O'Reilly logo

CompTIA® Linux+ Certification, Powered by LPI, Student Manual by Axzo Press

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

152 CompTIA Linux+ Certification, Powered by LPI
Topic A: FTP services
This topic covers the following CompTIA exam objectives for Linux+ [Powered by
LPI] Certification, LX0-101 and LX0-102 exams.
# Objective
107.1 Manage user and group accounts and related system files
Create and manage special purpose and limited accounts
109.1 Fundamentals of internet protocols
Knowledge about common TCP and UDP ports (20, 21, 22, 23, 25, 53, 80, 110, 119, 139, 143,
161, 443, 465, 993, 995)
The following is a partial list of the used files, terms, and utilities:
ftp
110.1 Perform security administration tasks
Set up limits on user logins, processes and memory usage
110.3 Securing data with encryption
Perform basic OpenSSH 2 client configuration and usage
Understand the role of OpenSSH 2 server host keys
Understand SSH port tunnels (including X11 tunnels)
The following is a partial list of the used files, terms, and utilities:
ssh
ssh-keygen
ssh-agent
ssh-add
~/.ssh/id_rsa and id_rsa.pub
~/.ssh/id_dsa and id_dsa.pub
/etc/ssh/ssh_host_rsa_key and ssh_host_rsa_key.pub
/etc/ssh/ssh_host_dsa_key and ssh_host_dsa_key.pub
~/.ssh/authorized_keys
/etc/ssh_known_hosts
File Transfer Protocol
Explanation
FTP, the File Transfer Protocol, is the Internet-standard means for transferring files
between computers. An FTP server, which on Linux is implemented as a daemon,
accepts incoming connections, authenticates and authorizes users, and transfers files to
clients. An FTP client is the program that connects to the FTP server. Using the client, a
user logs on, navigates the directory tree, and uploads or downloads files.
FTP and e-mail services 153
Linux FTP daemons
There is a wide variety of FTP daemons available. Each provides the same core
functions for file transfers, user security, and so forth. Where they differ is typically in
the strength of security measures they afford, tools you can use to manage FTP services,
and so forth. Some common daemons include:
Washington University FTP daemon (wu-ftpd)
Very Secure FTP daemon (vsftpd)
ProFTPd
Pure-FTPd
Depending on your Linux distribution and the choices you made during installation, an
FTP daemon might not be installed on your system. You can easily install one using a
package manager or from source.
Do it!
A-1: Installing and starting an FTP server
Here’s how Here’s why
1 Use Synaptic Package Manager to
install the wu-ftpd package
Apply your changes and close
Synaptic Package Manager when
done
2 Open a terminal window
3 Enter sudo /etc/init.d/wu-ftpd start
Enter your password
When prompted, to start the wu-ftpd daemon.
154 CompTIA Linux+ Certification, Powered by LPI
FTP server configuration
Explanation You configure the WU-FTP daemon by editing the various files in the /etc/wu-ftpd
directory. The primary configuration file is ftpaccess.
You can explicitly deny users FTP access by listing their user account names in the
/etc/ftpusers file. You enter one user name per line in that file. In the default version of
the file, you find the names of all the accounts associated with non-person users, such as
daemon, nobody, bin, and so forth. The root user is also listed as a security measure—so
that you block potential root-level attacks via FTP.
You can configure access for users from specific hosts by editing the /etc/ftphosts file.
For example, you can permit a user to access your FTP server as long as he or she does
so from the hosts you list. Access from any other host would be denied. Your system
might not include such a file; check your daemon’s documentation to confirm its
support for the file.
You can provide custom messages to users who log on or attempt to do so. There are
various files in the /etc/wu-ftpd directory for this purpose. For example, if you limit the
number of simultaneous users, additional users receive the message in the msg.toomany
file. You can customize the existing files or, by modifying entries in the ftpaccess file,
specify a different file to display.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required