Build FTP server under CentOS-Linux Operation and Maintenance-php.cn

Home

Operation and Maintenance

Linux Operation and Maintenance

Build FTP server under CentOS

巴扎黑

Sep 04, 2017 pm 02:26 PM

centosbuildserver

vsftpd is a well-known FTP server under Linux. Of course, this is the first choice when building an FTP server.

This article introduces the process of installing vsftpd and configuring virtual users to log in to FTP under CentOS 6.4.

Text:

One: Install vsftpd

Check whether vsftpd has been installed

rpm -qa | grep vsftpd
#如果没有，就安装，并设置开机启动
yum -y install vsftpd
chkconfig vsftpd on

Two: Configuration based on virtual users

So-called A virtual user is one who does not use a real account, but only for the purpose of mapping to a real account and setting permissions. Virtual users cannot log in to the CentOS system.

Modify the configuration file

Open /etc/vsftpd/vsftpd.conf and make the following configuration

anonymous_enable=NO #设定不允许匿名访问
local_enable=YES #设定本地用户可以访问。注：如使用虚拟宿主用户，在该项目设定为NO的情况下所有虚拟用户将无法访问
chroot_list_enable=YES #使用户不能离开主目录
ascii_upload_enable=YES
ascii_download_enable=YES #设定支持ASCII模式的上传和下载功能
pam_service_name=vsftpd #PAM认证文件名。PAM将根据/etc/pam.d/vsftpd进行认证
以下这些是关于vsftpd虚拟用户支持的重要配置项，默认vsftpd.conf中不包含这些设定项目，需要自己手动添加
guest_enable=YES #设定启用虚拟用户功能
guest_username=ftp #指定虚拟用户的宿主用户，CentOS中已经有内置的ftp用户了
user_config_dir=/etc/vsftpd/vuser_conf #设定虚拟用户个人vsftp的CentOS FTP服务文件存放路径。存放虚拟用户个性的CentOS FTP服务文件(配置文件名=虚拟用户名
进行认证
chroot_list_file=/etc/vsftpd/vuser_passwd.txt

First, install the Berkeley DB tool. Many people cannot find the problem of db_load This package is just not installed.

yum install db4 db4-utils

Then, create the user password text /etc/vsftpd/vuser_passwd.txt. Note that the odd lines are the user name and the even lines are the password.

test
123456

Then, generate the db file for virtual user authentication

db_load -T -t hash -f /etc/vsftpd/vuser_passwd.txt /etc/vsftpd/vuser_passwd.db

Then, edit the authentication file /etc/pam.d/vsftpd, comment out all the original statements, and add the following two sentences:

auth required pam_userdb.so db=/etc/vsftpd/vuser_passwd
account required pam_userdb.so db=/etc/vsftpd/vuser_passwd

Finally, create the virtual user configuration file

mkdir /etc/vsftpd/vuser_conf/
vi /etc/vsftpd/vuser_conf/test  #文件名等于vuser_passwd.txt里面的账户名，否则下面设置无效
内容如下
local_root=/ftp/www  #虚拟用户根目录,根据实际情况修改
write_enable=YES
anon_umask=022 #掩码
anon_world_readable_only=NO 
anon_upload_enable=YES 
anon_mkdir_write_enable=YES
anon_other_write_enable=YES

Set Selinux (if your selinux is turned on)

setsebool -P ftp_home_dir=1   #设置ftp可以使用home目录
sersebool -P allow_ftpd_full_access=1   #设置ftp用户可以有所有权限

Set FTP root directory permissions

mkdir /ftp/www   #创建目录
chmod R 755 /ftp
chmod R 777 /ftp/www

The latest vsftpd requires no write permissions on the home directory, so ftp is 755, then set 777 permissions on the subdirectories under the main directory

Set up the firewall

Open /etc/sysconfig/iptables

In "-A INPUT –m state --state NEW –m tcp –p –dport 22 –j ACCEPT”, add:

-A INPUT m state --state NEW m tcp p dport 21 j ACCEPT

Then save and close the file, run the following command in the terminal to refresh the firewall configuration:

service iptables restart

OK, run "service vsftpd start" and you can access your FTP server.

Configure PASV mode

vsftpd does not enable PASV mode by default. Now FTP can only be connected through PORT mode. To enable PASV by default, you need to open /etc/ through the following configuration

vsftpd/vsftpd.conf, add

pasv_enable=YES   #开启PASV模式
pasv_min_port=40000   #最小端口号
pasv_max_port=40080   #最大端口号
pasv_promiscuous=YES

at the end and open ports 40000 to 40080 in the firewall configuration

-A INPUT m state --state NEW m tcp p dport 40000:40080 j ACCEPT

Restart iptabls and vsftpd

service iptables restart
service vsftpd restart

Now you can use PASV mode to connect to you FTP server~

Common errors:

Question 1:

But after I followed the configuration steps, I found that it was

530 every time Login incorrect

After searching around, I found that I created vsftpd.vu for verification in the root directory of etc, instead of /etc/pam.d/vsftpd.vu

Question 2 ：

I modified the above problem, but still can’t log in, prompting me:

500 OOPS:bad bool value in config file for:anon_world_readable_only

I googled and found someone It is said that there cannot be spaces at the end of the configuration file. When I open my own configuration file, I see that there are several spaces at the end of the entire file, not just at the end of the anon_world_readable_only line. Alas, be careful when copying and pasting configurations from web pages.

Question 3:

500 OOPS: vsftpd: cannot locate user specified in 'guest_username': aaA

This question is very strange. In the end, it was found that it was a problem with the final case. It should be 'aaa'

So pay attention to the details, it is very simple to install the above steps

The above is the detailed content of Build FTP server under CentOS. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Linux Operations: Utilizing the Maintenance ModeApr 19, 2025 am 12:08 AM

Linux maintenance mode can be entered through the GRUB menu. The specific steps are: 1) Select the kernel in the GRUB menu and press 'e' to edit, 2) Add 'single' or '1' at the end of the 'linux' line, 3) Press Ctrl X to start. Maintenance mode provides a secure environment for tasks such as system repair, password reset and system upgrade.

Linux: How to Enter Recovery Mode (and Maintenance)Apr 18, 2025 am 12:05 AM

The steps to enter Linux recovery mode are: 1. Restart the system and press the specific key to enter the GRUB menu; 2. Select the option with (recoverymode); 3. Select the operation in the recovery mode menu, such as fsck or root. Recovery mode allows you to start the system in single-user mode, perform file system checks and repairs, edit configuration files, and other operations to help solve system problems.

Linux's Essential Components: Explained for BeginnersApr 17, 2025 am 12:08 AM

The core components of Linux include the kernel, file system, shell and common tools. 1. The kernel manages hardware resources and provides basic services. 2. The file system organizes and stores data. 3. Shell is the interface for users to interact with the system. 4. Common tools help complete daily tasks.

Linux: A Look at Its Fundamental StructureApr 16, 2025 am 12:01 AM

The basic structure of Linux includes the kernel, file system, and shell. 1) Kernel management hardware resources and use uname-r to view the version. 2) The EXT4 file system supports large files and logs and is created using mkfs.ext4. 3) Shell provides command line interaction such as Bash, and lists files using ls-l.

Linux Operations: System Administration and MaintenanceApr 15, 2025 am 12:10 AM

The key steps in Linux system management and maintenance include: 1) Master the basic knowledge, such as file system structure and user management; 2) Carry out system monitoring and resource management, use top, htop and other tools; 3) Use system logs to troubleshoot, use journalctl and other tools; 4) Write automated scripts and task scheduling, use cron tools; 5) implement security management and protection, configure firewalls through iptables; 6) Carry out performance optimization and best practices, adjust kernel parameters and develop good habits.

Understanding Linux's Maintenance Mode: The EssentialsApr 14, 2025 am 12:04 AM

Linux maintenance mode is entered by adding init=/bin/bash or single parameters at startup. 1. Enter maintenance mode: Edit the GRUB menu and add startup parameters. 2. Remount the file system to read and write mode: mount-oremount,rw/. 3. Repair the file system: Use the fsck command, such as fsck/dev/sda1. 4. Back up the data and operate with caution to avoid data loss.

How Debian improves Hadoop data processing speedApr 13, 2025 am 11:54 AM

This article discusses how to improve Hadoop data processing efficiency on Debian systems. Optimization strategies cover hardware upgrades, operating system parameter adjustments, Hadoop configuration modifications, and the use of efficient algorithms and tools. 1. Hardware resource strengthening ensures that all nodes have consistent hardware configurations, especially paying attention to CPU, memory and network equipment performance. Choosing high-performance hardware components is essential to improve overall processing speed. 2. Operating system tunes file descriptors and network connections: Modify the /etc/security/limits.conf file to increase the upper limit of file descriptors and network connections allowed to be opened at the same time by the system. JVM parameter adjustment: Adjust in hadoop-env.sh file

How to learn Debian syslogApr 13, 2025 am 11:51 AM

This guide will guide you to learn how to use Syslog in Debian systems. Syslog is a key service in Linux systems for logging system and application log messages. It helps administrators monitor and analyze system activity to quickly identify and resolve problems. 1. Basic knowledge of Syslog The core functions of Syslog include: centrally collecting and managing log messages; supporting multiple log output formats and target locations (such as files or networks); providing real-time log viewing and filtering functions. 2. Install and configure Syslog (using Rsyslog) The Debian system uses Rsyslog by default. You can install it with the following command: sudoaptupdatesud

See all articles