Run the following command to create the chroot_list file: Press the Esc key, enter :wq, and then press the Enter key to save and close the configuration file.Ĭreate the chroot_list file and write the list of exception users to the file. #Specify the highest possible port that is sent to the FTP clients for passive mode connections.įor information about more parameters, see the vsftpd configuration file and parameters section in this topic. These ports provide more secure access to the FTP server. We recommend that you use ports in a high range, such as 50000 to 50010. #Specify the lowest possible port that is sent to the FTP clients for passive mode connections. #Enter the public IP address of the Linux instance that is used in this topic. #Specify a file to store the list of exception users. Exception users are not limited to the home directory after they log on. #Limit all users to the home directory after the users log on. #Specify the directory of a local user after the local user logs on. #Add the following parameters to the end of the configuration file: #Add a number sign (#) to the beginning of the line to comment out the following parameter: #Allow local users to log on to the FTP server. #Disable anonymous users from logging on to the FTP server. #Modify the values of the following parameters: #Use the default values for parameters other than the following parameters: For example, an extra space may cause the service to fail to restart. When you modify or add information in the configuration file, take note of the format. If you select Create ECS Instance, you must configure the Available Zone ID, Instance Type, System Disk Category, and Instance Password parameters. On the Use New Resources (Standard) page, enter a stack name, select Use Existing ECS Instance or Create ECS Instance, and then enter the username and password that are used to access the FTP service. In the upper-left corner of the top navigation bar, select a region.Go to the Use New Resources (Standard) page in the Resource Orchestration Service (ROS) console. The instance has a public IP address assigned or an elastic IP address (EIP) bound. When you build an FTP site on an existing instance manually or by using the quick deployment method, the instance must meet the following requirements: For information about how to configure an FTP server to allow anonymous users to access the FTP server and how to use third-party FTP client tools, see the " FAQ" section of this topic. In this topic, vsftpd is configured in passive and local user modes. This enhances the security of the FTP server. Virtual users can access only the FTP service that the Linux system provides and cannot access other resources of the system. Virtual user mode: Virtual users are dedicated users of the FTP server. This mode is more secure than the anonymous user mode. Local user mode: In this mode, users must have local Linux accounts. We recommend that you do not use this mode to save files in a production environment In most cases, this mode is used to save unimportant public files. This is the least secure authentication mode. If you do not have special requirements, we recommend that you use passive mode for the FTP server.įTP supports the following authentication modes:Īnonymous user mode: In this mode, users can log on to the FTP server without the need for a username or password. As a result, FTP servers in active mode cannot easily establish connections to the clients. Most FTP clients are located in LANs, have no independent public IP addresses, and are protected by firewalls.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |