FTP is an acronym for File Transfer Protocol which is used for controlling two-way file transfer over the Internet. It is also an application. There are various FTP applications based on different operating systems, but all these applications utilize the same protocol for transferring files.Computers provide file storage and access services on the Internet through FTP. An FTP server is a server that supports FTP. FTP provides storage and transfer services.Download and Upload Downloading files is tantamount to duplicating files from the remote host to the client; and uploading files is duplicating files from the client to the remote host. In Internet language, a user can upload to and download from a remote host via a client program.
FTP utilizes a client/server model (C/S architecture) to build a connection between a client and a server via TCP. Unlike most other application protocols, FTP builds two communication links: a control link and a data link, between a client and a server respectively. The control link is responsible for sending and receiving FTP commands during FTP sessions, and the data link is responsible for transferring data.An FTP session includes two channels: a control channel and a data channel. FTP has two working modes: the active mode and the passive mode. When in active mode, the server connects to the client actively. When in passive mode, the server waits for client connections.(For both active mode and passive mode, the control channel is built first, the difference lies in the transfer methods.)
Vsftpd is a light, safe and easy-to-use FTP server in Linux, and is the most popular FTP server across all Linux releases.
Install vsftpd through yum
yum install -y vsftpd
The following image indicates successful installation.
Related configuration files:
/etc/vsftpd/vsftpd.conf //Main configuration file, which is the core configuration file
/etc/vsftpd/ftpusers //Blacklist, which prevents users on it from accessing the FTP server
/etc/vsftpd/user_list //Whitelist, which allows users on it to access the FTP server
- Start service
systemctl enable vsftpd.service //Set automatically start on startup
systemctl start vsftpd.service //Start FTP service
netstat -antup | grep ftp //View FTP service port
Login FTP server.
With anonymous FTP, a user can log in to the FTP without entering a user name and password. Anonymous FTP is enabled by default after installing vsftpd, a user can log in to the FTP server anonymously without further configuration.
Anonymous FTP configuration is set in /etc/vsftpd/vsftpd.conf.
anonymous_enable=YES //YES by default
At this time, all users can log in to the FTP server anonymously. They can view and download directories and files in the root folder, but cannot upload files or create directories.
We can install lftp to test.
yum -y install lftp //Install lftp
When lftp connects to the FTP server from a public IP address, you can only view and download files, but you cannot upload files.
lftp public ip address #connect to FTP server
cd pub/ #switch to pub directory
put /etc/issue #upload files
get test.1 #download files
For safety reasons, in vsftpd, users are not allowed to perform modifying operations such as uploading files or creating directories through anonymous FTP, but the vsftpd.conf configuration file can be modified to grant additional permissions.
Allow uploading files through anonymous FTP.
Change permissions of the /var/ftp/pub directory, granting write permission to FTP users, and reload the configuration file.
chmod o+w /var/ftp/pub/ #change permissions of the /var/ftp/pub systemctl restart vsftpd.service #restart FTP service
Local user login refers to logging in to the FTP server with the Linux user name and password. Only anonymous FTP login is supported after vsftp is installed, if a user tries to log in to the server with the Linux user name, vsftp will deny access.
Create user ftptest
useradd ftptest #Create user ftptest passwd ftptest #Set user password of ftptest
- Modify /etc/vsftpd/vsftpd.conf
- Connect to the FTP server through lftp
Additional vsftpd.conf parameters are briefly introduced.
User Login Control
|anonymous_enable=YES||Anonymous users are accepted|
|no_anon_password=YES||Password is not requested when anonymous users log in|
|anon_root=(none)||Anonymous user root|
|local_enable=YES||Anonymous users are accepted|
|local_root=(none)||Local root user|
User Permission Control
|write_enable=YES||upload is enabled (global control)|
|local_umask=022||umask for local user to upload files|
|file_open_mode=0666||Use umask for uploaded file permissions|
|anon_upload_enable=NO||upload is enabled for anonymous users|
|anon_mkdir_write_enable=NO||creating directories is enabled for anonymous users|
|anon_other_write_enable=NO||modifying and deleting are enabled for anonymous users|
chown_username=lightwiter owner user name of uploaded files