vsftpd installation from source - vsftpdrocks_org.htm

在Linux下使用GCC编制的FTP服务器

            usernames and passwords for authentication.<BR>service 
            ftp<BR>{<BR>disable = no<BR>socket_type = stream<BR>wait = 
            no<BR>user = root<BR>server = /usr/local/sbin/vsftpd<BR>nice = 
            10<BR>}</STRONG></FONT></P>
            <P><FONT face="Arial, Helvetica, sans-serif" size=2><FONT 
            color=#000000>FreeBSD users:</FONT></FONT></P>
            <P><FONT face="Arial, Helvetica, sans-serif" size=2>Add this 
            following entry to /etc/xinetd.conf. If there is already an "ftp" 
            service block, replace it with this one:</FONT></P>
            <P><FONT face="Arial, Helvetica, sans-serif" color=#ff6600 
            size=2><STRONG>service ftp<BR>{<BR>disable = no<BR>socket_type = 
            stream<BR>wait = no<BR>user = root<BR>server = 
            /usr/local/sbin/vsftpd<BR>nice = 10<BR>}</STRONG></FONT></P>
            <P><FONT face="Arial, Helvetica, sans-serif" size=2>Save and 
            exit.</FONT></P>
            <P><FONT face="Arial, Helvetica, sans-serif" size=2>Now stop and 
            restart xinetd...</FONT></P>
            <P><FONT face="Arial, Helvetica, sans-serif" size=2>Redhat 
            users:</FONT></P>
            <P><FONT face="Arial, Helvetica, sans-serif" 
            size=2><STRONG>/etc/rc.d/init.d/xinetd restart</STRONG></FONT></P>
            <P><FONT face="Arial, Helvetica, sans-serif" size=2>FreeBSD 
            users:</FONT></P>
            <P><FONT face="Arial, Helvetica, sans-serif" 
            size=2><STRONG>/usr/loca/etc/rc.d/xinetd.sh stop</STRONG></FONT></P>
            <P><FONT face="Arial, Helvetica, sans-serif" 
            size=2><STRONG>/usr/loca/etc/rc.d/xinetd.sh 
start</STRONG></FONT></P>
            <P><STRONG><FONT face="Arial, Helvetica, sans-serif" 
            size=2>or</FONT></STRONG></P>
            <P><STRONG><FONT face="Arial, Helvetica, sans-serif" size=2>killall 
            -HUP xinetd</FONT></STRONG></P></TD></TR></TBODY></TABLE>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>Now let's test the 
      inetd/xinetd ftp server:</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" color=#ff6600 
      size=2><STRONG>[root@somehost]ftp localhost<BR>Connected to 
      localhost.localdomain.<BR>220 (vsFTPd 1.2.1)<BR>Name (localhost:admin): 
      <FONT color=#0000cc>bobsmith</FONT> </STRONG><FONT 
      color=#000000>(obviously, you will want to use a valid user on your server 
      for the login name)</FONT><STRONG><BR>331 Please specify the 
      password.<BR>Password:<BR>230 Login successful.<BR>Remote system type is 
      UNIX.<BR>Using binary mode to transfer files.<BR>ftp&gt; ls<BR>150 Here 
      comes the directory listing.<BR>-rw-r--r-- 1 1001 1001 25372 Jan 17 18:50 
      somefile.tar.gz<BR>drwx------ 2 1001 1001 512 Jan 16 19:16 
      index.htm<BR>226 Directory send OK.<BR>ftp&gt; quit<BR>221 
      Goodbye.<BR>[root@somehost] </STRONG></FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>If you got a response 
      similar to the one above, you're all set! Congratulations, your FTP server 
      is alive! In the next steps, we will tweak the configuration of the vsftpd 
      server for the best performance.</FONT></P>
      <P>&nbsp;</P>
      <P><FONT face="Arial, Helvetica, sans-serif" color=#ff0000 
      size=2><STRONG>Step 6: The vsftpd master configuration 
      file</STRONG></FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>The master vsftp 
      configuration should be located at /etc/vsftpd.conf. This file is going to 
      determine how your vsftpd FTP server operates. You will find that the 
      vsftpd.conf file contains loads of configuration options. I'm not going to 
      cover every single option, but the most important ones are listed 
      here:</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" color=#009900 
      size=2><STRONG>anonymous_enable=NO/YES</STRONG></FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>Turns on or off 
      anonymous FTP access. If you turn it on, the anonymous server config info 
      outlined in step 3 of this install will apply. If you are unsure about 
      what an anonymous FTP server is, it's best to set this option to 
      "NO".</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" color=#009900 
      size=2><BR><STRONG>local_enable=NO/YES</STRONG></FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>This options activates 
      or deactivated the ability of local system users to be able to FTP to your 
      server. Typical FTP servers will have this option set to "YES". The only 
      time I can think of a "NO" situation would be for an strictly anonymous 
      FTP server where you have no need to systemic user FTP 
sessions.</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" color=#009900 
      size=2><STRONG>write_enable=NO/YES</STRONG></FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>Activates or 
      deactivates FTP write ability. In most cases, you will want this set to 
      "YES".</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2><STRONG><FONT 
      color=#009900>local_umask=022</FONT></STRONG> (or whatever you want it to 
      be)</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>The default vsftpd 
      umask is 077. Here you can establish a custom umask if you so 
      desire.</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" color=#009900 
      size=2><STRONG>xferlog_enable=YES</STRONG></FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>This options activates 
      logging of uploads &amp; downloads.</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" color=#009900 
      size=2><STRONG>ftpd_banner=Welcome to blah FTP service</STRONG></FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>Not a critical option 
      in any way, but it does allow you to have friendly, customizes ftp 
      greetings for your users.</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" color=#009900 
      size=2><STRONG>chroot_list_enable=NO/YES<BR>chroot_list_file=/etc/vsftpd.chroot_list</STRONG></FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>This rather important 
      and usefull option enables the "chroot" abilities of vsftpd. With 
      "chroot_list_enable" set to "YES", vsftpd then looks for a 
      "chroot_list_file" whose location is specified on the next line. Any user 
      that is listed in the "/etc/vsftpd.chroot_list" file is then automatically 
      "chrooted" to their home directory. This prohibits the user from going 
      anywhere outside of his/her FTP home directory. Very useful in shared FTP 
      environments or just a a general layer of security and privacy.</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2><STRONG><FONT 
      color=#009900>userlist_enable=NO/YES</FONT></STRONG></FONT><FONT 
      color=#009900><BR><FONT face="Arial, Helvetica, sans-serif" 
      size=2><STRONG>userlist_deny=NO/YES</STRONG></FONT></FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>The "userlist_enable" 
      option instructs vsftpd to either consult or not consult either of 2 
      files: vsftpd.ftpusers and vsftpd.user_list. If this option is set to 
      "YES", the 2 files serve as lists of users that are allowed to FTP to the 
      server. However, when coupled with the "userlist_deny=YES"" option, the 2 
      files serve as list of users who are NOT allowed to FTP to the server. 
      This option is very useful in completely denying FTP access to critical 
      system users such as "root" or "apache" or "www". A very nice layer of 
      security for your FTP server.</FONT></P>
      <P><STRONG><FONT face="Arial, Helvetica, sans-serif" color=#ff0000 
      size=2>Step 7: The vsftpd.ftpusers, vsftpd.user_list configuration 
      files</FONT></STRONG></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>These 2 files tie 
      directly into the "userlist_enable" and "userlist_deny" options in the 
      /etc/vsftpd.conf config file. When the "userlist_enable" option is set to 
      "YES", these 2 files serve as lists of users that are allowed the FTP the 
      the server. However, when coupled with the "userlist_deny=YES"" option, 
      the 2 files serve as list of users who are NOT allowed to FTP to the 
      server. When the "userlist_deny" option is used, the nature of the denial 
      of FTP service that a prohibited user received differs depending on which 
      of the 2 files they are listed in.</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>If a user is listed in 
      the "vsftpd.user_list" file and the "userlist_deny" option is activated, 
      users will not even get prompted for a password when they attemp to ftp to 
      the server. They get rejected from the start.</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>If a user is listed in 
      the "vsftpd.ftpusers" file and the "userlist_deny" option is activated, 
      users will get prompted for a password but will neer be able to log in. 
      </FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" color=#000000 
      size=2>Personally, I like to use the "vsftpd.user_list" configuration to 
      establish a list of users (root, apache, www, nobody etc.) who will never 
      even get prompted for a password should an ftp connection be initiated on 
      their behalf.</FONT></P>
      <P><STRONG><FONT face="Arial, Helvetica, sans-serif" color=#ff0000 
      size=2>Step 8: The vsftpd.chroot_list configuration 
      file</FONT></STRONG></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>The 
      "vsfrtpd.chroot_list" file, when used with an activated 
      "chroot_list_enable" option, establishes a list of FTP users who will be 
      "chrooted" to the home FTP directory. These users will not be able to 
      change directories past their own home directory. This is a nice feature 
      in shared FTP environments where privacy is needed.</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" color=#0000cc 
      size=2><STRONG>Anytime you make config file changes, make sure you restart 
      vsftpd!</STRONG></FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2>That's it. There are a 
      host of other config options that you can add if you so desire, but by and 
      large at this point you should have a secure and functional FTP 
      server.</FONT></P>
      <P><FONT face="Arial, Helvetica, sans-serif" size=2><BR></FONT></P></TD><!-- InstanceEndEditable --></TR>
  <TR>
    <TD>
      <DIV align=center><A href="mailto:postmaster@vsftpdrocks.org"><IMG 
      height=20 
      src="vsftpd installation from source - vsftpdrocks_org.files/vsftpd_email.gif" 
      width=200 border=0></A></DIV></TD></TR>
  <TR>
    <TD>
      <DIV align=center><FONT face="Arial, Helvetica, sans-serif" size=2><A 
      href="http://www.vsftpdrocks.org/">home</A> | <A 
      href="http://www.vsftpdrocks.org/about">about</A> | <A 
      href="http://www.vsftpdrocks.org/faq">faq</A> |&nbsp;<A 
      href="http://www.vsftpdrocks.org/links">links</A> |&nbsp;<A 
      href="http://www.vsftpdrocks.org/contact">contact</A></FONT></DIV></TD></TR>
  <TR>
    <TD>
      <DIV align=center>
      <DIV align=center><FONT face="Arial, Helvetica, sans-serif" color=#ff0000 
      size=2><FONT color=#000000>Site last modified:</FONT><STRONG> <FONT 
      color=#0000cc>October 16, 2004 19:54:40 
    </FONT></STRONG></FONT></DIV></DIV></TD></TR>
  <TR>
    <TD>&nbsp;</TD></TR>
  <TR>
    <TD>
      <DIV align=center><A href="http://www.rocksproject.org/" 
      target=_blank><IMG height=53 alt="The Rocks Project" 
      src="vsftpd installation from source - vsftpdrocks_org.files/small_logo.gif" 
      width=80 
border=0></A></DIV></TD></TR></TBODY></TABLE><!-- InstanceEnd --></BODY></HTML>