Build the FTP server under Ubuntu
- 2020-05-15 03:21:25
Background 1 immediately prompted updates to the wordperss version and plugin, which was an eyesores, and decided to update them all. However, to update the files, the server needs to provide FTP service. linode is not provided to FTP, so we can only install one by ourselves. The server system I installed is Ubuntu 12.04 LTS, FTP software is of course to choose the well-known vsftpd (very secure FTP daemon), FTP with the system's own FTP fortunately Ubuntu vsftpd or very simple, 1 command:
sudo apt-get install vsftpd
During the execution of the command, the installer will create a local user group named "ftp". After the execution of the command, the FTP service will be started automatically.
You can use the "netstat-tl" command to check if the FTP port is open, or simply type "ftp:// your server IP" in your browser (the newly installed vsftpd can be accessed anonymously without a password by default). If you can connect directly to the FTP server, then you can install vsftpd.
It's easy to start, stop, and restart the vsftpd service:
service vsftpd start | stop | restart
By default, the newly installed vsftpd can be accessed anonymously. If you only want to give one user special access to one directory, you need to modify the configuration of vsftpd.
First, create a special user to access, such as "test" :
mkdir -p /home/test
useradd test -g ftp -d /home/test -s /sbin/nologin
Modify the vsftpd profile "vi /etc/ vsftpd.conf" :
# No anonymous access
# Accept local users
# You can upload
# To enable the chroot_list_file The user can only access the root directory
Add users restricted by access directory in /etc/ vsftpd.chroot_list:
echo "test" >> /etc/vsftpd.chroot_list
Some problems encountered during installation:
"530 Login incorrect"
Add "/sbin/nologin" to the last line of /etc/shells
"500 OOPS: vsftpd: refusing to with writable root inside chroot()"
With chroot enabled, the root directory is set to unwritable
chmod a-w /home/test
OK, restart vsftpd and you can use the newly created account above to access :)