Installation vsftpd service software
yum install -y vsftpd
turn on and turn vsftpd service
systemctl start vsftpd
systemctl enable vsftpd
Close selinux
set selinux is disabled
to join firewall mechanism of the FTP
Firewall-cmd --permanent --add-Service = the FTP
Firewall-cmd --reload
Firewall-cmd --list-All
lftp and vsftpd is not a thing
a browser to access: ftp: / /172.25.254.131
remote access lftp 172.25.254.131
Basic information ftp
access data port: 21
data transfer port:> 1024 then port
netstat -antulpe | grep vsftpd
Client Access server initiative called active mode
21 active mode: port 21, the data transfer port, then open a
passive is the service side of things pushed to the client
默认发布目录: /var/ftp ---> 普通用户登录上去默认在自己家目录
访问方式
lftp 172.25.254.100 ---> 匿名登录 /var/ftp
lftp 172.25.254.100 -u student ---> 用户登录 /home/student
配置文件
/etc/vsftpd/vsftpd.conf
编辑完配置文件后,都需要重启vsftp服务
ftp的安全部署
500报错:权限过大
530报错:认证失败
550报错:服务本身不允许
553报错:文件系统权限过小
匿名用户是否可以登录
anonymous_enable=YES | NO
匿名用户不可登录
本地用户是否可以登录
local_enable=NO
本地用户不可登录
本地用户是否可写设置
write_enable=NO
本地用户不可写
匿名用户
pub目录只对超级用户可写
匿名用户可写设置
anon_upload_enable=NO
匿名用户不可写
注 ---> 如报错,再改目录权限为775,组为ftp,即可查看上传用户
chmod 775 /var/ftp/pub
chgrp ftp /var/ftp/pub
匿名用户可下载
anon_world_readable_only=NO
匿名用户不可下载
匿名用户建立目录
anon_mkdir_write_enable=YES
匿名用户可登录
匿名用户是否可以删除和重命名
anon_other_write_enable=YES
匿名用户可删除目录
匿名用户家录修改
anon_root=/test
创建目录/test并在下面创建文件file1到6
登录匿名用户家目录下和/test目录文件一致
匿名用户上传文件默认权限修改
anon_umask=002
查看长传文件group权限为664
匿名用户使用的用户身份修改
chown_uploads=YES
chown_username=student
用户身份为tom,uid为1002
查看tom的id
最大上传速率
dd if = / dev / zero of = / mnt / testfile bs = 1M count = 1500
Note Before ---> infinite speed, speed 44M
anon_max_rate = 102400 Unit: 100k bytes
uploaded test speed of about 100k particularly limited
maximum link a number of
max_clients = 1
root of a successful login
tom second logon restrictions due to the maximum number of links, not get logged
local user's home directory modification
local_root = / test
to see / test directory file, consistent user login local home directory file
local users to upload files permission
local_umask = 077
View uploaded file group permissions to 600