1 / 26

vsFTP in Linux

vsFTP in Linux. Introduction to FTP. The File Transfer Protocol (FTP) is used as one of the most common means of copying files between servers over the Internet. Regular FTP The VSFTP allows Linux users to copy files to and from their home directories with an FTP client. Anonymous FTP

taya
Download Presentation

vsFTP in Linux

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. vsFTP in Linux

  2. Introduction to FTP • The File Transfer Protocol (FTP) is used as one of the most common means of copying files between servers over the Internet. • Regular FTP • The VSFTP allows Linux users to copy files to and from their home directories with an FTP client. • Anonymous FTP • Anonymous FTP a username of ‘anonymous’ and your email address for the password. • Once logged in to a FTP server, you automatically have access to only the default anonymous FTP directory

  3. Start VSFTP • Use the ‘chkconfig’ command to configure VSFTP to start at boot: • chkconfig vsftpd on • Use ‘service vsftpd’ to start,stop, and restart VSFTP after booting: • service vsftpd start • service vsftpd stop • service vsftpd restart • Configuration file: /etc/vsftpd/vsftpd.conf

  4. Anonymous FTP settings • Before going to change vsftpd.conf, remember to make a backup: • cp vsftpd.conf vsftpd.conf.bak • anonymous_enable=YES • Allow Anonymous • anon_upload_enable=YES • Allow Anonymous upload • anon_mkdir_write_enable=YES • Allow Anonymous upload to create directory

  5. Anonymous FTP settings (2) • no_anon_password=YES • Do not ask password for anonymous login • anon_max_rate=30000 • Limit the transfer rate of anonymous, e.g. 30000 = 30k byte per second • anon_root=/data/directory • Directory for anonymous is ‘/var/ftp’

  6. Local users’ settings • local_enable=YES • Allow Linux users to use VSFTPD • chroot_list_enable=YES • VSFTPD will use a file to limit some users to change their home directories after login • chroot_list_file=/etc/vsftpd/chroot_list • A text file which contain a list of Linux usernames. • These users will limit to their home directories

  7. Local users’ settings (2) • userlist_deny=YES • VSFTPD will use a file to reject some users. • userlist_file=/etc/vsftpd/user_list • A text file which contain a list of Linux usernames which DO NOT allow to use VSFTP. • local_max_rate=30000 • Limit the transfer rate of local user, e.g. 30000 = 30k byte per second

  8. Other Settings • max_clients=10 • Limiting the maximum number of client connections • max_per_ip=1 • Limiting the number of connections by same IP address • idle_session_timeout=600 • Disconnect the idle connection after 600 seconds. • xferlog_enable=YES • Record all the file transfer records. • xferlog_file=/var/log/vsftpd.log • Filename and directory of log file.

  9. Limit the access on hosts • FTP server usually can use tcp_wrappers to allow or deny a host’s access. • Add this statement to vsftpd.conf: • tcp_wrappers = yes • Under /etc, create a new file hosts.deny: • If you want to allow a specific host, create a hosts.allow with same format. • Power of hosts.allow > hosts.deny vsftpd : 192.168.1.0/24 192.168.0.2 vsftpd : .vtc.edu.hk alan.ict.edu.hk

  10. Samba – Windows File Server in Linux

  11. Introduction of Samba • Samba is a server that allows your Linux to share files with Windows. • Samba can make your Linux into a Windows Primary Domain Controller (PDC) or a server for a Windows Workgroup. • Samba can make users to access their Linux home directory with Windows.

  12. Start Samba • Use the ‘chkconfig’ command to configure Samba to start at boot: • chkconfig smb on • Use ‘service smb’ to start,stop, and restart Samba after booting: • service smb start • service smb stop • service smb restart • Configuration file: /etc/samba/smb.conf

  13. Swat – tools to configure Samba • Before going to change smb.conf, remember to make a backup: • cp smb.conf smb.conf.bak • Swat, Samba's web based configuration tool enables you configure your smb.conf file without you needing to remember all the formatting. • Configuration file of swat: /etc/xinetd.d/swat

  14. Configure Swat • To limit the use of swat, add ‘only_from’ statement to swat configuration file. • In above case, only allow localhost and PC with IP 192.168.1.3 . service swat{     port            = 901    socket_type     = stream    protocol        = tcp    wait            = no    user            = root    server          = /usr/sbin/swat    log_on_failure  += USERID    disable         = no    only_from       = localhost 192.168.1.3 }

  15. [global] section • workgroup = tyict • The name of the Windows domain we'll create. • server string = Linux Samba Server • Server Description (show on browser) • netbios name = mySamba1 • Computer Name show on network browser

  16. [global] section (2) • client code page = 950 • Important! View Chinese filename in Windows. • log file = /var/log/samba/log.%m • Log filename and location. • max log size = 500 • File size of log file, 500 = 500Kb

  17. [global] section (3) • security = user • User level security (request username and password), strongly recommended. • encrypt passwords = yes • Protect your password • smb passwd file = /etc/samba/smbpasswd • Filename and location of password file

  18. [homes] section • read only = No • Allows the samba user to also write to their Samba Linux directory. • browseable = No • Doesn't allow others to browse the contents of the directory • create mode = 0744 • Makes new files created by the user to have “744" permissions. You want to change this to "0700" so that only the login user has access to files. • directory mode = 0755 • Makes new sub-directories created by the user to have "775" permissions. You want to change this to "0700" so that only the login user has access to directories.

  19. [MyShare] section • You can create a new section to share a folder in Linux. • Sample configuration: • public = yes • Allow all samba users to access this share. [MyShare]      path         = /share/pub    read only    = no    public       = yes    writable = yes    create mode = 0664    directory mode = 0775

  20. Samba Users • A Linux user cannot directly use Samba’s share folders. • We need to convert a Linux user to a Samba user: • smbpasswd -a linuxuser • smbpasswd -d username • Disable a user • smbpasswd -e username • Enable a disabled user • smbpasswd -x username • Delete a user • We cannot add a NON LINUX USER!

  21. IIS – Internet Information Service in WindowsXP Professional

  22. http, ftp services in WindowsXP • IIS is an additional functions of Windows XP Professional. • You cannot find this service in Windows XP Home. • This service allow only ten connections. • For enterprise purpose, you should use IIS of Windows 2003 Server.

  23. http service • Open the ‘Start Menu’ and go to ‘Programs’ > ‘Administrative Tools’ > ‘Internet Services Manager’. • Once the IIS page opens, find the name of the computer and click the plus (+) sign next to it. • This will display the FTP, HTTP, and SMTP Virtual Server icons. • Click on the ‘Default Web Site icon’ to display the default web site contents and the directories where the content files are stored.

  24. http service (2) • Right-click the ‘Default Web Site icon’ and choose ‘Properties’. • From this page, the user can configure all the properties and control what will be displayed on the HTTP site. • You will find that the default home page is ‘default.htm’ and the folder contain ‘wwwroot’ is ‘C:\inetpub’.

  25. Summary/ Conclusion • Detailed Summary or Conclusion about Data Communication AIM&IT

  26. Question & Answers • Question & Answer for the session AIM&IT

More Related