To setup a ftp server under Linux - server - newfreesoft.com

Home

PC Games

Linux

Windows

Database

Network

Programming

Server

Mobile


	Home \ Server \ To setup a ftp server under Linux			- Android Studio 1.0.2 set the memory size (Linux) - Python uses multi-process pool (Programming) - Linux keyboard recording script (Linux) - The most concise explanation of JavaScript closures (Programming) - Testing Oracle 11g RMAN replicate database (Database) - Linux serial port driver test (Linux) - Linux common network tools: Scan routing of mtr (Linux) - OpenNMS separate database (Server) - Git Experience Sharing - Using a remote repository (Linux) - C language print various graphic (Programming) - Java proxy mode (Programming) - Installation of Python2.7.8 and iPython under CentOS6.5 (Linux) - Linux simple commands (Linux) - Oracle inline view updates problems encountered (Database) - Using packet capture libpcap be reconciliation package in Ubuntu 14.04 64 bits (Linux) - Father of Python: Why Python zero-based index (Programming) - Sorting algorithm of dichotomy (binary) insertion sort algorithm (Programming) - Linux - EXT2 file system is described in detail (Linux) - Linux file compression and file system packaged with instructions (Linux) - Solve ORA-01012: not logged on (Database)

	To setup a ftp server under Linux
	Add Date : 2018-11-21



	Detailed set up a ftp server on Linux. ftp work will start two channels: Control channel, the data channel In the ftp protocol, the control connections are initiated by the client, and the data connection has two modes: port mode (active mode) and pasv (passive mode) PORT mode: When the client needs to receive data, ftp_client (random port greater than 1024) -PORT Command -> ftp_server (21) sends the PORT command, the PORT command contains the client what port is used to receive data (random port greater than 1024) when transferring data, ftp_server will create a new connection on port TCP 20 port and its own pORT contained to transfer data. PASV mode: When transferring data, ftp_client - PASV command -> ftp_server (21) sends a PASV command, ftp_server automatically opens a random port between 1024--5000 and notification ftp_client transmit data on this port, then the client to the specified port connection request to establish a data link for data transmission. Installation ftp #rpm -qa vsftpd to see if you have installed #yum install -y vsftpd #rpm -ql vsftpd /etc/logrotate.d/vsftpd. vsftpd log file /etc/pam.d/vsftpd PAM authentication file /etc/rc.d/init.d/vsftpd startup script / Etc / vsftpd vsftpd configuration file directory / Etc / vsftpd / ftpusers prohibited vsftpd user list file / Etc / vsftpd / user_list prevents or allows use vsftpd user list file /etc/vsftpd/vsftpd.conf master configuration file Some variables /etc/vsftpd/vsftpd_conf_migrate.sh vsftpd operations and settings / Usr / sbin / vsftpd vsftpd main program Manuals and other documentation files slightly! / Var / ftp anonymous user's home directory / Var / ftp / pub anonymous users download directory #service vsftpd start #chkconfig --level vsftpd #chkconfig --level 2345 vsftpd on 2 anonymous user's login name: ftp (anonymous) empty password, login directory is / var / ftp When using the default anonymous user login is only downloaded authority, no upload, create, and delete permissions: #vim /etc/vsftpd/vsftpd.conf anon_upload_enable = YES Upload anon_mkdir_write_enable = YES Create anon_other_write_enable = YES to delete #service vsftpd restart For security should prohibit anonymous user login: 123456 #vim /etc/vsftpd/vsftpd.conf anonymous_enable = NO # Anon_upload_enable = YES Upload # Anon_mkdir_write_enable = YES Create # Anon_other_write_enable = YES to delete #service vsftpd restart 3 Create a user to log into the system directly log ftp: #useradd -s / sbin / nologin viong #passwd viong Users have uploaded create a download directory switching -------------------------------------------------- ---------------- 4 Strengthening vsftp security settings: Locking system users at home directory: #vim /etc/vsftpd/vsftpd.conf chroot_list_enable = YES chroot_list_file = / etc / vsftpd / chroot_list more restrictive system users, the need to limit users to join the / etc / vsftpd / chroot_list in to #touch / etc / vsftpd / chroot_list #cut -d: -f 1 / etc / passwd >> / etc / vsftpd / chroot_list local users are added to chroot_list Limit critical system users can download ftp: #cat / etc / vsftpd / ftpusers by default have been added to the system in some of the more important user #echo "viong" >> / etc / vsftpd / ftpusers viong at this time can not log on ftp Use ftp ftp login user policy allows users of the system: / Etc / vsftpd / user_list Only the user can log in this file: #vim /etc/vsftpd/vsftpd.conf Behind userlist_enable = YES # added userlist_deny = NO userlist_file = / etc / vsftpd / user_list Setting login ftp target ip address: Using iptables settings --------------------------------------- Build support SSL encrypted transmission vsftpd: #openssl req -x509 -nodes -days 365 -newkey rsa: 1024 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem generate a certificate #vim /etc/vsftpd/vsftpd.conf ssl_enable = YES allow_anon_ssl = NO force_local_data_ssl = YES force_local_logins_ssl = YES ssl_tlsv1 = YES ssl_sslv2 = YES ssl_sslv3 = YES rsa_cert_file = / etc / vsftpd / vsftpd.pem Here are some definitions ssl parameters, to modify according to their needs: ssl_enable = yes / no // whether to enable SSL, the default is no allow_anon_ssl = yes / no // whether to allow anonymous users to use SSL, the default is no rsa_cert_file = / path / to / file // position rsa certificate dsa_cert_file = / path / to / file // position dsa certificate force_local_logins_ssl = yes / no // non-anonymous user login is encrypted, the default is yes force_local_data_ssl = yes / no // non-anonymous users to transfer data is encrypted, the default is yes force_anon_logins_ssl = yes / no // anonymous user login is encrypted, the default is no When force_anon_data_ssl = yes / no // anonymous user data transmission is encrypted, the default is no ssl_sslv2 = yes / no // sslv2 encryption is active, no default ssl_sslv3 = yes / no // sslv3 encryption is active, no default ssl_tlsv1 = yes / no // whether to activate tls v1 encryption, the default yes ssl_ciphers = // default encryption method is DES-CBC3-SHA #service vsftpd restart Flashftp connection with: Connection type: FTP using public SSL (validation SSL) Address: 192.168.137.130: 21 Log type: User: viong Password: 123



	More:
	- Use py2exe to generate exe files Python script (Programming) - Xmanager Remote Desktop connection CentOS (Linux) - Network traffic monitoring ntopng (Linux) - CUDA (including GPU card driver) installation process under Ubuntu (Linux) - How to deploy Icinga server (Server) - Ora-00439: feature not enabled: managed standby (Database) - Linux operating system boot manager -GRUB (Linux) - C ++ implementation of the list of basic operations and test cases (Programming) - Linux ps command (Linux) - MongoDB in bulk timestamp change the date format (Database) - Hadoop - Task Scheduling System Comparison (Server) - Internal class broadcasting needs public and static (Programming) - Linux linux system security (Linux) - Spring AOP custom annotation way to achieve log management (Programming) - Terminal multiplexing tool tmux use (Linux) - crontab cause CPU exception Analysis and Processing (Linux) - Ubuntu 15.04 and Ubuntu 14.04 installed Cinnamon 2.6 (Linux) - Android basics summary article (Programming) - The practical application of Oracle synonyms + dblink (Database) - Creating and extracting archives 11 tar command examples in Linux (Linux)


	CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.