Catalog

One 、FTP Working principle and communication mode

1、FTP Role and mode

2、FTP working principle

3、FTP Two models of

①Standard Pattern （ Take the initiative ）

②Passive Pattern （ passive ）

Two 、 To configure FTP service

  anonymous

  Anonymous access testing

What happened ：1、Failed to establish connection.

2、 Could not create file.

Local users

3、 ... and 、 summary

One 、FTP Working principle and communication mode

1、FTP Role and mode

effect ： adopt Internet The protocol of transferring files up and down the network .
VSFTPD Full name ：Very Secure FTP
VSFTPD Pattern ：C/S Pattern

FTP It's a file transfer protocol , He is based on TCP Application layer protocol of protocol , Use 20 and 21 Port for transmission , among 20 Ports are used to establish data connections , And transmit data ,21 Ports are used to control connections , And transmit FTP Control command .

2、FTP working principle

FTP The client connects to FTP Server's 21 port , Send user name and password , The client randomly opens a port （1024 above ）, send out PORT Order to FTP The server , Tell the server client to adopt the active mode and open the port ,FTP Server received PORT Active mode commands and ports , Through the server 20 Port number the open port connection of the client , send data .

3、FTP Two models of

It supports two modes ,Standard（Active） Active mode and Passive（PASV） The passive mode of

①Standard Pattern （ Take the initiative ）

FTP The client first communicates with FTP Server Pattern ,21 Port to establish the connection , Send instructions through this channel , When the client needs to receive data, it will send it on this channel PORT Instructions .PORT The command contains the data of the client , During transmission , The server uses its own TCP 20 Port send data .FTP Server A new connection must be established with the client to transmit data .

②Passive Pattern （ passive ）

When establishing control channels and Standard Similar model , When the client sends PASV When ordered ,TFPServer Open a window located in 1024 and 5000 And notify the client of the request to transmit data on this port , then FTP Server Data will be transmitted through this port . This is the time FTP Server There is no need to establish a new connection with the client .

Two 、 To configure FTP service

yum install -y vsftpd ## Download a software

  anonymous

vim /etc/vsftpd/vsftpd.conf ## The configuration file
anonymous_enable=YES # Enable anonymous user access . The default is on （FTP）
write_enable=YES # Open server write permissions （ To upload , Must be turned on ）

anon_umask=002 # Set the permission mask for anonymous users to upload data （ Unmask ）

 anon_upload_enable=YES # Allow anonymous users . Upload files . Default annotated , Need to uncomment

 anon_mkdir_write_enable=YES # Allow anonymous users to create （ Upload ） Catalog Default annotated , Need to uncomment

 anon_other_write_enable=YES # Allow others to delete 、 rename 、 Covering and other operations . Need to add

  Save and exit
chmod 777 /var/ftp/pub/ # Access is anonymous ftp Of the root directory of pub Set the maximum permissions for the subdirectories of , So that anonymous users can operate
systemctl start vsftdp Opening service

  Anonymous access testing

  Then we open up a windows System virtual machine cmd Enter the character interface to connect
ftp Add the host just now IP Address User use ftp The password goes straight to the carriage

Create a new folder locally

  And then we were in win10 Create a file locally and write some data

Upload

  verification

What happened ：1、Failed to establish connection.

resolvent ：

vsftp in , By editing the /etc/vsftp.conf Enable implementation PASV Connect .
sudo vi /etc/vsftp.conf
Add the following statement to the configuration file ：
pasv_enable=YES
pasv_min_port=6000
pasv_max_port=7000

2、 Could not create file.

  Not solved yet

Local users

vim /etc/vsftpd/vsftpd.conf
Modify the configuration file

anonymous_enable=NO # Turn off anonymous user access

local_enable=YES # Start local user

write_enable=YES # Open server write permissions （ If you want to upload, you must enable ）

local_umask=007 # It can be set that only the host user has the permission to upload the file （ Unmask ）

chroot_local_user=YES # Lock access to the user's Host Directory

allow_writeable_chroot=YES # Allow restricted user home directory to have write permission

anon_mkdir_write_enable=YES Comment out

anon_other_write_enable=YES Comment out

3、 ... and 、 summary

This article mainly talked about FTP How it works , And two working modes ： Active mode and passive mode . Explained how to build and configure FTP service , Including anonymous user experiment and setting user mode login experiment .