FTP Server

Interview Questio ns And Answers fo r Linux admi n

Q: - How to deny specific users access to the FT P server ? To deny specif ic users access to the FT P server, add their usernames to the /etc/vsf tpd/ f tpusers f ile. By def ault, system users such as root and nobody are included in this list.

Q: - Can we create logs for ftp authenticated sessions ? Yes, If the xf erlog_enable directive in vsf tpd.conf is set to YES, f ile transf ers using the FT P protocol are logged to /var/log/xf erlog. Inf ormation such as a time stamp, IP address of the client, the f ile being transf erred, and the username of the person who authenticated the connection is included in the log entry.

Q: - What is meaning of max_clients parameter ? Maximum number of clients that can connect at one time.

If set to 0, the number of clients is unlimited.

Q: - On which port VSFT P server works ? FT P uses two ports, 20 and 21. By def ault, the FT P server listens f or requests on port 21. Af ter a connection is established, the client sends commands to the server on port 21. However, port 20 is used when the server sends data back to the client.

Q: - How to restart VSFT P server ? service vsf tpd restart

Q: - How to allow Anonymous FT P ? Anonymous FT P is enabled by def ault by setting the anonymous_enable directive in /etc/vsf tpd/vsf tpd.conf to YES.

Q: - What is FT P ? FT P stands f or File Transf er Protocol. An FT P server allows clients to connect to it either anonymously or with a username and password combination. Af ter successf ul authentication, f iles can be transf erred back and f orth between the server and client. T he f iles are neither encrypted nor compressed.

Q: - For Redhat Linux or Fedora which package is required for FT P service ? Red Hat Enterprise Linux 5 or FEDORA includes the vsf tpd FT P service.
vsf tpd-2.0.5-12.el5 (For Redhat)

vsf tpd-2.0.5-12.el5 (For Redhat)

Q: - Important Configuration file for vsftp server ? T he FT P server uses the /etc/vsf tpd/vsf tpd.conf conf iguration f ile. Using this f ile, you can set options f or displaying a custom banner message af ter users log in, setting the def ault f ile permissions f or uploaded f iles, and setting the port on which to listen f or incoming connections.

Q: - What is FT P ? FT P client connects to the FT P server by establishing an FT P control connection to port 21 of the server. Your commands such as 'ls' and 'get' are sent over this connection. Whenever the client requests data over the control connection, the server initiates data transf er connections back to the client. T he source port of these data transf er connections is always port 20 on the server, and the destination port is a high port (greater than 1024) on the client.

Q: - How to deny specific users access to the FT P server ?

To deny specif ic users access to the FT P server, add their usernames to the /etc/vsf tpd/ f tpusers f ile. By def ault, system users such as root and nobody are included in this list. Q: - Can we create logs for ftp authenticated sessions ?

Yes, If the xf erlog_enable directive in vsf tpd.conf is set to YES, f ile transf ers using the FT P protocol are logged to /var/log/xf erlog. Inf ormation such as a time stamp, IP address of the client, the f ile being transf erred, and the username of the person who authenticated the connection is included in the log entry. Q: - What is meaning of max_clients parameter ? Maximum number of clients that can connect at one time. If set to 0, the number of clients is unlimited. Q: - On which port VSFT P server works ? FT P uses two ports, 20 and 21. By def ault, the FT P server listens f or requests on port 21. Af ter a connection is established, the client sends commands to the server on port 21. However, port 20 is used when the server sends data back to the client. Q: - How to restart VSFT P server ? service vsf tpd restart Q: - How to allow Anonymous FT P ? Anonymous FT P is enabled by def ault by setting the anonymous_enable directive in /etc/vsf tpd/vsf tpd.conf to YES.

Q: - What is FT P ?

FT P stands f or File Transf er Protocol. An FT P server allows clients to connect to it either anonymously or with a username and password combination. Af ter successf ul authentication, f iles can be transf erred back and f orth between the server and client. T he f iles are neither encrypted nor compressed. Q: - For Redhat Linux or Fedora which package is required for FT P service ? Red Hat Enterprise Linux 5 or FEDORA includes the vsf tpd FT P service. vsf tpd-2.0.5-12.el5 (For Redhat)

Q: - Important Configuration file for vsftp server ? T he FT P server uses the /etc/vsf tpd/vsf tpd.conf conf iguration f ile. Using this f ile, you can set options f or displaying a custom banner message af ter users log in, setting the def ault f ile permissions f or uploaded f iles, and setting the port on which to listen f or incoming connections.

Q: - What is FT P ?

FT P client connects to the FT P server by establishing an FT P control connection to port 21 of the server. Your commands such as 'ls' and 'get' are sent over this connection. Whenever the client requests data over the control connection, the server initiates data transf er connections back to the client. T he source port of these data transf er connections is always port 20 on the server, and the destination port is a high port (greater than 1024) on the client. Q: - What is Passive mode? Passive mode, like active mode, is initiated by the FT P client application. When requesting data f rom the server, the FT P client indicates it wants to access the data in passive mode and the server provides the IP address and a random, unprivileged port (greater than 1024) on the server. T he client then connects to that port on the server to download the requested inf ormation. Q: - Explain directive "session_support? When enabled, vsf tpd attempts to maintain login sessions f or each user through Pluggable Authentication Modules (PAM). Q: - Is there any way to monitor clients connected to vsftpd? Yes. We actually have two slightly dif f erent methods to monitor vsf tpd clients. First, make sure you have enabled the conf ig option, "setproctitle_enable=YES" like in our example above and restart your vsf tpd server. T hen run the command "watch ps Cvsf tpd -o user, pid, stime, cmd" to watch the processes including ip, username and actions like idle or data retrieval.

Q: - I want to copy multiple files with out prompting for any info, how can I do that one? f tp -i f tpserver Q: - Local users cannot log inQ: - Local users cannot log in. How to resolve this issue?. How to resolve this issue? Check "local_enable=YES" in your /etc/vsf tpd/vsf tpd. conf to allow local users to log in.

Q: - How to change vsf tpd def ault port?

Set "listen_port" option in "vsf tpd.conf "

Q: - How to restrict some IP's not use my FT P server? Use T CP_WRAPPERS

Q: - Does vsftpd support IPv6? Yes

Q: - What is Passive mode? Passive mode, like active mode, is initiated by the FT P client application. When

requesting data f rom the server, the FT P client indicates it wants to access the data in passive mode and the server provides the IP address and a random, unprivileged port (greater than 1024) on the server. T he client then connects to that port on the server to download the requested inf ormation.

Q: - Explain directive "session_support? When enabled, vsf tpd attempts to maintain login sessions f or each user through Pluggable Authentication Modules (PAM). Q: - Is there any way to monitor clients connected to vsftpd? Yes. We actually have two slightly dif f erent methods to monitor vsf tpd clients. First, make sure you have enabled the conf ig option, "setproctitle_enable=YES" like in our example above and restart your vsf tpd server. T hen run the command "watch ps Cvsf tpd -o user, pid, stime, cmd" to watch the processes including ip, username and actions like idle or data retrieval. Q: - I want to copy multiple files with out prompting for any info, how can I do that one? f tp -i f tpserver

Q: - Local users cannot log in. How to resolve this issue? Check "local_enable=YES" in your /etc/vsf tpd/vsf tpd. conf to allow local users to log in.

Q: - How to change vsftpd default port? Set "listen_port" option in "vsf tpd.conf "

Q: - How to restrict some IP's not use my FT P server? Use T CP_WRAPPERS

Q: - Does vsftpd support IPv6? Yes