Part of the master VSFTPD

This article a detailed explanation of the configuration VSFTP

Environment: linux as 3.0 + vsftpd -1.2.0-4 system architecture, is under a stand-alone server in Oh!
1. Configure the FTP access to local group

First create a test user group and the FTP home directory

groupadd test

mkdir / tmp / test

And then create a user

useradd-G test-d / tmp / test-M usr1

Note: G: User's Group d: that the creation of the user's own directory to give the location of the designated

M: do not set up the default home directory, that is in the / home directory does not have its own under

useradd-G test-d / tmp / test-M usr2

Then change the folder permissions are proprietors

chown usr1.test / tmp / test ---- This means that the / tmp / test is the main set of usr1

chmod 750 / tmp / test ---- 7 said that the wrx 5 What permissions rx 0 did not

The purpose of this experiment is that there are usr1 upload, delete, and download permissions

And download authority usr2 not only to upload and delete permissions

Of course we all do not forget the main configuration file vsftpd.conf

To determine local_enable = yes, write_enable = yes, chroot_local_usr = yes These three options are some of Oh!

2. FTP server configuration independent of the non-standard data port connection

This is easy: In VSFTPD. Add CONF

Listen_port = 33333

You can it!

The key to good, and this is why I called you because of articles! ^ _ ^ (Oh, we should not throwing eggs!)

3. Configure separate virtual FTP, Virtual FTP users to use and set up four accounts have different permissions

(Two have read permissions to the directory, a browser, upload, download the permissions, a browser, download, delete, and change the name of the file permissions)

A: Configure the network card

First address is the network card is 10.2.3.4 mask 255.255.0.0

ifconfig eth0: 1 211.131.4.253 netmask 255.255.255.0 up

B: write / etc / sysconfig in (in order to re-play will not be lost after the IP address)

cd / etc / sysconfig / network-scripts

cp ifcfg-eth0 ifcfg-eth0: 1

vi ifcfg-eth0: 1 in which the changes are as follows

DEVICE = eth0: 1

BROADCAST = 211.131.4.255

HWADDR = the MAC address of the card

IPADDR = 211.131.4.253

NETMASK = 255.255.255.0

NETWORK = 211.131.4.0

ONBOOT = yes

TYPE = Ethernet

wq launch

C: enter the folder where the vsftpd.conf

cp vsftpd.conf vsftpd2.conf

Modified to add the following information vsftpd.conf

Listen_address = 10.2.3.4

Modified to add the following information vsftpd2.conf

Listen_address = 211.131.4.253

Ftpd_banner = this is a virtual ftp test

This virtual FTP server to establish good

D: the establishment of logins.txt

vi / tmp / logins.txt

Added to the next message:

Username longlei ------------

Password longlei ------------

zhangweibo

zhangweibo

jinhui

jinhui

lxp

lxp

I should be in accordance with the format to the Oh, a user name, a password you

F: the establishment of the visitor's password database file, and then to change its permissions

db_load-T-t hash-f / tmp / logins.txt / etc / vsftpd_login.db

G: Progressive, such as / etc / pam.d / create ftp.vu

In this file add the following information

auth required / lib / security / pam_userdb.so db = / etc / vsftpd_login

account required / lib / security / pam_userdb.so db = / etc / vsftpd_login

H: in / var / ftp / create a directory and change its properties and it is the main

useradd-d / var / ftp / test qiang

chmod 700 / var / ftp / test

Add in the directory test_file test file

I: access to information which vsftpd2.conf modification (I added that)

Listen_yes

Anonymous_enable = no

Local_enable = yes

Write_enable = no

Anon_upload_enable = no

Anon_mkdir_write_enable = no

Anon_other_write_enable = no

Chroot_local_user = yes

Guest_enable = yes ---------- the use of virtual users

Guest_username = qiang ------ virtual users mapped to local user

Listen_port = 5555

Max_client = 10

Max_per_ip = 1

Ftpd_banner = this is a virtual server and users

Pam_service_name = ftp.vu

Note: in the main configuration file permissions to the lower sub-user management at the back when the permissions on the support of the space division of the greater, because the main configuration file service to a maximum time limit of the main configuration file, and then read the user's configuration file

Re-play services

USER on this virtual set up a

J: In VSFTPD. CONF create the directory where the file directory virtaul

And create a directory in the document to your user name of the configuration file named

Longlei zhangweibo jinhui lxp

In longlei add:

Anon_world_readable_only = no

Add in lxp

Anon_world_readable_only = no

So this will have a two users visit the directory permissions of the

Add in jinhui

Anon_world_readable_only = no

Write_enable = yes

Anon_upload_enable = yes

This user will have a upload, download and browsing permissions

Add in zhangweibo

Anon_world_readable_only = no

Write_enable = yes

Anon_upload_enable = yes

Anon_other_write_enable = yes

This user will have a upload, download, delete files, modify the file name and browse permissions

K: modified vsftpd2.conf

Adding user_config_dir = / vsftpd.conf directory where / virtual

Get re-starting the server on the

Well we do not go away, and now introduced VSFTPD. CONF I know of all the configuration information

Anonymous_enable = yes (to allow anonymous login)

Dirmessage_enable = yes (change directory to show directory. Message contents)

Local_umask = 022 (FTP on the local file permissions, the default is 077)

Connect_form_port_20 = yes (enabled data FTP data connection port) *

Xferlog_enable = yes (to upload and download to activate the log)

Xferlog_std_format = yes (using the standard log format)

Ftpd_banner = XXXXX (welcome message)

Pam_service_name = vsftpd (authentication) *

Listen = yes (independent VSFTPD server) *

Anon_upload_enable = yes (From open access)

Anon_mkdir_write_enable = yes (to create the directory at the same time be able to upload files in this directory)

Write_enable = yes (to open up the domestic users write permissions)

Anon_other_write_enable = yes (anonymous account permissions can be deleted)

Anon_world_readable_only = no (open anonymous users browser access)

Ascii_upload_enable = yes (From the opening of the ASCII transfer mode)

Ascii_download_enable = yes (enabled download ASCII transfer mode)

Banner_file = / var / vsftpd_banner_file (after the welcome message users to connect using this document, the relevant information)

Idle_session_timeout = 600 (seconds) (the user's session after idle for 10 minutes)

Data_connection_timeout = 120 (seconds) (the data connection is idle for 2 minutes off)

Accept_timeout = 60 (seconds) (the client is idle after 1 minute off)

Connect_timeout = 60 (seconds) (1 minute after interruption of re-connection)

Local_max_rate = 50000 (bite) (local user transfer rate 50K)

Anon_max_rate = 30000 (bite) (anonymous users transmission rate of 30K)

Pasv_min_port = 50000 (the client's data port to the

Between Pasv_max_port = 60000 50000-60000)

Max_clients = 200 (FTP to connect the largest number)

Max_per_ip = 4 (the maximum connection per IP number)

Listen_port = 5555 (from 5555 data port connection)

Local_enble = yes (local account to login)

Write_enable = no (local account, after landing the right to delete, and modify the file)

This is a group of

Chroot_local_user = yes (all accounts are local only in its own directory)

Chroot_list_enable = yes (the list of documents can be called)

Chroot_list_file = / arbitrary designated path / vsftpd.chroot_list

(Provided that chroot_local_user = no)

This is a group of

Userlist_enable = yes (in the specified file in the user can not access)

Userlist_deny = yes

Userlist_file = / The specified path / vsftpd.user_list

Began to list the

Banner_fail = / path / file name (when the show failed to connect the contents of the document)

Ls_recurse_enable = no

Async_abor_enable = yes

One_process_model = yes

Listen_address = 10.2.2.2 (virtual service will be bound to a port)

Guest_enable = yes (virtual users can login)

Established Guest_username = the user name (the virtual user mapping to local user)

User_config_dir = / arbitrary designated path / strategy for the user built their own folder

(Specify a different virtual user profile path)

Is a group of

Chown_uploads = yes (to change file owner for root)

Chown_username = root

Is a group of

Deny_email_enable = yes (whether or not to allow anonymous users to prohibit the use of certain e-mail address)

Banned_email_file = / / arbitrary designated path / xx /

Is a list of

Pasv_enable = yes (the server side with passive mode)

User_config_dir = / arbitrary designated path / / any file directory (specified virtual user configuration file stored in the path)