File sharing services are network-based file sharing services. FTP, NFS and SAMBA are network based file sharing services. Ftp is one of the simplest services we can use for file sharing. It can be operated in two different modes, Active and Passive.
active mode: 1023 and above on the client, 20 21 ports must be open on the server passive mode: ports 21 and 1023 and above must be open on the server. Any port on the client is open. it doesn't need to be.
Therefore, Passive mode is more preferred. There is no need to open ports on the client side.
apt-get install vsftpd We perform our setup with the command.
sudo sed -i "/^#/d;/^ *$/d" /etc/vsftpd.conf We delete unnecessary spaces in our descriptions with the command.
vi /etc/vsftpd.conf We enter our settings file with the command.
// if passive mode will be used, the line pasv_enable = yes is added.
can choose which port range to use while transferring data with pasv_min and pasv_max .
anonymous_enable = NO // Prevents Unknown Users from FTP //
local_enable = YES // Allow Local Users to Login //
write_enable = YES // FTP Writing Enabled //
dirmessage_enable = YES // Directory Messages Enabled //
use_localtime = YES // vsftpd will show time index listings in local time zone .//
xferlog_enable = YES // Enable upload / download Logging .//
connect_from_port_20 = YES // (Ftp-data) PORT transfer connections port 20 //
secure_chroot_dir = / var / run / vsftpd / empty // This option should be the name of an empty directory. Also, the directory ftp must not be user-writable .//
pam_service_name = vsftpd // Service Name to Use //
rsa_cert_file = / etc / ssl / certs / ssl-cert-snakeoil.pem // This option specifies the location of the RSA certificate for SSL connections. //
sa_private_key_file = / etc / ssl / private / ssl-cert-snakeoil.key // This option specifies the location of the RSA key to use SSL connections
.// local_umask = 022 // we choose which permission rights to create by default when creating the file or directory.
ftpd_banner = "ugurlublog ftp service" // we write here the message users will see when they connect
local_max_rate = 7200 // We can limit the data transfer rate of users. (byte / sec)
chroot_local_user = YES // users cannot exit their own directories to upper directories.
allow_writeable_chroot = YES // users cannot move up from their own directories.
tcp_wrappers = YES // We determine whether Tcp warappers support will be given or not.
We save and exit our settings.
Now let's look at our second settings file.
# / etc / ftpusers: list of users disallowed FTP access. See ftpusers.
In the root
ftpusers file, we add the users who are not allowed to use the ftp service. By default we have these users. Especially we need to make sure that the root user is attached to this file so that the ftp service is not used.
After these changes, we restart our server and activate the settings. We will create real users who cannot log in to the system from the ssh and console without dealing with virtual (virtual) users.
We will set these users' directories as in another folder instead of home. We create a shell so that it is not logged in.
# / etc / shells: valid login shells
/ bin / sh
/ bin / dash
/ bin / bash
/ bin / rbash
/ usr / bin / tmux
/ usr / bin / screen
/ bin / csh
/ usr / bin / es
/ usr / bin / ksh
/ bin / ksh
/ usr / bin / rc
/ usr / bin / tcsh
/ bin / tcsh
/ usr / bin / esh
/ usr / bin / screen
/ bin / false
Users to connect to our FTP Service, their passwords and those users are responsible for We Create Folders.
mkdir -p /var/www/sirnode
useradd sirnode -d /var/www/sirnode -s /bin/false
chown -R root:sirnode /var/www/sirnode
chmod -R ug+rwx,o+rx-w /var/www/sirnode
and restarting our FTP Server.
service vsftpd restart
Server Side, you can connect to ftp and perform operations.
// we learn which directory we are in.
// we list the files and directories in our directory.
ftp> cd / backup
// we can use the cd command to switch to the directory we want.
// we can learn the current used file transfer type.
// We choose the mode in which the file transfer will be. If we are transferring files with the extension .tar.gz (compressed file), we can choose bin.
// We ensure that data is transferred by hashes to be more secure in file transfer.
ftp> get file
// We can use it to download any file from the ftp server to our own machine.
We can use ftp> mget *
// to transfer all the files on the server to our own machine.
We can use ftp> put / client / file
// to transfer any file from our own machine to the server.
We can use ftp> mput / client / a *
// to transfer multiple files from our own machine to the server.
ftp> delete file
// we can use it to delete the file in the directory where we are on the server we are connected to.
ftp> mdelete a *
// we can use it to delete multiple files.