1. Installing the VSFTPD server vsftpd is one of the best FTP server tools in Linux. The VS is the abbreviation of "Very Secure". It can be seen that its maximum advantage is safe, in addition to this, it also has volume Small, customizable, high efficiency.
If you choose to completely install Red Hat Linux 9.0, the system will be installed by default to the VSFTPD server. We can verify the following command in the Terminal Command window:
[root @ ahpeng root] RPM -QA GREP VSFTPD
If the result is displayed as "VSFTPD-1.1.3-8", the system has already installed the VSFTPD server. If you do not select the VSFTPD server when installing Red Hat Linux 9.0, you can click the "Main Menu → System Settings → Add Remove Application" menu item in the graphical environment, make sure "FTP" in the "Package Management" dialog box appears. Server option, and then click the "Update" button, follow the screen prompt to insert the third installation CD to start the installation.
Alternatively, you can also insert the third installation disc, locate the VSFTPD-1.1.3-8.i386.rpm installation package under / redhat / rpms, and then run the following command in the Terminal Command window:
[root @ AHPENG RPMS] rpm -ivh vsftpd-1.1.3-8.i386.rpm 2. Start / restart / stop vsftpd service starts from Red Hat Linux 9.0, vsftpd defaults to start VSFTPD service using Standalone mode by default, the method is Terminal Command Window Run the following command:
[root @ ahpeng root] /etc/rc.d/init.d/vsftpd start
Restart the vsftpd service:
[root @ ahpeng root] /etc/rc.d/init.d/ vsftpd restart
Turn off VSFTPD service:
[root @ ahpeng root] /etc/rc.d/init.d/ vsftpd stop
After confirming that the VSFTPD service has been launched, we can enter "ftp ftpaddres" in any Windows host's DOS command window (instead of ftpaddres), pay attention to the username, the password is FTP (FTP is The mapping user account of anonymous user) is as described below:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
F: / peter> ftp ftpaddress
Connected to fTPAddress
220 (vSFTPD 1.1.3) // VSFTPD response request
User (ftpaddress: (none): ftp // Enter user account FTP
331 Please Specify The Password.
Password: // Enter password ftp
230 Login Successful. Have fun.
FTP>
3. VSFTPD is configured in Red Hat Linux 9.0, a total of 3 profiles, which are:
vsftpd.ftpusers: located in the / etc directory. It specifies which user accounts cannot access FTP servers, such as root, etc.
vsftpd.user_list: Located in the / etc directory. The user account in this file cannot access the FTP server by default, and access is only allowed if the userlist_enable = no option is enabled in the vsftpd .conf configuration file.
vsftpd.conf: Located in the / etc / vsftpd directory. It is a text file, we can modify it with a text editing tool such as Kate, VI, from defining user login control, user rights control, timeout setting, server function option, server performance option, server response message, etc. FTP server Configuration. (1) User login control
Anonymous_enable = YES allows an anonymous user to log in.
No_on_password = YES, no password is required when logging in anonymous user.
Local_enable = YES allows local users to log in.
Deny_EMAIL_ENABLE = YES, you can create a file to save some of the blacklists of some anonymous emails to prevent these people from using DOS attacks.
Banned_Email_File = / etc / vsftpd.banned_emails, when you enable Deny_Email_enable, the desired email blacklist save the path (default to /etc/vsftpd.banned_emails). (2) User rights control WRITE_ENABLE = YES to open global upload permissions.
Local_umask = 022, the UMASK of the upload file of the local user is set to 022 (the system default is 077, which is generally changed to 022).
Anon_upload_enable = YES, allowing anonymous users to have uploaded rights, which is obvious, and Write_enable = YES must be enabled to use this. At the same time, we must also establish a directory that allows FTP users to read and write (earlier, FTP is an anonymous user account).
Anon_mkdir_write_enable = yes allows an anonymous user to have the right to create a directory.
Chown_uploads = yes, enabled this, the owner user of an anonymous upload file will change to another user account, note that not specifying the ROOT account is the owner user who is an anonymous upload file!
Chown_username = Whoever, when chamfered, the owner user account specified, where the Whoever is naturally replaced with the appropriate user account.
Chroot_list_enable = YES, you can use a list to qualify which local users can only act in their own directory, if chroot_local_user = YES, then the user specified in this list is unrestricted.
Chroot_list_file = / etc / vsftpd.chroot_list, if chroot_local_user = yes, specify the save path (default /etc/vsftpd.chroot_list).
NOPRIV_USER = ftpsecure, specify a secure user account, allowing the FTP server to use independent users that are completely isolated and without privilege. This is a VSFTPD system recommendation option.
Async_abor_enable = yes, it is highly recommended not to enable this option, otherwise it will cause an error!
ASCII_UPLOAD_ENABLE = YES; ASCII_DOWNLOAD_ENABLE = YES, By default, the server pretends to accept the ASCII mode request but is actually ignored, and the two options to enable the above-mentioned two options can truly implement the transmission of ASCII mode.
Note: Enabling the ASCII_DOWNLOAD_ENABLE option allows malicious remote users to consume the I / O resource of the FTP server with the command of "size / big / file" in the ASCII mode.
These ASCII mode setting options are allocated to upload and download, so we can allow the upload of the ASCII mode (which can prevent malicious files such as uploading scripts, without crashing) without the risk of rejecting service attacks. (3) User connection and timeout option idle_session_timeout = 600, you can set the default idle timeout, the user will be kicked by the server over this time.
DATA_CONNECTION_TIMEOUT = 120, set the default data connection timeout time.
(4) Server logs and welcome information
DirMessage_enable = YES allows display information to display information to display the contents of the Message_File file below each directory.
FTPD_BANNER = Welcome To Blah FTP Service, you can customize the FTP user to log in to the server.
XFerLog_enable = YES, enable record upload / download activity logging.
XFerLog_File = / var / log / vsftpd.log, you can customize the saving path and file name of the log file, default /var/log/vsftpd.log.
