FTP on CentOS7 - VSFTP#
Experimental Environment:#
- CentOS7: 192.168.0.1
- Windows7: 192.168.0.100
Preparation:#
- Install vsftp on CentOS7
yum -y install vsftpd - Start vsftp service:
systemctl start vsftpd - Understand the main configuration file of vsftp:
/etc/vsftpd/vsftpd.conf
Experiment 1: Understanding the User Authentication Mechanism of vsftp#
Anonymous User: anonymous User Directory: /var/ftp#
How to disable anonymous user login: anonymous_enable=NO
Local User: Regular Linux user User Directory: Regular user's user directory#
Guest User (Virtual User): No local user, they are "parasitic" sub-users under Linux regular users#
Configuration process of virtual users
-
Create a "regular user" (disable shell function)
-
Create a virtual user configuration file
/etc/vsftpd/vuserCreate two users
Username Password down 123 up 321 -
Generate local user data files through the virtual user configuration file
-
Modify the authentication file
/etc/pam.d/vsftpd -
Modify the main configuration file
/etc/vsftpd/vsftpd.conf -
Create virtual user configuration files
/etc/vsftpd/vuserconf/down/etc/vsftpd/vuserconf/up -
Configure login directories for down and up:
/var/vuser; define down for download only; up can upload and download -
Restart the service to apply the configuration:
systemctl restart vsftpd -
Verify the results on the Windows7 client
Experiment 2: Secure FTP Site Service (Certificate Encryption: FTPS)#
Characteristics of ftp protocol data transmission: plaintext ------> ciphertext
-
Create a public key and private key
Private key: s.key Certificate request file: s.csr Public key (certificate): s.crt
-
Modify the main configuration file to enable vsftp to support encrypted transmission
-
Restart the service to apply the configuration file
-
Verify the ftps site through the client