python html5 bootstrap 视频教程
德云社区 门户 IT 编程 Linux & Unix Ubuntu & Debian 查看内容

在 Ubuntu Server 14.04 下安装 vsftpd 3.0.2(FPT 上传、下载工具)

2015-1-19 02:19| 发布者: digitser| 查看: 1957| 评论: 0|原作者: liangsheng

摘要: 在 Ubuntu Server 14.04 下安装 vsftpd 3.0.2(FPT 上传、下载工具) vsftpd 是 “very secure FTP daemon” 的缩写,安全性是它的最大特点。vsftpd 是一个 UNIX 类操作系统上运行的 FTP 服务器名字,它可以运行在 Lin ...
业务范围:
01、企业 \"内部 | 外部\" 数据管理、分析、挖据
02、企业效率优化专用 APP 程序定制、IT 外包
03、智能数字化系统平台架设、开发、部署、维护
04、高仿真、低成本,可动画-可 VR 数字样机建模、开发、规划
05、企业 Linux 云计算 \"IaaS | SaaS\" 服务器架设、开发、部署、维护
06、\"标准 | 非标\" 设备全流程研发,PLC、单片机、工控系统开发、集成
07、企业 Linux / Windows 平台 PLM、ERP 系统架设、开发、部署、维护
08、企业 Linux / Windows 平台 \"内网 | 外网\" 服务器架设、开发、部署、维护
09、企业微信公众号智能互动营销、策划,Web 网站代码、SEO 排名优化,大数据网络推广
10、企业跨平台、跨硬件、跨浏览器 HTML5 Web 电子商务平台、\"静态 | 动态\" 网站开发、部署、维护
11、企业文档、资料、公司网页多语种翻译,数据资料标准化、版本化、数字化管理的规划、研发、实施
数字 IDE 网页 ── \"所见即所得\" 编写 HTML4、HTML5 静态 \"网站站群\" 动态网站,生成 Robots、站点地图,死链检测,强大文本编辑器功能。。。集成中英自动 TTS 文本诵读功能。。。
数字 IDE Python ── 支持 \"极速编写-重构\" Python、Django、HTML5、XML、C/C++、Java、Perl、PHP、Ruby、C#、VB .Net 等程序源代码。。。集成了很多常用编程智能辅助工具。。。
数字翻译 ── 能 \"批量翻译\" 文档 GUI 用户界面。。。网页浏览 批处理 全文搜索 全文替换 全文删除 全文插入 数据比较 。。。集成中英自动 TTS 文本诵读功能。。。
AI人工智能 语音助理 人工翻译 教程

vsftpd“very secure FTP daemon” 的缩写,安全性是它的最大特点。vsftpd 是一个 UNIX 类操作系统上运行的 FTP 服务器名字,它可以运行在 LinuxBSDSolarisHP-UNIX 等平台上。vsftpd 是一个完全免费、开发源代码的 FTP 服务器软件,支持很多其他 FTP 服务器所不支持的特征。譬如:非常高的安全性需求、带宽限制、良好的可伸缩性、可创建虚拟用户、支持 IPv6、速率高、等。


vsftpd 是一款在 Linux 发行版中最受推崇的 FTP 服务器程序。特点是小巧轻快,安全易用。


在开源操作系统中常用的 FTP 套件主要还有 ProFTPDPureFTPdwuftpd 等。

servulogo.jpg
特点

01、vsftpd 以一般身份启动服务,所以对 Linux 系统的使用权限要求较低,对于 Linux 系统的危害就相对减轻了。此外, vsftpd 还利用 chroot() 函数进行改换根目录的动作,使得系统工具不会被 vsftpd 服务所误用;


02、任何需要具有较高执行权限的 vsftpd 指令均以一特殊上层程序 ( parent process ) 所控制 ,该上层程序享有的较高执行权限功能已经被限制的相当低,并以不影响 Linux 系统本身为准;


03、全部来自 clients 端,想要使用这支上层程序所提供的较高执行权限之 vsftpd 指令的需求,均被视为『不可信任的要求』来处理,必需要经过相当程度的身份确认后,方可利用该上层程序功能。譬如:chown()Login 要求、等等动作;


04、此外,上面提到的上层程序中,仍使用 chroot() 功能限制使用者的执行权限。


01、安装 vsftpd 3.0.2

  1. root:# apt-get install vsftpd
  2. 正在读取软件包列表... 完成
  3. 正在分析软件包的依赖关系树      
  4. 正在读取状态信息... 完成      
  5. 下列【新】软件包将被安装:
  6.   vsftpd
  7. 升级了 0 个软件包,新安装了 1 个软件包,要卸载 0 个软件包,有 398 个软件包未被升级。
  8. 需要下载 111 kB 的软件包。
  9. 解压缩后会消耗掉 361 kB 的额外空间。
  10. 获取:1 [url]http://cn.archive.ubuntu.com/ubuntu/[/url] trusty-updates/main vsftpd amd64 3.0.2-1ubuntu2.14.04.1 [111 kB]
  11. 下载 111 kB,耗时 0秒 (285 kB/s)
  12. 正在预设定软件包 ...
  13. Selecting previously unselected package vsftpd.
  14. (正在读取数据库 ... 系统当前共安装有 172281 个文件和目录。)
  15. Preparing to unpack .../vsftpd_3.0.2-1ubuntu2.14.04.1_amd64.deb ...
  16. Unpacking vsftpd (3.0.2-1ubuntu2.14.04.1) ...
  17. Processing triggers for man-db (2.6.7.1-1) ...
  18. Processing triggers for ureadahead (0.100.0-16) ...
  19. 正在设置 vsftpd (3.0.2-1ubuntu2.14.04.1) ...
  20. vsftpd start/running, process 4350
  21. Processing triggers for ureadahead (0.100.0-16) ...
  22. root@npt-Aspire-4920:/home/npt# apt-get install vsftpd
  23. 正在读取软件包列表... 完成
  24. 正在分析软件包的依赖关系树      
  25. 正在读取状态信息... 完成      
  26. vsftpd 已经是最新的版本了。
  27. 升级了 0 个软件包,新安装了 0 个软件包,要卸载 0 个软件包,有 398 个软件包未被升级。
  28. root:#
复制代码
02、修改 vsftpd.conf 配置文件
  1. root:# vi /etc/vsftpd.conf
复制代码

修改前的配置文件

  1. # Example config file /etc/vsftpd.conf
  2. #
  3. # The default compiled in settings are fairly paranoid. This sample file
  4. # loosens things up a bit, to make the ftp daemon more usable.
  5. # Please see vsftpd.conf.5 for all compiled in defaults.
  6. #
  7. # READ THIS: This example file is NOT an exhaustive list of vsftpd options.
  8. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
  9. # capabilities.
  10. #
  11. #
  12. # Run standalone?  vsftpd can run either from an inetd or as a standalone
  13. # daemon started from an initscript.
  14. listen=YES
  15. #
  16. # Run standalone with IPv6?
  17. # Like the listen parameter, except vsftpd will listen on an IPv6 socket
  18. # instead of an IPv4 one. This parameter and the listen parameter are mutually
  19. # exclusive.
  20. #listen_ipv6=YES
  21. #
  22. # Allow anonymous FTP? (Disabled by default)
  23. anonymous_enable=NO
  24. #
  25. # Uncomment this to allow local users to log in.
  26. local_enable=YES
  27. #
  28. # Uncomment this to enable any form of FTP write command.
  29. #write_enable=YES
  30. #
  31. # Default umask for local users is 077. You may wish to change this to 022,
  32. # if your users expect that (022 is used by most other ftpd's)
  33. #local_umask=022
  34. #
  35. # Uncomment this to allow the anonymous FTP user to upload files. This only
  36. # has an effect if the above global write enable is activated. Also, you will
  37. # obviously need to create a directory writable by the FTP user.
  38. #anon_upload_enable=YES
  39. #
  40. # Uncomment this if you want the anonymous FTP user to be able to create
  41. # new directories.
  42. #anon_mkdir_write_enable=YES
  43. #
  44. # Activate directory messages - messages given to remote users when they
  45. # go into a certain directory.
  46. dirmessage_enable=YES
  47. #
  48. # If enabled, vsftpd will display directory listings with the time
  49. # in  your  local  time  zone.  The default is to display GMT. The
  50. # times returned by the MDTM FTP command are also affected by this
  51. # option.
  52. use_localtime=YES
  53. #
  54. # Activate logging of uploads/downloads.
  55. xferlog_enable=YES
  56. #
  57. # Make sure PORT transfer connections originate from port 20 (ftp-data).
  58. connect_from_port_20=YES
  59. #
  60. # If you want, you can arrange for uploaded anonymous files to be owned by
  61. # a different user. Note! Using "root" for uploaded files is not
  62. # recommended!
  63. #chown_uploads=YES
  64. #chown_username=whoever
  65. #
  66. # You may override where the log file goes if you like. The default is shown
  67. # below.
  68. #xferlog_file=/var/log/vsftpd.log
  69. #
  70. # If you want, you can have your log file in standard ftpd xferlog format.
  71. # Note that the default log file location is /var/log/xferlog in this case.
  72. #xferlog_std_format=YES
  73. #
  74. # You may change the default value for timing out an idle session.
  75. #idle_session_timeout=600
  76. #
  77. # You may change the default value for timing out a data connection.
  78. #data_connection_timeout=120
  79. #
  80. # It is recommended that you define on your system a unique user which the
  81. # ftp server can use as a totally isolated and unprivileged user.
  82. #nopriv_user=ftpsecure
  83. #
  84. # Enable this and the server will recognise asynchronous ABOR requests. Not
  85. # recommended for security (the code is non-trivial). Not enabling it,
  86. # however, may confuse older FTP clients.
  87. #async_abor_enable=YES
  88. #
  89. # By default the server will pretend to allow ASCII mode but in fact ignore
  90. # the request. Turn on the below options to have the server actually do ASCII
  91. # mangling on files when in ASCII mode.
  92. # Beware that on some FTP servers, ASCII support allows a denial of service
  93. # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
  94. # predicted this attack and has always been safe, reporting the size of the
  95. # raw file.
  96. # ASCII mangling is a horrible feature of the protocol.
  97. #ascii_upload_enable=YES
  98. #ascii_download_enable=YES
  99. #
  100. # You may fully customise the login banner string:
  101. #ftpd_banner=Welcome to blah FTP service.
  102. #
  103. # You may specify a file of disallowed anonymous e-mail addresses. Apparently
  104. # useful for combatting certain DoS attacks.
  105. #deny_email_enable=YES
  106. # (default follows)
  107. #banned_email_file=/etc/vsftpd.banned_emails
  108. #
  109. # You may restrict local users to their home directories.  See the FAQ for
  110. # the possible risks in this before using chroot_local_user or
  111. # chroot_list_enable below.
  112. #chroot_local_user=YES
  113. #
  114. # You may specify an explicit list of local users to chroot() to their home
  115. # directory. If chroot_local_user is YES, then this list becomes a list of
  116. # users to NOT chroot().
  117. # (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
  118. # the user does not have write access to the top level directory within the
  119. # chroot)
  120. #chroot_local_user=YES
  121. #chroot_list_enable=YES
  122. # (default follows)
  123. #chroot_list_file=/etc/vsftpd.chroot_list
  124. #
  125. # You may activate the "-R" option to the builtin ls. This is disabled by
  126. # default to avoid remote users being able to cause excessive I/O on large
  127. # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
  128. # the presence of the "-R" option, so there is a strong case for enabling it.
  129. #ls_recurse_enable=YES
  130. #
  131. # Customization
  132. #
  133. # Some of vsftpd's settings don't fit the filesystem layout by
  134. # default.
  135. #
  136. # This option should be the name of a directory which is empty.  Also, the
  137. # directory should not be writable by the ftp user. This directory is used
  138. # as a secure chroot() jail at times vsftpd does not require filesystem
  139. # access.
  140. secure_chroot_dir=/var/run/vsftpd/empty
  141. #
  142. # This string is the name of the PAM service vsftpd will use.
  143. pam_service_name=vsftpd
  144. #
  145. # This option specifies the location of the RSA certificate to use for SSL
  146. # encrypted connections.
  147. rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
  148. # This option specifies the location of the RSA key to use for SSL
  149. # encrypted connections.
  150. rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
复制代码

修改后的配置文件

  1. # Example config file /etc/vsftpd.conf
  2. #
  3. # The default compiled in settings are fairly paranoid. This sample file
  4. # loosens things up a bit, to make the ftp daemon more usable.
  5. # Please see vsftpd.conf.5 for all compiled in defaults.
  6. #
  7. # READ THIS: This example file is NOT an exhaustive list of vsftpd options.
  8. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
  9. # capabilities.
  10. #
  11. #
  12. # Run standalone?  vsftpd can run either from an inetd or as a standalone
  13. # daemon started from an initscript.
  14. listen=YES
  15. #
  16. # Run standalone with IPv6?
  17. # Like the listen parameter, except vsftpd will listen on an IPv6 socket
  18. # instead of an IPv4 one. This parameter and the listen parameter are mutually
  19. # exclusive.
  20. #listen_ipv6=YES
  21. #
  22. # Allow anonymous FTP? (Disabled by default)
  23. anonymous_enable=NO
  24. #
  25. # Uncomment this to allow local users to log in.
  26. local_enable=YES
  27. #
  28. # Uncomment this to enable any form of FTP write command.
  29. write_enable=YES
  30. #
  31. # Default umask for local users is 077. You may wish to change this to 022,
  32. # if your users expect that (022 is used by most other ftpd's)
  33. #local_umask=022
  34. #
  35. # Uncomment this to allow the anonymous FTP user to upload files. This only
  36. # has an effect if the above global write enable is activated. Also, you will
  37. # obviously need to create a directory writable by the FTP user.
  38. #anon_upload_enable=YES
  39. #
  40. # Uncomment this if you want the anonymous FTP user to be able to create
  41. # new directories.
  42. #anon_mkdir_write_enable=YES
  43. #
  44. # Activate directory messages - messages given to remote users when they
  45. # go into a certain directory.
  46. dirmessage_enable=YES
  47. #
  48. # If enabled, vsftpd will display directory listings with the time
  49. # in  your  local  time  zone.  The default is to display GMT. The
  50. # times returned by the MDTM FTP command are also affected by this
  51. # option.
  52. use_localtime=YES
  53. #
  54. # Activate logging of uploads/downloads.
  55. xferlog_enable=YES
  56. #
  57. # Make sure PORT transfer connections originate from port 20 (ftp-data).
  58. connect_from_port_20=YES
  59. #
  60. # If you want, you can arrange for uploaded anonymous files to be owned by
  61. # a different user. Note! Using "root" for uploaded files is not
  62. # recommended!
  63. #chown_uploads=YES
  64. #chown_username=whoever
  65. #
  66. # You may override where the log file goes if you like. The default is shown
  67. # below.
  68. #xferlog_file=/var/log/vsftpd.log
  69. #
  70. # If you want, you can have your log file in standard ftpd xferlog format.
  71. # Note that the default log file location is /var/log/xferlog in this case.
  72. #xferlog_std_format=YES
  73. #
  74. # You may change the default value for timing out an idle session.
  75. #idle_session_timeout=600
  76. #
  77. # You may change the default value for timing out a data connection.
  78. #data_connection_timeout=120
  79. #
  80. # It is recommended that you define on your system a unique user which the
  81. # ftp server can use as a totally isolated and unprivileged user.
  82. #nopriv_user=ftpsecure
  83. #
  84. # Enable this and the server will recognise asynchronous ABOR requests. Not
  85. # recommended for security (the code is non-trivial). Not enabling it,
  86. # however, may confuse older FTP clients.
  87. #async_abor_enable=YES
  88. #
  89. # By default the server will pretend to allow ASCII mode but in fact ignore
  90. # the request. Turn on the below options to have the server actually do ASCII
  91. # mangling on files when in ASCII mode.
  92. # Beware that on some FTP servers, ASCII support allows a denial of service
  93. # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
  94. # predicted this attack and has always been safe, reporting the size of the
  95. # raw file.
  96. # ASCII mangling is a horrible feature of the protocol.
  97. #ascii_upload_enable=YES
  98. #ascii_download_enable=YES
  99. #
  100. # You may fully customise the login banner string:
  101. #ftpd_banner=Welcome to blah FTP service.
  102. #
  103. # You may specify a file of disallowed anonymous e-mail addresses. Apparently
  104. # useful for combatting certain DoS attacks.
  105. #deny_email_enable=YES
  106. # (default follows)
  107. #banned_email_file=/etc/vsftpd.banned_emails
  108. #
  109. # You may restrict local users to their home directories.  See the FAQ for
  110. # the possible risks in this before using chroot_local_user or
  111. # chroot_list_enable below.
  112. #chroot_local_user=YES
  113. #
  114. # You may specify an explicit list of local users to chroot() to their home
  115. # directory. If chroot_local_user is YES, then this list becomes a list of
  116. # users to NOT chroot().
  117. # (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
  118. # the user does not have write access to the top level directory within the
  119. # chroot)
  120. #chroot_local_user=YES
  121. #chroot_list_enable=YES
  122. # (default follows)
  123. #chroot_list_file=/etc/vsftpd.chroot_list
  124. #
  125. # You may activate the "-R" option to the builtin ls. This is disabled by
  126. # default to avoid remote users being able to cause excessive I/O on large
  127. # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
  128. # the presence of the "-R" option, so there is a strong case for enabling it.
  129. #ls_recurse_enable=YES
  130. #
  131. # Customization
  132. #
  133. # Some of vsftpd's settings don't fit the filesystem layout by
  134. # default.
  135. #
  136. # This option should be the name of a directory which is empty.  Also, the
  137. # directory should not be writable by the ftp user. This directory is used
  138. # as a secure chroot() jail at times vsftpd does not require filesystem
  139. # access.
  140. secure_chroot_dir=/var/run/vsftpd/empty
  141. #
  142. # This string is the name of the PAM service vsftpd will use.
  143. pam_service_name=vsftpd
  144. #
  145. # This option specifies the location of the RSA certificate to use for SSL
  146. # encrypted connections.
  147. rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
  148. # This option specifies the location of the RSA key to use for SSL
  149. # encrypted connections.
  150. rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
  151. local_root=/home/ftp
复制代码
03、创建 ftpuser 用户、设置  ftpuser 用户密码、设置 FTP 根目录
  1. root:# useradd -d /home/ftp -m ftpuser
  2. root:# passwd ftpuser
  3. 输入新的 UNIX 密码:
  4. 重新输入新的 UNIX 密码:
  5. passwd:已成功更新密码
  6. root:#
复制代码
04、修改 FTP 根目录权限,创建目录测试是否正常
  1. root:# chmod -R 777 /home/ftp
  2. root:# mkdir /home/ftp/data
  3. root:#
复制代码
05、修改 vsftpd 配置文件

可修正用 useradd 创建帐号,登录 FTP 出现 530 login incorrect

  1. root:# vi /etc/pam.d/vsftpd
复制代码

修改前的配置文件

  1. # Standard behaviour for ftpd(8).
  2. auth    required    pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed

  3. # Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.

  4. # Standard pam includes
  5. @include common-account
  6. @include common-session
  7. @include common-auth
  8. auth    required    pam_shells.so
复制代码

修改后的配置文件

  1. # Standard behaviour for ftpd(8).
  2. auth    required    pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed

  3. # Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.

  4. # Standard pam includes
  5. @include common-account
  6. @include common-session
  7. @include common-auth
  8. #auth    required    pam_shells.so
复制代码
06、重启 vsftpd 服务
  1. root:# service vsftpd restart
  2. vsftpd stop/waiting
  3. vsftpd start/running, process 4862
  4. root:#
复制代码

版权声明:

本文为独家原创稿件,版权归 德云社区,未经许可不得转载;否则,将追究其法律责任。


路过

雷人

握手

鲜花

鸡蛋
纸盒对角封口自动贴标机 ── 透明标签 镭射标签 激光防伪标签 纸盒对角封口 不干胶贴标机
料斗式自动软管贴标机 ── 塑料软管 普通标签 透明标签 外表面圆周 不干胶贴标机
料斗式自动双头软管贴标机 ── 高速 双头 塑料软管 普通标签 透明标签 外表面圆周 不干胶贴标机
自动立式分页纸箱赋码系统 ── 全自动 专业 立式分页 瓦楞纸 水性油墨 贴标 喷码 检测系统
落地式平面贴标机 ── 简易 高速 可连线平面 不干胶贴标机
纸盒顶面、对角封口自动贴标机 ── 透明标签 镭射标签 激光防伪标签 纸盒顶面、对角封口 不干胶贴标机

相关阅读

最新评论

自动立式分页纸箱赋码系统 ── 全自动 专业 立式分页 瓦楞纸 水性油墨 贴标 喷码 检测系统
全自动双侧面、卷瓶不干胶贴标机 ── 全自动 扁瓶 单侧面 双侧面 高速圆瓶外表面圆周 普通标签 透明标签 不干胶贴标机
落地式半自动平面贴标机 ── 半自动 经济型 普通标签 透明标签 不干胶 上平面贴标机
全自动高速立式圆瓶贴标机 ── 全自动 高速 普通标签 透明标签 不干胶 立式圆瓶贴标机
全自动单料斗卧式圆瓶贴标机 ── 透明标签 普通标签 医药 口服液 单料斗卧式 高重心 小圆瓶 电池 不干胶贴标机
料斗式自动双头软管贴标机 ── 高速 双头 塑料软管 普通标签 透明标签 外表面圆周 不干胶贴标机
料斗式自动软管贴标机 ── 软管 塑料软管 铝塑复合管 普通标签 透明标签 外表面圆周 不干胶贴标机

Archiver|Sitemap|手机版|小黑屋|   

GMT+8, 2019-10-15 19:57 , Processed in 0.052451 second(s), 29 queries .

技术支持 乐数软件  版权所有 © 2014-2019 德云社区

工业和信息化部:粤ICP备14079481号-2

返回顶部