您好,登錄后才能下訂單哦!
這篇文章主要介紹“ftp的常用配置文件參數”,在日常操作中,相信很多人在ftp的常用配置文件參數問題上存在疑惑,小編查閱了各式資料,整理出簡單好用的操作方法,希望對大家解答”ftp的常用配置文件參數”的疑惑有所幫助!接下來,請跟著小編一起來學習吧!
ftp用戶:
系統用戶
匿名用戶---->系統用戶
虛擬用戶---->系統用戶
ftp用戶的默認訪問目錄:
匿名用戶訪問目錄:/var/ftp
系統用戶的訪問目錄:用戶的家目錄
安全通信方式
ftps: ftp+ssl/tls
sftp: OpenSSH,SubSystem,sftp(SSH)
1 安裝軟件
[root@CnBJYwz01QNmoSmokepingL01 ~]# yum -y install vsftpd Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.btte.net * epel: mirrors.aliyun.com * extras: mirrors.btte.net * updates: mirrors.btte.net Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package vsftpd.x86_64 0:2.2.2-21.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================================== Package Arch Version Repository Size ============================================================================================================================================================================== Installing: vsftpd x86_64 2.2.2-21.el6 base 155 k Transaction Summary ============================================================================================================================================================================== Install 1 Package(s) Total download size: 155 k Installed size: 340 k Downloading Packages: vsftpd-2.2.2-21.el6.x86_64.rpm | 155 kB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : vsftpd-2.2.2-21.el6.x86_64 1/1 Verifying : vsftpd-2.2.2-21.el6.x86_64 1/1 Installed: vsftpd.x86_64 0:2.2.2-21.el6 Complete! [root@CnBJYwz01QNmoSmokepingL01 ~]# rpm -ql vsftpd /etc/logrotate.d/vsftpd /etc/pam.d/vsftpd /etc/rc.d/init.d/vsftpd /etc/vsftpd /etc/vsftpd/ftpusers /etc/vsftpd/user_list /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd_conf_migrate.sh /usr/sbin/vsftpd /usr/share/doc/vsftpd-2.2.2 ....... /var/ftp //ftp服務的根目錄 /var/ftp/pub |
2 啟動服務
[root@CnBJYwz01QNmoSmokepingL01 ~]# /etc/init.d/vsftpd start Starting vsftpd for vsftpd: [ OK ] [root@CnBJYwz01QNmoSmokepingL01 ~]# chkconfig vsftpd on [root@CnBJYwz01QNmoSmokepingL01 ~]# |
3 測試登陸
匿名登陸ftp服務器 localhost:~ ray$ ftp 192.168.2.141 Connected to 192.168.2.141. 220 (vsFTPd 2.2.2) Name (192.168.2.141:ray): anonymous 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ftp> help Commands may be abbreviated. Commands are: ! features mls prompt site $ fget mlsd proxy size account form mlst put sndbuf append ftp mode pwd status ascii gate modtime quit struct bell get more quote sunique binary glob mput rate system bye hash mreget rcvbuf tenex case help msend recv throttle cd idle newer reget trace cdup image nlist remopts type chmod lcd nmap rename umask close less ntrans reset unset cr lpage open restart usage debug lpwd page rhelp user delete ls passive rmdir verbose dir macdef pdir rstatus xferbuf disconnect mdelete pls runique ? edit mdir pmlsd send epsv4 mget preserve sendport exit mkdir progress set ftp> 系統用戶登陸 [localhost:~ ray$ ftp 192.168.2.142 Connected to 192.168.2.142. 220 (vsFTPd 2.2.2) Name (192.168.2.142:ray): ray 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ftp> ftp> ls 229 Entering Extended Passive Mode (|||59706|). 150 Here comes the directory listing. 226 Directory send OK. ftp> ftp> pwd Remote directory: /home/ray ftp> |
4 常用配置文件參數
# Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=YES #是否允許匿名用戶登陸 # Uncomment this to allow local users to log in. local_enable=YES #是否允許本地的系統用戶登陸 # Uncomment this to enable any form of FTP write command. write_enable=YES #是否允許上傳文件 anon_upload_enable=YES #是否允許匿名用戶上傳文件,打開上傳權限。注意:最終文件能否上傳成功,取決于文件系統權限和文件共享權限 anon_mkdir_write_enable=YES #是否允許匿名用戶創建目錄 anon_other_write_enable=YES #是否允許匿名用戶其他寫動作,如:刪除和修改 # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES #當用進入目錄,是否顯示歡迎信息 # The target log file can be vsftpd_log_file or xferlog_file. # This depends on setting xferlog_std_format parameter xferlog_enable=YES #是否打開傳輸日志,記錄上傳下載的操作命令 # The name of log file when xferlog_enable=YES and xferlog_std_format=YES # WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log xferlog_file=/var/log/xferlog #指定傳輸日志的路徑 # If you want, you can arrange for uploaded anonymous files to be owned by # a different user. Note! Using "root" for uploaded files is not # recommended! #chown_uploads=YES #是否允許上傳文件完,修改用戶屬組 #chown_username=whoever #文件上傳完,修改成用戶屬性 # You may change the default value for timing out an idle session. #idle_session_timeout=600 #超時時間,控制連接 # # You may change the default value for timing out a data connection. #data_connection_timeout=120 #超時時間,數據連接 # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). #chroot_local_user=YES #是否將所有用戶限制在主目錄,YES為啟用 NO禁用.(該項默認值是NO,即在安裝vsftpd后不做配置的話,ftp用戶是可以向上切換到要目錄之外的) #chroot_list_enable=YES #是否允許啟用限制用戶名單 # (default follows) #chroot_list_file=/etc/vsftpd/chroot_list #禁錮用戶列表,文件需要主動創建 # When "listen" directive is enabled, vsftpd runs in standalone mode and # listens on IPv4 sockets. This directive cannot be used in conjunction # with the listen_ipv6 directive. listen=YES #是否為獨立守護進程 userlist_enable=YES #是否啟用/etc/vsftpd/user_list名單 userlist_deny=YES #yes表示/etc/vsftpd/user_list為黑名單,no為白名單, #If vsftpd is in standalone mode, this is the maximum number of clients which may be connected. Any additional clients connecting will get an error message. The value 0 switches off the limit. max_clients #限制最大客戶端數量 #If vsftpd is in standalone mode, this is the maximum number of clients which may be connected from the same source internet address. A client will get an error message if they go over this limit. The value 0 switches off the limit. max_per_ip #限制相同IP的連接客戶端數量 |
對于ftp用戶訪問ftp服務時應該對其chroot
禁錮用戶于其家目錄中
chroot_local_user={Yes|No}
chroot_list_enable={YES|NO}
chroot_list_file=/etc/vsftpd/chroot_list
每行一個用戶
匿名用戶的配置:
anonymous_enable=YES
anon_upload_enable=YES
anon_other_write_enable=YES
anon_mkdir_write_enable=YES
注意:啟用寫入功能時,ftp用戶對相應的本地文件系統也有相應的寫入權限;
生效的權限取決于文件系統權限和服務權限的交集;
歡迎信息的定義:
banner_file=/path/to/some_banner_file
ftp_banner=some string
dirmessage_enable=yes
在某ftp可訪問的目錄下創建.messages文件
vsftp控制登錄用戶的機制:
/etc/vsftpd/ftpusers中的用戶都不允許使用ftp服務, 這是在/etc/pam.d/vsftpd中定義;
user_list配置文件有兩種用法:
黑名單:
userlist_enable=YES
userlist_deny=YES
白名單
userlist_enable=YES
userlist_deny=NO
連接限制:
max_clients: 最大并發連接數
max_per_ip: 每IP可同時發起并發請求
傳輸速率:
anon_max_rate: 匿名用戶的最大傳輸速率,單位是“字節/秒”;
local_max_rate: 本地用戶……………………
上傳文件的umask:
anno_umask: 匿名用戶上傳文件的umask;
local_umask:
修改匿名用戶上傳文件的屬主和屬組:
chown_uploads=YES
chown_username=someuser
虛擬用戶:
所有的虛擬用戶會映射會一個系統用戶,訪問時的文件目錄是為此系統用戶的家目錄;
虛擬用戶:
hash編碼的文件:
奇數行為用戶名,偶數行為密碼
pam-mysql實現認證
到此,關于“ftp的常用配置文件參數”的學習就結束了,希望能夠解決大家的疑惑。理論與實踐的搭配能更好的幫助大家學習,快去試試吧!若想繼續學習更多相關知識,請繼續關注億速云網站,小編會繼續努力為大家帶來更多實用的文章!
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。