代码改变世界

setup FTP server on CentOS 7

2017-03-31 22:50  Wizardlsw  阅读(370)  评论(0编辑  收藏  举报

Setup FTP Server on CentOS 7

Install vsftpd

vsftpd (Very Secure File Transport Protocol Daemon) is a secure, fast FTP server for Unix/Linux systems.

 

# install vsftp
yum install vsftpd -y


#edit config file and
## disable anonymous login : change YES to NO
## uncomment ascii_upload_enable=YES and ascii_download_enable=YES
## Uncomment - Enter your Welcome message - This is optional ##
# ftpd_banner=Welcome to UNIXMEN FTP service.

vim /etc/vsftpd/vsftpd.conf


## Add at the end of this  file ##
use_localtime=YES
#change to NO for listen_ipv6
listen_ipv6=NO
#change to YES for listen
listen=YES

#Following part is very important!!!

pasv_enable=YES
pasv_min_port=5000
pasv_max_port=6000
pasv_address=xxx.xxx.xxx.xxx  #public IP goes here

#optional
listen_port=2121
#Enable and start the vsftpd service: systemctl enable vsftpd systemctl start vsftpd

Add new User and set password

By default, root user is not allowed to login to ftp server for security purpose. So, let us create a normal testing user called “sk” with password “centos”.

useradd sk
passwd sk

> ftp 192.168.1.101

Errors and solutions:

1. vsftpd 425 Security: Bad IP connecting

   主要是需要在/etc/vsftpd/vsftpd.conf文件中添加如下一行: pasv_promiscuous=YES

   然后重启: systemctl restart vsftpd 解决问题

2、ftp中使用get后,文件位于本地哪里: 命令: lcd   或者指定目录 lcd /home/myfolder/testfolder

3、报“use PORT or PASV first.”, 需要使用命令:  quote pasv 或者quote port来切换。

4、关于zip/unzip,请访问 http://www.cnblogs.com/swlin/p/PHP.html

 

Set folder of ftp for user

Simple way:

https://unix.stackexchange.com/questions/94603/limit-ftp-access-only-to-the-var-www-with-vsftpd

Method 1: change user home default directory

Make sure following line exists:

chroot_local_user=YES

Set user HOME Directory to /var/www/ , if you want to change for existing user then you can use:

usermod --home /var/www/ username

then set required permission on /var/www/

Method 2: Use user_sub_tokenIf you don't want to change user's Home directory then you can use:

chroot_local_user=YES
local_root=/ftphome/$USER
user_sub_token=$USER

About user_sub_token

Automatically generate a home directory for each virtual user, based on a template. For example, if the home directory of the real user specified via guest_username is /ftphome/$USER, and user_sub_token is set to $USER, then when virtual user test logs in, he will end up (usually chroot()'ed) in the directory /ftphome/test. This option also takes affect if local_root contains user_sub_token.

Advanced way

http://askubuntu.com/questions/575523/how-to-setup-virtual-users-for-vsftpd-with-access-to-a-specific-sub-directory  (TO BE READ)

https://superuser.com/questions/269882/can-i-upload-an-entire-folder-using-ftp (TO BE READ)

 

How to remove systemd services

My recipe for service obliteration (be careful with the rm statements!)

systemctl stop [servicename]
systemctl disable [servicename]
rm /etc/systemd/system/[servicename]
rm /etc/systemd/system/[servicename] symlinks that might be related
systemctl daemon-reload
systemctl reset-failed

  

Reference

https://www.unixmen.com/install-configure-ftp-server-centos-7/

http://www.cnblogs.com/hhuai/archive/2011/02/12/1952647.html

FTP Commands: https://www.cs.colostate.edu/helpdocs/ftp.html

FTP Config: http://vsftpd.beasts.org/vsftpd_conf.html