Establishment and basic use of vsftp server

brief introduction

vsftpd yes “very secure FTP daemon” Abbreviation , It's a completely free one 、 Open source ftp Server software . Characteristic is ： Very high security requirements 、 Bandwidth limitation 、 Good scalability, etc .

working principle ：

vsftpd Use ftp agreement , This protocol belongs to the application layer protocol . It's typical of c/s framework ,ftp The server is used to store files ,ftp The client can use the ftp The protocol connects the server to upload and download resources .

ftp Use tcp Of 21 Port for command transmission , And then use tcp Of 20 Port for data transmission （ Active mode ）.

Installation and deployment ：

yum install vsftpd ftp lftp -y

vsftpd: For server software

ftp、lftp： For client tools , Recommended lftp

Start the service ：

systemctl start vsftpd

Anonymous user login access ：

use ftp Client anonymous login requires user name and password verification , The anonymous user name is ：ftp perhaps anonymous, The password is empty. .

use lftp Client anonymous login does not need to enter the above information .

ftp Client connection ：

[[email protected] ~]# ftp 192.168.0.103

Connected to 192.168.0.103 (192.168.0.103).

220 (vsFTPd 3.0.2)

Name (192.168.0.103:root): ftp

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

lftp Client connection ：

[[email protected] ~]# lftp 192.168.0.103

lftp 192.168.0.103:~>

Here we focus on lftp Usage method ,ftp The client tools are used in much the same way .

Download command ：

get For downloading individual files ：

You can switch to ** Local directory **（data） Download files , preservation ：

lftp 192.168.0.103:/> lcd /data/

lcd success , Local directory =/data

lftp 192.168.0.103:/> get file003.txt

ps: When the client has connected to the server ,cd Is used to switch directory commands in the server , If you want to switch the local directory of the client, use lcd command .

mget For bulk download ：

lftp 192.168.0.103:/> mget file00*

Total 7 files transferred

The default configuration can only read and download files , Can't write and upload files ：

lftp 192.168.0.103:~> put /etc/fstab

put: Access failed: 550 Permission denied. (fstab)

lftp 192.168.0.103:/> mkdir abc

mkdir: Access failed: 550 Permission denied. (abc)

You can see that both the upload command and the create command failed , No permission to respond ！

Open anonymous user creation file , rename , Delete , Upload permission ：

# Enable upload permission

anon_upload_enable=YES

# Open create file permission

anon_mkdir_write_enable=YES

# Turn on rename , Delete permission

anon_other_write_enable=YES

Restart the service , Once again into the , I still can't create a directory , But the wrong information is different , as follows ：

lftp 192.168.0.103:/> mkdir abc

mkdir: Access failed: 550 Create directory operation failed. (abc)

This is because the directory does not have write permission , to pub Directory authorization , as follows ：

[[email protected] ~]# chmod o+w /var/ftp/pub/

[[email protected] ~]# ll /var/ftp/pub/ -d

drwxr-xrwx 3 root root 192 8 month 7 08:37 /var/ftp/pub/

Once again into the , Create directory , as follows ：

lftp 192.168.0.103:/pub> mkdir abc

mkdir success , establish `abc'

A small summary ： If you want anonymous users to have write permission , One is to enable the write permission of the server configuration file , The second is that the directory itself has permission for other users to write ！

Upload command ：

To use the upload command , You need to enable upload permission and writable permission .

grammar ：put [OPTS] <lfile> [-o <rfile>]

One 、 Upload directly without changing its name , It can be omitted. -o refile, If you don't know what files are in the local directory , have access to !dir see , as follows ：

lftp 192.168.0.103:/pub> !di

anaconda-ks.cfg favicon.png

lftp 192.168.0.103:/pub> put /etc/fstab

501 bytes transferred

In the example above , We will send the local file fstab Uploaded to the anonymous user's pub Directory .

Two 、 After uploading the file , I want to change my name , I'll take it -o refile 了 , as follows

lftp 192.168.0.103:/pub> put /etc/fstab -o fs

501 bytes transferred

lftp 192.168.0.103:/pub> ls

drwx------ 2 14 50 6 Aug 08 06:27 abc

-rw------- 1 14 50 501 Aug 08 06:34 fs

-rw------- 1 14 50 501 Aug 08 06:34 fstab

In the example above , We will send the local file fstab Uploaded to the anonymous user's pub Directory and changed the file name .

3、 ... and 、 Multiple file upload

Upload multiple files , have access to put and mput Command upload , Multiple files are separated by spaces , If you want to use wildcards , Only mput Command support :

lftp 192.168.0.103:/pub> put /etc/fstab /etc/favicon.png

1580 bytes transferred

Total 2 files transferred

lftp 192.168.0.103:/pub> ls

drwx------ 2 14 50 6 Aug 08 06:27 abc

-rw------- 1 14 50 1079 Aug 08 06:40 favicon.png

-rw------- 1 14 50 501 Aug 08 06:40 fstab

lftp 192.168.0.103:/pub> mput /etc/f*

1688 bytes transferred

Total 4 files transferred

lftp 192.168.0.103:/pub> ls

drwx------ 2 14 50 6 Aug 08 06:27 abc

-rw------- 1 14 50 1079 Aug 08 06:41 favicon.png

-rw------- 1 14 50 70 Aug 08 06:41 filesystems

-rw------- 1 14 50 501 Aug 08 06:41 fstab

-rw------- 1 14 50 38 Aug 08 06:41 fuse.conf

Local users log in to access ：

vsftpd yes “very secure FTP daemon” Abbreviation , It's a completely free one 、 Open source ftp Server software . Characteristic is ： Very high security requirements 、 Bandwidth limitation 、 Good scalability, etc .d

Set the user name and password on the server ：

[[email protected] ~]# id lutixia

uid=1000(lutixia) gid=1000(lutixia) Group =1000(lutixia)

[[email protected] ~]# echo "lutixia" |passwd --stdin lutixia

Change user lutixia Password .

passwd： All authentication tokens have been successfully updated .

Modify the configuration file , You can set not to allow anonymous users to log in , Only local users can log in ：

vim /etc/vsftpd/vsftpd.conf

anonymous_enable=NO

local_enable=YES

Restart the service . Then visit again ：

systemctl restart vsftpd

[[email protected] ~]# lftp 192.168.0.103

lftp 192.168.0.103:~> ls

`ls' at 0 [ Sending command ...]

The above login , Indicates that anonymous users can no longer log in .

[[email protected] ~]# lftp lutixia:[email protected]

lftp [email protected]:~> ls

lftp [email protected]:~>

Then log in as a local user , Just ok 了 .

Uploading and downloading are used in the same way as anonymous users .

Trouble shooting ：

If you restart , An error is as follows ：

[[email protected] ~]# systemctl restart vsftpd

Job for vsftpd.service failed because the control process exited with error code. See "systemctl status vsftpd.service" and "journalctl -xe" for details.

[[email protected] ~]# journalctl -xe

-- Unit vsftpd.service has begun starting up.

8 month 08 02:59:14 localhost.localdomain vsftpd[12751]: 500 OOPS: bad bool value in config file for: anonymous_en

8 month 08 02:59:14 localhost.localdomain systemd[1]: vsftpd.service: control process exited, code=exited status=2

terms of settlement ： This problem is usually caused by spaces , No space is allowed after each line of configuration , Not with comments .

generally ,vsftp The server is placed in the internal LAN for use , There is a firewall in front , Generally speaking, it is very safe , however vsftpd There are more secure configuration methods , Virtual users , Let's keep talking when we have time ！