Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 14 views

    FTP in Linux

    Uploaded by

    gowthamadhityabadugu

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    FTP in Linux

    Uploaded by

    gowthamadhityabadugu
    14 views6 pages

    Original Title

    ftp in linux

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    14 views6 pages

    FTP in Linux

    Uploaded by

    gowthamadhityabadugu

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 6

    FTP

    (File Transfer Protocol)


     The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from
    one host to another host over a TCP-based network, such as the Internet.

     FTP is built on a client-server architecture and uses separate control and data connections
    between the client and the server.

     FTP is user for Upload and Download files from Server to client and client to server
    .

    Here
    Normal User : Upload and Download the files

    Anonymous Users: Only Down load the files

    Package : vsftpd (Very Secure File Transfer Protocol deamon)

    Port : 20 --> Transferring FTP Data


    21 --> Starting FTP Connection
    (Default Port No for FTP)

    Daemon* : vsftpd -->( Daemon- run in the background process)


    (Very Secure File Transfer Protocol Daemon)

    Scripts : /etc/init.d/vsftpd (start / stop / restart )

    Configuration File :1) /etc/vsftpd/vsftpd.conf


    2) /etc/vsftpd/ftpuser {users that deny}
    3) /etc/vsftpd/ftp_user {users that deny}

    To use the vsFTPd server, you must make sure that the vsFTPd software package is installed.

    # rpm -qa vsftpd

    or

    # yum install vsftpd -y

    Enable the vsFTPd server by typing the following line (as root user):

    # chkconfig vsftpd on

    Start the vsFTPd server as follows:


    # /etc/init.d/vsftpd start

    (or)

    # /etc/init.d/vsftpd restart

    Try to log in to the FTP server as anonymous (using any e-mail address as the password)
    (if you are connecting over a network, use the more-secure sftp command instead):

    $ ftp server1.example.com
    Connected to yourhost
    220 (vsFTPd 1.2.0)
    530 Please login with USER and PASS
    Name (localhost:chris): anonymous
    331 Please specify the password.
    Pasword: ******
    230 Login successful.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    ftp>

    Mail: aleemsk@gmail.com Ph:9952590457


    Allow root user to access to other client machine

    [root@desktop6 ~]# cd /etc/vsftpd/


    [root@desktop6 vsftpd]# ls
    ftpusers user_list vsftpd.conf vsftpd_conf_migrate.sh

    [root@desktop6 vsftpd]# vim ftpusers

    # root -------> un comment the root user

    :wq!

    [root@desktop6 vsftpd]# vim user_list

    #root ---------------> un comment the root user

    :wq!

    #
    [root@desktop6 vsftpd]# /etc/init.d/vsftpd restart
    Shutting down vsftpd: [ OK ]
    Starting vsftpd for vsftpd: [ OK ]

    [root@desktop6 vsftpd]# chkconfig vsftpd on


    [root@desktop6 vsftpd]#

    Disable and enable selinux

    Note-
    Selinux- (Security-Enhanced Linux)It is developed by NSA (National Security Agency).
    Selinux is a extra layer of the firewall. and it has define different-2 mode.

    Getsebool- Getsebool reports where a particular SELinux boolean.


    -a Show all SELinux booleans.

    Setsebool- Setsebool sets the current state of a particular SELinux boolean


    -P option is given, all pending values are written to the policy file on disk.

    EX;
    Server side :

    # useradd ajmal

    #Password ajmal

    Go to Client Side

    #ftp 192.168.0.130

    username : ajmal

    Password : ajmal

    error:
    500 oops : cannot change director

    login faild

    Goto Server

    #sestatus
    [root@server ~]# sestatus
    SELinux status: enabled
    SELinuxfs mount: /selinux
    Current mode: enforcing
    Mode from config file: permissive
    Policy version: 24

    Mail: aleemsk@gmail.com Ph:9952590457


    Policy from config file: targeted
    [root@server ~]#

    Note : change enforcing mode to permissive mode

    [root@server ~]# setenforce 0

    [root@server ~]# sestatus


    SELinux status: enabled
    SELinuxfs mount: /selinux
    Current mode: permissive
    Mode from config file: permissive
    Policy version: 24
    Policy from config file: targeted
    [root@server ~]#

    or

    [root@server ~]# vim /etc/selinux/config

    change to enforce to permisive

    :wq

    Enforce : --> meaning that the SELinux policy is in effect and things that it doesn't want to allow won't be
    allowed.
    # getsebool -a | grep ftp

    # setbool -P ftp_home_dir on

    # setsebool -P allow_ftpd_anon_write on

    # setsebool -P allow_ftpd_full_access on

    # chmod 777 /var/ftp/pub

    # /etc/init.d/vsftpd restart

    #iptables -L

    #iptables -F

    #hostname

    #ip a

    1))Local user allow and anonymous not allow

    #vim /etc/vsftpd/vsftpd.conf

    ----
    anonymous_enables=no (change yes to no)

    :wq

    #service vsftpd restart

    #chkconfig vsftpd on

    go to client machine

    # fpt <server ip>


    username : anonymous
    passwd : anonymous

    it wont allow anonymous

    2)) anonymous allow local user deny


    server side

    Mail: aleemsk@gmail.com Ph:9952590457


    # vim /etc/vsftpd/vsftpd.conf

    local_enable=no (change yes to no)

    :wq

    #service vsftpd restart

    #chkconfig vsftpd on

    client side
    #ftpd <server ip>
    username :ajmal
    passwd : ajmal

    try

    username : anonymous
    passwd : anonymous

    3)) deny a particular user

    #vim /etc/vsftpd/ftpuser

    ajmal

    :wq

    #service vsftpd restart

    #chkconfig vsftpd on

    go to client side

    #ftp < server ip>

    username: ajmal
    passwd : ajmal

    denid

    4))Directly conneted anonymous user

    # lftp <server ip>

    ftp>

    Upload a file from server to FTP server

    [root@server6 ~]# mkdir /var/ftp/upload

    [root@server6 ~]# ls -la /var/ftp/upload


    total 8
    drwxr-xr-x. 2 root root 4096 Oct 14 12:09 .
    drwxr-xr-x. 4 root root 4096 Oct 14 12:09 ..

    [root@server6 ~]# chmod 1777 /var/ftp/upload

    [root@server6 ~]# ls -la /var/ftp/upload


    total 8
    drwxrwxrwt. 2 root root 4096 Oct 14 12:09 .
    drwxr-xr-x. 4 root root 4096 Oct 14 12:09 ..
    [root@server6 ~]#

    # vim /etc/vsftpd/vsftpd.conf

    anon_upload_enable=YES

    :wq!

    [root@desktop6 ~]# service vsftpd restart


    Shutting down vsftpd: [ OK ]

    Mail: aleemsk@gmail.com Ph:9952590457


    Starting vsftpd for vsftpd: [ OK ]

    [root@desktop6 ~]# chkconfig vsftpd on

    [root@desktop6 ~]#ftp 192.168.0.5 {192.168.0.5- server IP}


    user: anonymous
    password: anonymous

    ftp>!ls {List all file !ls for Remote machine, ls for local machine}

    ftp>cd upload {change directory}

    now create a file is / directory

    #cat > test.txt

    hello this is a test for ftp server

    ^c
    # ls

    now go to ftp

    ftp>!ls
    test.txt
    ftp >

    ftp> put test.txt


    local: test.txt remote: test.txt
    227 Entering Passive Mode (192,168,0,6,118,252).
    150 Ok to send data.
    226 Transfer complete.
    32 bytes sent in 3.2e-05 secs (1000.00 Kbytes/sec)
    ftp>

    # adduser -c 'FTP USER SAMI' -m sami

    # passwd sami
    Changing password for user sami.
    New password:
    BAD PASSWORD: it is too short
    BAD PASSWORD: is too simple
    Retype new password:
    passwd: all authentication tokens updated successfully.
    [root@desktop6 ~]#

    # vim /etc/vsftpd/vsftpd.conf

    85: ftpd_banner=Welcome to SYSADMIN FTP service.

    :wq!

    #service vsftpd restart

    #chkconfig vsftpd on

    goto client side it will show the login message

    client# ftp <server ip>


    Welcome to SYSADMIN FTP service.

    Deny a paticular Host

    [root@desktop6 ~]# vim /etc/hosts


    hosts hosts.allow hosts.deny

    [root@desktop6 ~]# vim /etc/hosts.deny

    vsftpd: ALL EXCEPT desktop6.example.com

    Mail: aleemsk@gmail.com Ph:9952590457


    :wq!

    [root@desktop6 ~]# /etc/init.d/vsftpd restart


    Shutting down vsftpd: [ OK ]
    Starting vsftpd for vsftpd: [ OK ]

    [root@desktop6 ~]# chkconfig vsftpd on


    [root@desktop6 ~]#

    go to client machine

    [root@server6 ~]# ftp 192.168.0.6


    Connected to 192.168.0.6 (192.168.0.6).
    421 Service not available.
    ftp>

    [root@desktop6 ~]# cat /etc/passwd | grep ftp


    ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
    [root@desktop6 ~]#

    Mail: aleemsk@gmail.com Ph:9952590457

    You might also like