This is the 18th day of my participation in the Genwen Challenge

Install VSFTPD

yum install -y vsftpd

  • By default, a user named FTP is created. The home directory is /var/ftp

  • The default is to listen on IPV6 ports

Start the

  • Independent working mode:

By default, the FTP user’s home directory is run as service VSFTPD start

  • Working mode managed by Xinetd:

Set the previous option to listen_ipv6=NO and configure the /etc/xinetd.d/ VSFTPD file

Configuration in independent working mode

VsFTPd has three configuration files:

  • /etc/vsftp/vsftpd. conf: specifies the primary configuration file of VSFTPD
Anonymous_enable =YES // Allow anonymous login local_enable=YES // Allow local users to log in write_enable=YES // Enable the write permission of local users dirmessage_enable=YES // When switching directories, Displays information about the directory. Connect_from_port_20 =YES // connection request using FTP data port 20 userlist_enable=YES // Related to vsftpd.user_list configuration file introduced earlier, Listen =YES // whether vsFTPd is allowed to run in independent startup mode; If the value is NO, you need to use another software to start vsFTPd. tcp_wrappers=YESCopy the code
  1. userlist_enable

Usage: YES/NO

If enabled, the user name in /etc/vsftpd.user_list is read. Only the user name that appears in the file can log in to FTP.

This feature allows a failure message to appear before the password is asked, without the need for a password verification program. The default value is off.

  1. userlist_deny

Usage: YES/NO

This option is checked only when userlist_Enable is started.

If this option is set to YES, users in /etc/vsftpd.user_list will not be able to log in; If set to NO, only users in /etc/vsftpd.user_list can log in.

This feature allows an error message to appear before the password is asked, without the need for a password verification program.

#Restricts access to the specified local user from other local users.
userlist_enable= YES
userlist_deny= YES
userlist_file= /etc/vsftpd.user_list

#Restrict access to the specified local user but not to other local users.
userlist_enable= YES
userlist_deny= NO
userlist_file= /etc/vsftpd.user_list

Copy the code
  • /etc/vsftp/ftpusers: controls VSFTPD access

A list of users is saved in the /etc/vsftpd.ftpusers configuration file. If the user name is in this list, it cannot FTP login over the network.

  • /etc/vsftp/user_list: indicates the list of allowed and forbidden users

Start and stop vsFTPd

  • service vsftpd [start|stop|restart]

  • /etc/rc.d/init.d/vsftpd [start|stop|restart]

  • /etc/init.d/vsftpd [start|stop|restart]

Use FTP

  • ftp xx.xx.xx.xx | open xx.xx.xx.xx
  • get | mget
  • put | mput
  • Binary | acsii set the file transfer mode
  • CD Switch the directory on the remote host
  • LCD Switches directories on the local host
  • Ls Runs the ls command on the remote host
  • Mkdir Creates a directory on the remote host
  • Close close
  • The quit out

Enable vsFtpd in xinetd mode

  1. service vsftpd stop

  2. Run the following command to change listen_ipv6=YES to listen_ipv6= NO in /etc/vsftp/vsftpd. conf

  3. Add a new file: /etc/xinetd.d/ VSFTPD:

Socket_type = stream # Wait = no # Multithreaded user = root server = /usr/sbin/vsftpd server_args = /etc/vsftpd/vsftpd.conf disable = no }Copy the code

stand alone VS xinetd

Running a single Xinetd allows you to listen on all service ports at the same time, reducing system overhead and protecting system resources. However, when the traffic volume is heavy and concurrent access occurs frequently, xinetd tries to start the corresponding network service processes frequently, which may deteriorate system performance. Therefore, when selecting the working mode, you need to make a specific analysis based on the service usage.