File Transfer Protocol
There are many
different ways you can share files with users on your network. This capability
is important because you don’t always want your users storing thing locally on
their desktop or laptop.
Installing a FTP
Server
In this chapter, we
use the vsftpd package, which stands for Very Secure FTP Daemon. This
particular FTP Server offers additional features that make it a more secure
choice if you use FTP.
Prerequisites for File Transfer Protocol
v
Yum
procedure
v
IP
and Hostname Setting
v
Firewall
flash
v
DNS
Server for IP-to-Name’s Resolve.
v
Apache
Server
Step-1: Grab the
required Package
# yum □ install □ vsftpd*
Step-2: When the
installation is complete, verify it was installed successfully
# rpm □ –qa □
vsftpd*
Step-3: Ensure
that the service will start on system boot.
#chkconfig □ vsftpd □ on
Or #ntsysv
Configuring
vsftpd
To start the
configuration FTP server, you need to look at the config file. For vsftpd ,
there only one main config file. It’s located at /etc/vsftpd/vsftpd.conf.
Look at which
option are available in the config file and can be used for.
anonymous_enable=yes
|
The default sets
security, although it should be changed to no for better host-base security.
|
local_enable=yes
|
Allows local user
to log in.
|
write_enable=yes
|
Enable user to
write in directory.
|
local_umask=022
|
Set the Umask of
all uploaded file
|
dirmessage_enable=yes
|
Displays
directory message.
|
xferlog_enable=yes
|
Logs all transfer
activaty to /var/log/xferlog
|
connect_from_port_20=yes
|
Forces port
transfers to originate from port 20.
|
xferlog_std_format=yes
|
Logs everything
in standard transfer format.
|
listen=yes
|
Allows the server
to listen for connections.
|
pam_service_name=vsftpd
|
Specifies the
name used for the PAM service
|
userlist_enable=yes
|
Enable the service
to consult user list.
|
tcp_wrappers=yes
|
Allows incoming
requests based on the TCP Wrappers configuration
|
userlist_deny=yes
|
Enables user
listed in user list to log in via FTP
|
Step-4: Open the Forward lookup zone file for declare
FTP server.
# vi □ /var/named /chroot/var/named/nabil.fzone
Firewall and
SELinux Configuration
Before you can
being using the FTP service, you need to make some firewall adjustment and
SELinux changes. Let’s start with the firewall rules. FTP user both TCP ports 20
and 21, which you can open on the firewall.
Step- 5: Use the
iptables command to create your firewall rules.
# iptables □ - I □ INPUT □ 5 □ - p □ tcp □ - m □ - - dport □ 20 □ - j □
ACCEPT
# iptables □ - I
□ INPUT □ 5 □ - p □ tcp □ - m □ - - dport □ 21 □ - j □ ACCEPT
Step- 6: Save
the firewall rules which just created and restart the firewall service for take
effect.
# service □ iptables □ save
# service □
iptables □ restart
Now that the firewall
rules are taken care of, let’s move on to SELinux.
Step-7 : Set
SELinux Permissive.
# setenforce □ 0
Step-8: Restart
all service which essential.
# service □ named □ restart
#
service □httpd □ restart
#
service □ vsftpd □ restart
Then….
Browser from Client PC ftp://ftp.sandwip.com
No comments: