Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
25 views6 pages

FTP in Linux

Uploaded by

gowthamadhityabadugu

Copyright:

© All Rights Reserved
Download as PDF, TXT or read online from Scribd
Download as pdf or txt

FTP in Linux

Uploaded by

gowthamadhityabadugu
25 views6 pages

Original Title

ftp in linux

Copyright

© © All Rights Reserved

Available Formats

PDF, TXT or read online from Scribd

Did you find this document useful?

Is this content inappropriate?

Copyright:

© All Rights Reserved
Download as PDF, TXT or read online from Scribd
Download as pdf or txt
25 views6 pages

FTP in Linux

Uploaded by

gowthamadhityabadugu

Copyright:

© All Rights Reserved
Download as PDF, TXT or read online from Scribd
Download as pdf or txt
You are on page 1/ 6

FTP

(File Transfer Protocol)


 The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from
one host to another host over a TCP-based network, such as the Internet.

 FTP is built on a client-server architecture and uses separate control and data connections
between the client and the server.

 FTP is user for Upload and Download files from Server to client and client to server
.

Here
Normal User : Upload and Download the files

Anonymous Users: Only Down load the files

Package : vsftpd (Very Secure File Transfer Protocol deamon)

Port : 20 --> Transferring FTP Data


21 --> Starting FTP Connection
(Default Port No for FTP)

Daemon* : vsftpd -->( Daemon- run in the background process)


(Very Secure File Transfer Protocol Daemon)

Scripts : /etc/init.d/vsftpd (start / stop / restart )

Configuration File :1) /etc/vsftpd/vsftpd.conf


2) /etc/vsftpd/ftpuser {users that deny}
3) /etc/vsftpd/ftp_user {users that deny}

To use the vsFTPd server, you must make sure that the vsFTPd software package is installed.

# rpm -qa vsftpd

or

# yum install vsftpd -y

Enable the vsFTPd server by typing the following line (as root user):

# chkconfig vsftpd on

Start the vsFTPd server as follows:


# /etc/init.d/vsftpd start

(or)

# /etc/init.d/vsftpd restart

Try to log in to the FTP server as anonymous (using any e-mail address as the password)
(if you are connecting over a network, use the more-secure sftp command instead):

$ ftp server1.example.com
Connected to yourhost
220 (vsFTPd 1.2.0)
530 Please login with USER and PASS
Name (localhost:chris): anonymous
331 Please specify the password.
Pasword: ******
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

Mail: aleemsk@gmail.com Ph:9952590457


Allow root user to access to other client machine

[root@desktop6 ~]# cd /etc/vsftpd/


[root@desktop6 vsftpd]# ls
ftpusers user_list vsftpd.conf vsftpd_conf_migrate.sh

[root@desktop6 vsftpd]# vim ftpusers

# root -------> un comment the root user

:wq!

[root@desktop6 vsftpd]# vim user_list

#root ---------------> un comment the root user

:wq!

#
[root@desktop6 vsftpd]# /etc/init.d/vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]

[root@desktop6 vsftpd]# chkconfig vsftpd on


[root@desktop6 vsftpd]#

Disable and enable selinux

Note-
Selinux- (Security-Enhanced Linux)It is developed by NSA (National Security Agency).
Selinux is a extra layer of the firewall. and it has define different-2 mode.

Getsebool- Getsebool reports where a particular SELinux boolean.


-a Show all SELinux booleans.

Setsebool- Setsebool sets the current state of a particular SELinux boolean


-P option is given, all pending values are written to the policy file on disk.

EX;
Server side :

# useradd ajmal

#Password ajmal

Go to Client Side

#ftp 192.168.0.130

username : ajmal

Password : ajmal

error:
500 oops : cannot change director

login faild

Goto Server

#sestatus
[root@server ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: permissive
Policy version: 24

Mail: aleemsk@gmail.com Ph:9952590457


Policy from config file: targeted
[root@server ~]#

Note : change enforcing mode to permissive mode

[root@server ~]# setenforce 0

[root@server ~]# sestatus


SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: permissive
Mode from config file: permissive
Policy version: 24
Policy from config file: targeted
[root@server ~]#

or

[root@server ~]# vim /etc/selinux/config

change to enforce to permisive

:wq

Enforce : --> meaning that the SELinux policy is in effect and things that it doesn't want to allow won't be
allowed.
# getsebool -a | grep ftp

# setbool -P ftp_home_dir on

# setsebool -P allow_ftpd_anon_write on

# setsebool -P allow_ftpd_full_access on

# chmod 777 /var/ftp/pub

# /etc/init.d/vsftpd restart

#iptables -L

#iptables -F

#hostname

#ip a

1))Local user allow and anonymous not allow

#vim /etc/vsftpd/vsftpd.conf

----
anonymous_enables=no (change yes to no)

:wq

#service vsftpd restart

#chkconfig vsftpd on

go to client machine

# fpt <server ip>


username : anonymous
passwd : anonymous

it wont allow anonymous

2)) anonymous allow local user deny


server side

Mail: aleemsk@gmail.com Ph:9952590457


# vim /etc/vsftpd/vsftpd.conf

local_enable=no (change yes to no)

:wq

#service vsftpd restart

#chkconfig vsftpd on

client side
#ftpd <server ip>
username :ajmal
passwd : ajmal

try

username : anonymous
passwd : anonymous

3)) deny a particular user

#vim /etc/vsftpd/ftpuser

ajmal

:wq

#service vsftpd restart

#chkconfig vsftpd on

go to client side

#ftp < server ip>

username: ajmal
passwd : ajmal

denid

4))Directly conneted anonymous user

# lftp <server ip>

ftp>

Upload a file from server to FTP server

[root@server6 ~]# mkdir /var/ftp/upload

[root@server6 ~]# ls -la /var/ftp/upload


total 8
drwxr-xr-x. 2 root root 4096 Oct 14 12:09 .
drwxr-xr-x. 4 root root 4096 Oct 14 12:09 ..

[root@server6 ~]# chmod 1777 /var/ftp/upload

[root@server6 ~]# ls -la /var/ftp/upload


total 8
drwxrwxrwt. 2 root root 4096 Oct 14 12:09 .
drwxr-xr-x. 4 root root 4096 Oct 14 12:09 ..
[root@server6 ~]#

# vim /etc/vsftpd/vsftpd.conf

anon_upload_enable=YES

:wq!

[root@desktop6 ~]# service vsftpd restart


Shutting down vsftpd: [ OK ]

Mail: aleemsk@gmail.com Ph:9952590457


Starting vsftpd for vsftpd: [ OK ]

[root@desktop6 ~]# chkconfig vsftpd on

[root@desktop6 ~]#ftp 192.168.0.5 {192.168.0.5- server IP}


user: anonymous
password: anonymous

ftp>!ls {List all file !ls for Remote machine, ls for local machine}

ftp>cd upload {change directory}

now create a file is / directory

#cat > test.txt

hello this is a test for ftp server

^c
# ls

now go to ftp

ftp>!ls
test.txt
ftp >

ftp> put test.txt


local: test.txt remote: test.txt
227 Entering Passive Mode (192,168,0,6,118,252).
150 Ok to send data.
226 Transfer complete.
32 bytes sent in 3.2e-05 secs (1000.00 Kbytes/sec)
ftp>

# adduser -c 'FTP USER SAMI' -m sami

# passwd sami
Changing password for user sami.
New password:
BAD PASSWORD: it is too short
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successfully.
[root@desktop6 ~]#

# vim /etc/vsftpd/vsftpd.conf

85: ftpd_banner=Welcome to SYSADMIN FTP service.

:wq!

#service vsftpd restart

#chkconfig vsftpd on

goto client side it will show the login message

client# ftp <server ip>


Welcome to SYSADMIN FTP service.

Deny a paticular Host

[root@desktop6 ~]# vim /etc/hosts


hosts hosts.allow hosts.deny

[root@desktop6 ~]# vim /etc/hosts.deny

vsftpd: ALL EXCEPT desktop6.example.com

Mail: aleemsk@gmail.com Ph:9952590457


:wq!

[root@desktop6 ~]# /etc/init.d/vsftpd restart


Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]

[root@desktop6 ~]# chkconfig vsftpd on


[root@desktop6 ~]#

go to client machine

[root@server6 ~]# ftp 192.168.0.6


Connected to 192.168.0.6 (192.168.0.6).
421 Service not available.
ftp>

[root@desktop6 ~]# cat /etc/passwd | grep ftp


ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
[root@desktop6 ~]#

Mail: aleemsk@gmail.com Ph:9952590457

You might also like