Joke Collection Website - Mood Talk - Linux: Why can't anonymous users log on to the FTP server (built by vsftpd) and lose things?
Linux: Why can't anonymous users log on to the FTP server (built by vsftpd) and lose things?
Anonymous opening in vsftpd service program is the most insecure authentication method. Anyone can log on to the FTP server host without password verification. This mode is generally only used to save unimportant public files, especially in the production environment. It is also strongly recommended to use the firewall management tools learned in chapter 8 of linux (such as Tcp_wrappers service program) to set the allowed host access range of vsftpd service program to the enterprise intranet.
By default, the vsftpd service program turns on anonymous access mode. What needs to be done is to further allow anonymous users the right to upload and download files and the right to create, delete and rename files. These permissions are very dangerous for anonymous users. We only practice the configuration ability of vsftpd service program in Linux system, and it is not recommended to use it in production environment. Permission parameters and introduction of anonymous users;
Parametric action
Anonymous_enable=YES Allow anonymous access mode.
Anon_umask=022 umask value of files uploaded by anonymous users.
Anon_upload_enable=YES Allow anonymous users to upload files.
Anon_mkdir_write_enable=YES Allow anonymous users to create directories.
Anon_other_write_enable=YES allows anonymous users to modify directory names or delete directories.
[root @ Linux ~]# vim Linux probe/com/chapter- 1 1/html # 1 12 1/etc/vsftpd/vsftpd . conf
Anonymous _ Enabled = Yes
anon_umask=022
Anonymous upload enabled = Yes
Anon _ mkdir _ write _ enable = Yes.
Anon _ other _ write _ enable = Yes.
Local _ enable = Yes
Write _ enable = Yes
local_umask=022
Dirmessage _ enable = Yes
Xferlog _ enable = Yes
Connect _ from _ port _ 20 = Yes.
Xferlog _ std _ format = Yes
Listen = no
Listen _ ipv6 = Yes
pam_service_name=vsftpd
User List _ Enabled = Yes
Tcp _ wrappers = Yes
After confirming that the parameters are filled in correctly, save and exit the main configuration file of the vsftpd service program. You also need to restart the vsftpd service program to make the new configuration service parameters take effect. Remember to add the configured service program to the startup item in the production environment or the certification examination of RHCSA, RHCE and RHCA to ensure that the ftp file transfer service can still be provided to users normally after the next server restart:
[root@linux ~]# systemctl restarts vsftpd.
[root @ Linux ~] # systemctlenable vsftpd so that you can connect to a remote ftp server with FTP command on the client. The anonymous open mode account of FTP service is anonymous and the password is empty.
Clear the iptables firewall policy and add the permission to allow anonymous users to create directories and write files in the main configuration file of the vsftpd service program.
- Previous article:How to understand and adapt to the new economic normal
- Next article:Qq says sad pictures.
- Related articles
- Tell me about a woman's sad and melancholy mood.
- Don't avoid taking medicine and break the doctor's leg. Why do you have to avoid taking medicine?
- Say a sad sentence and express a bad mood.
- Greetings from monkeys, beautiful sentences
- Care about a person's mood phrases, insomnia at night, talk about being in a bad mood.
- Sad and long sentence: Some people praise you for being excellent, while others say you are nothing more than that.
- I have an appointment and suddenly I don't want to go. How can I refuse?
- A smile worth waiting for.
- Teach me how to buy a plane ticket online, I have never done it before, and tell me about the entire process from buying the ticket to boarding the plane.
- Can the young players in the back still wear the legendary NBA jersey number after retirement?