How to set up FTP server in CentOS7

FTP is mainly used for file transfer, and is generally implemented with vsftpd on Linux. By setting up an FTP server, file sharing can be achieved, which is at least much better than the crappy Baidu network disk.

There are three optional authentication methods for setting up an FTP server: anonymous authentication, local user authentication, and virtual user authentication. Security: anonymous authentication < local user authentication < virtual user authentication. Configuration complexity: anonymous authentication < local < virtual user authentication.

In Linux, all files have corresponding owners. Virtual user authentication means creating one or more FTP users and mapping them to a local Linux user (such as vftpuser). In this way, the mapped user is equivalent to the user vftpuser when operating the FTP directory. In addition, the virtual user authentication mode allows multiple FTPs to be configured separately, which is very flexible and convenient. Considering flexibility and security, this article chooses to use the virtual user authentication mode.

OK, ready to get started!

1. Basic Environment

Server: CentOS7.5

Client: Ubuntu Mate 18.10

FTP server: vsftpd

FTP client: FileZilla (optional)

2. Basic Process

To make it look more concise, only the basic setup process and related commands are listed.

1. Install vsftpd

yum install vsftpd

2. Create a virtual user

Create and edit the /etc/vsftpd/vuser.list file using any editor you like with the following content:

lilei
lileipasswd
hanmeimei
hmmpasswd

The odd-numbered lines of the password authentication file contain usernames, and the even-numbered lines contain corresponding passwords.

3. Create a password authentication database

db_load -T -t hash -f /etc/vsftpd/vuser.list /etc/vsftpd/vuser.db
chmod 600 /etc/vsftpd/vuser.db

-T: Transform
-t: Specify hash algorithm
-f: specify username

4. Edit PAM authentication file

Create and edit /etc/pam.d/vsftpd.vu with the following content:

auth required pam_userdb.so db=/etc/vsftpd/vuser
account required pam_userdb.so db=/etc/vsftpd/vuser

db specifies the password authentication database, without the suffix

5. Create a local user

useradd -d /home/vftpuser -s /sbin/nologin vftpuser
chmod 755 /home/vftpuser

-d: Specify the user's home directory
-s: specifies the user login shell, /sbin/nologin prohibits users from logging in through the shell to improve security

6. Map FTP user to vftpuser

Edit /etc/vsftpd/vsftpd.conf and modify the following lines:

pam_service_name=vsftpd.vu # Specify the pam authentication file guest_enable=YES # Enable mapping guest_username=vftpuser # Specify the local user for mapping user_config_dir=/etc/vsftpd/vusers_dir # Specify the location of the FTP user configuration file. If you do not need to configure each user separately, you can comment out this line

7. Configure each user individually

Create /etc/vsftpd/vuser_dir and create a configuration file with the same name for each FTP user. Here, lilei is used as an example. Create and edit /etc/vsftpd/vuser_dir/lilei with the following content:

anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
local_root=/var/www/html

The default root directory is the mapped user's home directory. You can specify a user's root directory through local_root. Note that the owner of this directory needs to be changed to vftpuser.

8. Restart vsftpd

systemctl start vsftpd

3. Notes

• Add vsftpd to the startup list to prevent inaccessibility after the server restarts;
• If the FTP server is inaccessible, please check the firewall and SElinux settings;
• After generating the password authentication database, delete the list file in time to prevent password leakage.

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.