vsftp 일반 계정 설정

/etc/vsftpd/vsftpd.conf 파일에 일반적으로 설정값을 적용하게되는데

 

일반유저만 따로 설정을 할수 있는 방법은 아래와 같습니다.

 

참조 : https://sites.google.com/site/zzztech30/vsftpd-with-multiple-users-home-dir-with-different-permission

 

 

VsFTPD With Multiple Users Home dir with different permission

#yum install vsftpd*  //for install the FTP Server packege #vim /etc/vsftpd/vsftpd.conf  //Mention below screen shoot entry in vsftpd.conf file anonymous_enable=NO                                           //Disable anonymous user local_enable=YES                                                    //Enable local user for login chroot_local_user=YES                                            //for not shown user home dir path user_config_dir=/etc/vsftpd/vsftpd-virtual-user/        //virtual user config dir virtual_use_local_privs=YES                                    //use local user as a virtual user dual_log_enable=YES                                             //For enable dual log /var/log/vsftpd.log connect_from_port_20=YES                                     //FTP port no listen=YES                                                               //Read port no. pam_service_name=vsftpd                                      //PAM Authentication enable tcp_wrappers=YES                                                  //TCP warapper enable For Change FTP Port listen_port=27                                                  //Add this line in vsftpd.conf file for port change How to use Passive FTP If you use FTP server in Passive Mode, Please enter these below line's in vsftpd.conf file pasv_enable=yes                                                     //Enable FTP Server to Passive Mode pasv_max_port=55000                                            //Passive FTP Maximum DATA port  pasv_min_port=50000                                             //Passive FTP Minimum DATA port  port_enable=YES                                                     //Enable Passive FTP DATA port  pasv_address=54.251.136.7                                   //Public ip of machine where ftp server is running Create Dir for Virtual User in Vsftpd Root Dir #mkdir   /etc/vsftpd/vsftpd-virtual-user/ #cd   /etc/vsftpd/vsftpd-virtual-user/ #vim   vsftpd_user   //enter your virtual user name and save vivek          //virtual user kamal        //virtual user Then create your virtual username file like vivek and kamal for special permission and set local_root #vim  /etc/vsftpd/vsftpd-virtual-user/ vivek  and  #vim  /etc/vsftpd/vsftpd-virtual-user/kamal local_root=/home/kamal                       //Virtual user HOME dir cmds_allowed=USER,PASS,SYST,FEAT,OPTS,PWD,TYPE,PASV,LIST,STOR,CWD,MKD,SIZE,MDTM,CDUP,RETR,RNFR,RNTO      //Allow FTP CMD in this virtual user local_umask=022            //SET umask value for virtual user write_enable=YES            //Write Enable for virtual user If you want to set All users login to one dir  then enter  line in vsftpd.conf file “ local_root=/your/dir/path” AND If you want to set All users login to own home dir  then no need to mention “ local_root=/your/dir/path”  entry  in any file AND If you want to set only a users login to other dir  (like kamal’s home dir is /data/k but you want set, its login on /home/kamal) then enter  line in specific virtual user file /etc/vsftpd/vsftpd-virtual-user/kamal  file  “ local_root=/home/kamal” Set Pam Authentication in vsftpd # vim /etc/pam.d/vsftpd #service vsftpd start If disable Any FTP user Account Please Enter username in "#vim /etc/vsftpd/ftpusers" all FTP commands and save it on the system for reference: # # List of FTP commands # # ABOR - Abort an active file transfer. # ACCT - Account information. # ADAT - Authentication/Security Data (RFC 2228) # ALLO - Allocate sufficient disk space to receive a file. # APPE - Append. # AUTH - Authentication/Security Mechanism (RFC 2228) # CCC  - Clear Command Channel (RFC 2228) # CDUP - Change to Parent Directory. # CONF - Confidentiality Protection Command (RFC 697) # CWD  - Change working directory. # DELE - Delete file. # ENC  - Privacy Protected Channel (RFC 2228) # EPRT - Specifies an extended address and port to which the server should connect. (RFC 2428) # EPSV - Enter extended passive mode. (RFC 2428) # FEAT - Get the feature list implemented by the server. (RFC 2389) # HELP - Returns usage documentation on a command if specified, else a general help document is returned. # LAND - Language Negotiation (RFC 2640) # LIST - Returns information of a file or directory if specified, else information of the current working directory is returned. # LPRT - Specifies a long address and port to which the server should connect. (RFC 1639) # LPSV - Enter long passive mode. (RFC 1639) # MDTM - Return the last-modified time of a specified file. (RFC 3659) # MIC  - Integrity Protected Command (RFC 2228) # MKD  - Make directory. # MLST - Lists the contents of a directory if a directory is named. (RFC 3659) # MODE - Sets the transfer mode (Stream, Block, or Compressed). # NLST - Returns a list of file names in a specified directory. # NOOP - No operation (dummy packet; used mostly on keepalives). # OPTS - Select options for a feature. (RFC 2389) # PASS - Authentication password. # PASV - Enter passive mode. # PBSZ - Protection Buffer Size (RFC 2228) # PORT - Specifies an address and port to which the server should connect. # PWD  - Print working directory. Returns the current directory of the host. # QUIT - Disconnect. # REIN - Re initializes the connection. # REST - Restart transfer from the specified point. # RETR - Retrieve (download) a remote file. # RMD  - Remove a directory. # RNFR - Rename from. # RNTO - Rename to. # SITE - Sends site specific commands to remote server. # SIZE - Return the size of a file. (RFC 3659) # SMNT - Mount file structure. # STAT - Returns the current status. # STOR - Store (upload) a file. # STOU - Store file uniquely. # STRU - Set file transfer structure. # SYST - Return system type. # TYPE - Sets the transfer mode (ASCII/Binary). # USER - Authentication username.  FINISHED