Popular Posts

  • GFS2 File System Administration
      Q. What is the Purpose of LVM in Clustered Environment and What are the Limitations? The Red Hat GFS2 file system is a native file syst...
  • Setting up a PXE-Boot Redhat Linux 5
    This documents how to setup a PXE boot server for Linux. a) The first thing to note is that you need to setup your own mini-network that is...
  • Scanning SCSI DISKS in Redhat Linux
    Scanning SCSI DISKS in Redhat Linux SCAN AND CONFIGURE NEW LUNS on RHEL 5 and RHEL 6 If you have 4 fc ports on which you have assigne...
  • PXE-Boot on RHEL-6
    . Use Yum utility to Install required rpm #yum install dhcp tftp-server syslinux httpd nfs-utils system-config-kickstart bind-* 2. Config...
  • How To Increase GFS and LVM Size
    It is assumed that you have configured the storage so that all systems in the cluster can see it prior to continuing through these steps. I...
  • Redhat Linux - How to for GFS Filesystems
    You can use either of the following formats to create a clustered GFS file system : #gfs_mkfs -p lock_dlm -t ClusterName:FSName -j Number ...
  • Kernel Virtual Machine
             Virtual Machine 1.  Creating environment for virtualization:­ a) Install the RHEL FOR 64 Bit. b) Now check the virtualization flag...
  • what does it mean by "cman expected_votes="1" two_node="1" in cluster.conf ?
    For two node clusters ordinarily, the loss of quorum after one out of two nodes fails will prevent the remaining node from continuing (if ...
  • Linux Set Date
    This is useful if the Linux server time and/or date is wrong, and you need to set it to new values from the shell prompt. You must login ...
  • Basic Command While using Postfix Mail Server
    Explain the working of local mail submission for postfix? When a local email message enters the postfix system. Local messages ...

Friday, 17 February 2012

FTP Configuration

Understanding & Managing FTP Server
What is FTP?
FTP protocol (File Transfer Protocol) is, as its name indicates a protocol for transferring files. The implementation of FTP dates from 1971 when a file transfer system between MIT machines (Massachusetts Institute of Technology) was developed. Many RFC have since made improvements to the basic protocol, but the greatest innovations date from July 1973. FTP, the File Transfer Protocol, is one of the original network applications developed with the TCP/IP protocol suite. It follows the standard model for network services, as FTP requires a client and a server , FTP set out to solve the need to publish documents and software so that people could get them easily from other computer systems. On the FTP server, files were organized in a directory structure; users could connect to the server over the network ,and download files from (and possibly upload files to) the server.
The role of FTP protocol:
FTP protocol defines the way in which data must be transferred over a TCP/IP network.
The aim of FTP protocol is to:
 allow file sharing between remote machines
 allow independence between client and server machine system files
 enable efficient data transfer
The FTP model:
FTP protocol falls within a client-server model, i.e. one machine sends orders (the client) and the other awaits requests to carry out actions (the server).
During an FTP connection, two transmission channels are open:
 A channel for commands (control channel)
 A channel for data
So, both the client and server have two processes allowing these two types of information to be managed:
DTP (Data Transfer Process) is the process in charge of establishing the connection and managing the data channel. The server side DTP is called SERVER-DTP, the client side DTP is called USER-DTP.
PI (Protocol Interpreter) interprets the protocol allowing the DTP to be controlled using commands received over the control channel. It is different on the client and the server:
The SERVER-PI is responsible for listening to the commands coming from a USER-PI over the control channel on a data port, establishing the connection for the control channel, receiving FTP commands from the USER-PI over this, responding to them and running the SERVER-DTP.
The USER-PI is responsible for establishing the connection with the FTP server, sending FTP commands, receiving responses from the SERVER-PI and controlling the USER-DTP if needed. When an FTP client is connected to a FTP server, the USER-PI initiates the connection to the server according to the Telnet protocol. The client sends FTP commands to the server, the server interprets
them, runs its DTP, then sends a standard response. Once the connection is established, the server-PI gives the port on which data will be sent to the Client DTP. The client DTP then listens on the specified port for data coming from the server. It is important to note that since the control and data ports are
separate channels, it is possible to send commands from one machine and receive data on another. So, for example it is possible to transfer data between FTP servers by passing through a client to send control instructions and by transferring information between two server processes connected on the
right port. In this configuration, the protocol imposes that the control channels remain open throughout the data transfer. So a server can stop a transmission if the control channel is broken during transmission.
What is vsftpd?
 The Very Secure FTP Server (vsFTPd) is the only FTP server software included in the Red Hat Linux distribution , vsFTPd is becoming the FTP server of choice for sites that need to support thousands of concurrent downloads. It was also designed to secure your systems against most common attacks.
Configuration Files
 /etc/vsftpd/vsftpd.conf      :  Main Configuration File
 /etc/vsftpd/ftpusers           : Contains Users list to deny permanently
 /etc/vsftpd/user_list           : Contains Users list to allow or deny

 FTP uses TCP ports 20 (for ftp data) & 21 (ftp program).
Installing FTP service:
root@vijay~]# yum install vsftpd

root@vijay~]# vim /etc/vsftpd/vsftpd.conf

(if you want to deny all user from login) at the end of file write down the following line.

userlist_deny=NO

and add the name of user to whom you want to grant permission for login in user_list

Starting vsftpd service:

root@vijay~]#service vsftpd start;chkconfig vsftpd on
Client Side Commands For Connecting to FTP Server
root@vijay~]#ftp 0 (for local login)

root@vijay~]#ftp x.x.x.x (for remote login)

For Installing Packages from FTP server

root@vijay~]#rpm -ivh ftp://x.x.x.x/pub/Server/package.rpm

Limiting maximum connections

 VSFTPD allows unlimited connection from the same client IP address. You can easily force

vsftpd ftp server to use limited number of connection. There is a special directive called
 max_per_ip.

root@vijay~]# vim /etc/vsftpd/vsftpd.conf
max_per_ip=3
max_clients=2 ----- max simultaneous connections

Allowing “anonymous” upload to FTP

STEP – 1:

root@vijay~]# vi /etc/vsftpd/vsftpd.conf
anon_upload_enable=YES
chown_uploads=YES
chown_username=daemon
anon_umask=077

STEP -2: Create a directory under – 

root@vijay~]#mkdir /var/ftp/incoming

root@vijay~]#chmod  770  /var/ftp/incoming

root@vijay~]#chown  root:ftp   /var/ftp/incoming

root@vijay~]#setfacl -m u:vijay:rwx  /var/ftp/incoming

STEP – 3: Set the Boolean value:

root@vijay~]#setsebool  -P  allow_ftpd_full_access

root@vijay~]#service vsftpd restart

root@vijay~]# ftp 192.168.0.15
Connected to 192.168.0.14 (192.168.0.14).
220 (vsFTPd 2.2.2)
Name (192.168.0.14:root): vijay
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub
250 Directory successfully changed.
ftp> ls
227 Entering Passive Mode (192,168,0,14,67,118).
150 Here comes the directory listing.
-rw-r--r-- 10 0 0 Aug 02 04:35 h1
-rw-r--r-- 10 0 0 Aug 02 04:35 h2
-rw-r--r-- 10 0 0 Aug 02 04:35 h3-rw------- 12 50 0 Aug 02 04:40 popo
drwx------
2 14
50
4096 Aug 02 04:52 raj
226 Directory send OK.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)