Cent0s7.2 building ftp service

1. Install vsftpd

yum install vsftpd

2. Set startup

systemctl enable vsftpd

3. Fill in the configuration file

My configuration information
  URL:ftp://maoerfei.cn/pub/vsftpd.conf
Interpretation of relevant information

# Remove comments and overwrite
anonymous_enable=YES  //Anonymous Access 
anon_upload_enable=NO
anon_mkdir_write_enable=YES
chown_uploads=NO
async_abor_enable=YES
ascii_upload_enable=YES
ascii_download_enable=YES
ftpd_banner=Welcome to FTP service.
chroot_local_user=YES  //Users using hyperdirectories
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list  //Configure address
# Add to
use_localtime=YES
listen_port=21   //21 port access
idle_session_timeout=300
guest_enable=YES
guest_username=vsftpd
user_config_dir=/etc/vsftpd/vconf  //User's profile
data_connection_timeout=1
virtual_use_local_privs=YES
pasv_min_port=10000   //Passive access port min
pasv_max_port=10020   //Passive access port max
accept_timeout=5
connect_timeout=1

local_root=/file/vsftpdFile  //Local address / / file creation and permission required

4. User information configuration

vsftpd user information file
vim /etc/vsftpd/virtusers

#Write the following user information
ftploginer  
password1  
ftpadmin  
password2  

Generate data file

db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db
chmod 600 /etc/vsftpd/virtusers.db   

User login settings
vim /etc/pam.d/vsftpd

# First, comment out all configuration lines of auth and account, and add the following two lines. If it is a 32-bit system, change lib64 to lib
auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers    
account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers

Establish system users

# New system user vsftpd, home directory is / home/vsftpd
# The login terminal is set to / bin/false, so that it cannot log in to the system
useradd vsftpd -d /home/vsftpd -s /bin/false
chown -R vsftpd:vsftpd /home/vsftpd

vsftpd user profile

# New folder is used to store personal profile of virtual user and enter the folder
mkdir /etc/vsftpd/vconf
cd /etc/vsftpd/vconf


# Create user root
mkdir -p /home/vsftpd/ftploginer/
mkdir -p /home/vsftpd/ftpadmin/

#Create the first user information (the second is the same
vim ftploginer      
local_root=/home/vsftpd/qdh/
write_enable=YES
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES

Document processing
Create the directory mentioned in the configuration

 mkdir -p /file/vsftpdFile
 chmod -R 777 /file/vsftpdFile

5. Firewall configuration###

# View firewall status
firewall-cmd --state
# Turn on firewall if it is not running
systemctl start firewalld 
# View port opening
ffirewall-cmd --zone=public --list-ports
# Open ports 20 and 21
firewall-cmd --zone=public --add-port=20/tcp --permanent
firewall-cmd --zone=public --add-port=21/tcp --permanent
# Open port 10060 to 10090
firewall-cmd --zone=public --add-port=10000-10020/tcp --permanent
# Reload firewall
firewall-cmd --reload

6. Add Alibaba cloud security group###

Set in direction - allow - Custom tcp-20/21-1 - address segment - 0.0.0.0/0 

7. Testing

Win R -- > CMD -- > FTP -- > Open XXX -- > 230 login succeeded
 You can try    

Tags: vsftpd firewall ftp vim

Posted on Thu, 30 Apr 2020 19:11:17 -0700 by galvin