linux ftp server

Installation vsftpd service software
yum install -y vsftpd

turn on and turn vsftpd service
systemctl start vsftpd

systemctl enable vsftpd

Close selinux
set selinux is disabled



to join firewall mechanism of the FTP
Firewall-cmd --permanent --add-Service = the FTP
Firewall-cmd --reload
Firewall-cmd --list-All


lftp and vsftpd is not a thing
a browser to access: ftp: / /172.25.254.131

remote access lftp 172.25.254.131

Basic information ftp
access data port: 21
data transfer port:> 1024 then port
netstat -antulpe | grep vsftpd
Client Access server initiative called active mode
21 active mode: port 21, the data transfer port, then open a
passive is the service side of things pushed to the client

默认发布目录： /var/ftp ---> 普通用户登录上去默认在自己家目录
访问方式
lftp 172.25.254.100 ---> 匿名登录 /var/ftp

lftp 172.25.254.100 -u student ---> 用户登录 /home/student


配置文件
/etc/vsftpd/vsftpd.conf

编辑完配置文件后，都需要重启vsftp服务

ftp的安全部署
500报错：权限过大
530报错：认证失败
550报错：服务本身不允许
553报错：文件系统权限过小

---

匿名用户是否可以登录
anonymous_enable=YES | NO

匿名用户不可登录

本地用户是否可以登录
local_enable=NO

本地用户不可登录

本地用户是否可写设置
write_enable=NO

本地用户不可写

匿名用户
pub目录只对超级用户可写

匿名用户可写设置

anon_upload_enable=NO


匿名用户不可写

注 ---> 如报错，再改目录权限为775，组为ftp，即可查看上传用户
chmod 775 /var/ftp/pub
chgrp ftp /var/ftp/pub

匿名用户可下载
anon_world_readable_only=NO


匿名用户不可下载

匿名用户建立目录
anon_mkdir_write_enable=YES


匿名用户可登录

匿名用户是否可以删除和重命名
anon_other_write_enable=YES


匿名用户可删除目录

匿名用户家录修改
anon_root=/test


创建目录/test并在下面创建文件file1到6

登录匿名用户家目录下和/test目录文件一致

匿名用户上传文件默认权限修改
anon_umask=002


查看长传文件group权限为664

匿名用户使用的用户身份修改
chown_uploads=YES
chown_username=student


用户身份为tom，uid为1002

查看tom的id

最大上传速率

dd if = / dev / zero of = / mnt / testfile bs = 1M count = 1500

Note Before ---> infinite speed, speed 44M
anon_max_rate = 102400 Unit: 100k bytes


uploaded test speed of about 100k particularly limited

maximum link a number of
max_clients = 1


root of a successful login

tom second logon restrictions due to the maximum number of links, not get logged

local user's home directory modification
local_root = / test

to see / test directory file, consistent user login local home directory file

local users to upload files permission
local_umask = 077

View uploaded file group permissions to 600