Configure FTP Server - Vsftpd
2014/08/16 |
Install Vsftpd to configure FTP Server.
|
|
[1] | Install Vsftpd. |
[root@www ~]#
yum -y install vsftpd
[root@www ~]#
vi /etc/vsftpd/vsftpd.conf # line 12: no anonymous anonymous_enable= NO
# line 81,82: uncomment ( allow ascii mode ) ascii_upload_enable=YES ascii_download_enable=YES # line 96,97: uncomment ( enable chroot ) chroot_local_user=YES chroot_list_enable=YES # line 99: uncomment ( specify chroot list ) chroot_list_file=/etc/vsftpd/chroot_list # line 105: uncomment ls_recurse_enable=YES # add follows to the end # specify root directory ( if don't specify, users' home directory become FTP home directory) local_root=public_html
# use localtime use_localtime=YES
[root@www ~]#
vi /etc/vsftpd/chroot_list # add users who are not applied with chroot cent
/etc/rc.d/init.d/vsftpd start Starting vsftpd for vsftpd: [ OK ] [root@www ~]# chkconfig vsftpd on
|
[2] | If IPTables is running, allow FTP port and fixed PASV ports. For "-I INPUT 5" section below, Replace it to your own environment. |
[root@www ~]#
vi /etc/vsftpd/vsftpd.conf # add follows to the end: fix PASV ports
pasv_enable=YES
pasv_min_port=21000 pasv_max_port=21010 /etc/rc.d/init.d/vsftpd restart [root@www ~]# iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT [root@www ~]# iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 21000:21010 -j ACCEPT |
[3] | If SELinux is enabled, change bollean setting. |
[root@www ~]# setsebool -P allow_ftpd_full_access on
|