man / man5 #cp vsftpd.8 / usr / local / man / man8 cd ./example/internet_site cp vsftpd.conf / etc CP vsftpd.xinetd /etc/xinetd.d/vsftpd /etc/rc.d/init.d/xinetd restage configures vsftpd.conf core profile vsftpd.conf. The address is "/etc/vsftpd/vsftpd.conf", the control statement format is "statement = value", be careful not to add any spaces and punctuation symbols between the format. The control statement is divided into the Boolean (value yes or no) in the MAN man page, and the digital classes (value numbers) and string (value string) are three. 1. Adding anonymous server (independent server) Add the following items in the /etc/vsftpd/vsftpd.conf configuration file: anonymous_enable = yes (Allow anonymous login) DirMessage_enable = YES (When switching the directory, display the contents of the .Message, Less this. I have a lot of documents that take this. Ways this. Wait) local_umask = 022 (FTP local file permissions, default 077) Connect_Form_Port_20 = YES (Enable FTP Data Port) * xferlog_enable = YES (Activate uploading and the log) xferlog_std_format = yes (using standard log format) fftpd_banner = xxxxx (welcome information) PAM_SERVICE_NAME = VSFTPD (Verification mode) * listen = YES (independent vsftpd server) * Function: can only connect FTP server, can not be uploaded and submitted: all and log welcome information related to the option, the asterisk, no matter what account is added, it is the basic option belonging to FTP
Function: You can only connect to the FTP server, you can't upload and submit: where all and log welcome information related to the option, the asterisk, no matter what account, you have to add, it is the basic option belonging to FTP.
2. Open anonymous FTP Server Upload Limits to add the following information in the configuration file: Anon_upload_enable = YES (Open Upper Press) Anon_mkdir_write_enable = yes (can be created in this directory) Write_enable = YES (Open Local User Write Permissions) Anon_other_write_enable = yes (anonymous account can have permission to delete)
3. Open the permissions to the anonymous server to add the following information in the configuration file: anon_world_readable_only = no Note: Pay attention to the properties of the folder, anonymous account is other (other) user wants to turn on its read and write permission (R) read ----- Enter (W) Write ---- Upload (X) Execution ---- If you don't open FTP, you will not go 4. Connection (standalone server) of a normal user FTP server (independent server) Add the following information in the configuration file: local_enble = yes (local account can log in) Write_enable = no (Non-right to delete and modify the file after login) function: You can use a local account Log in to the VSFTPD server, there is a permission to download upload Note: After the information is forbidden to log in anonymously, the anonymous server can be logged in, but can not be uploaded
5. User login restrictions into other directories, can only enter the home directory setting All local users to execute chrootchroot_local_user = yes (local all accounts can only be in their own directory) Settings Specify user execution chrootchRoot_list_enable = yes (list in the file can be called ) Chroot_list_file = / etc / vsftod / chroot_list (Path to specify file storage) Note: chroot_list is not created, you need to add yourself, you want to control your account directly to add an account in the file.
6. Limit local users access ftpuserlist_enable = yes (with userList to restrict user access) UserList_deny = no (people in the Yes list do not allow access, no only people in the list can access) userlist_file = / etc / vsftOD / user_list (specified file store) Path and Name) Note: Open userList_enable = YES Anonymous account cannot be logged in (not necessarily, the result of the three combination)
7. Security Option Idle_SESSION_TIMEOUT = 600 (second) (10 minutes after user session) DATA_CONNECTION_TIMEOUT = 120 (second) (free 2 minutes] ACCEPT_TIMEOUT = 60 (second) (idle the client 1 minute later) Connect_timeout = 60 (Second) (interrupted 1 minute, reconnection) local_max_rate = 50000 (Bite) (Local User Transmission Rate 50K) Anon_max_rate = 30000 (Bite) (Anonymous User Transfer Rate 30K) PASV_MIN_PORT = 50000 (transform the client's data connection port PASV_MAX_PORT = 60000 50000-60000 Between Max_Clients = 200 (maximum number of ftp) MAX_PER_IP = 4 (maximum number of connections per IP) listen_port = 5555 (specified 5555 port data connection)
8. View who landed FTP and killed its process (not trying to try) PS -XF | GREP FTPKILL process number
