CentOS6.4搭建配置基本ftp服务器
的有关信息介绍如下:
CentOS6.4下安装配置最简化的ftp服务
安装并启动ftp服务
如果开启服务失败,查看selinux状态并关闭防火墙,或者临时关闭selinux(终端输入setenforce 0)
设置开机自启动并更改ftp共享文件夹权限(chmod命令)
进行简单的配置,允许所有人登录,配置文件位置在/etc/vsftpd/vsftpd.conf
,在配置文件中将anon_mkdir_write_enable=
anonymous_enable=
local_enable=
write_enable=
全部找到,改成=yes
最好讲IP配置成静态IP,如下图;配置完成后重启服务:
根据个人需要可以设置不允许root登录或者是ftp用户无法登录系统
重启服务后(service vsftpd restart)就可以使用ftp服务登录了
配置文件含义:
anonymous_enable=YES
local_enable=YES
#允许本地用户访问(/etc/passwd中的用户)
write_enable=YES
#可以上传(全局控制),删除,重命名
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022 #本地用户上传权限的umask
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
anon_upload_enable=YES
#控制匿名用户对文件(非目录)上传权限
anon_mkdir_write_enable=YES
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES #是否显示目录说明文件, 默认是YES 但需要手工创建.message文件,这个.message,只有用命令登陆或者用工具,才可以看见,他不是一个弹出对话框,而是一段字符,如在pub下建立一个.message,那么在客户端进入pub目录时就会显示.message文档中的内容
#
# The target log file can be vsftpd_log_file or xferlog_file.
# This depends on setting xferlog_std_format parameter
xferlog_enable=YES
#记录使用者所有上传下载信息
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES #确保ftp-datad 数据传送使用port 20(20号端口)
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
#所有匿名上传的文件的所有者会变成chown_username
#chown_username=whoever
#匿名上传文件所属用户名
#
# The name of log file when xferlog_enable=YES and xferlog_std_format=YES
# WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log
xferlog_file=/var/log/xferlog
#将上传下载信息记录到/var/log/vsftpd.log中
#
# Switches between logging into vsftpd_log_file and xferlog_file files.
# NO writes to vsftpd_log_file, YES to xferlog_file
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
idle_session_timeout=600
#如果使用者600秒没有动作,则强制离线,也就是指令超时时间
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#如果 client与 Server 间的数据传送在 120 秒内都无法传送
#成功,那 Client的联机就会被我们的 vsftpd 强制剔除
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
ftpd_banner=Welcome to blah FTP service.
#ftp的欢迎信息
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_list_enable=YES
#如果启动这项功能,则所有列在chroot_list_file之中的使用者不能更改根目录
# (default follows)
chroot_list_file=/etc/vsftpd/chroot_list
#与上条同时使用,设置要禁固宿主目录
#的用户的配置文件为/etc/vsftpd/chroot_list 建立文本文件/etc/vsftpd/chroot_list,
#写入要禁固宿主目录的用户,一行一个。当chroot_list_enable=YES时,则禁固chroot_list文件里面的用户的
#宿主目录,而为NO时chroot_list文件里面的用户不禁固宿主目录
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
#使用standalone启动vsftpd,而不是super daemon(xinetd)控制它
#
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd whith two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
pam_service_name=vsftpd
#PAM所使用的名称.同userlist_*一样限制用户登陆,不同的是userlist_*在进行密码验证之前拒绝用
#户登陆,pam是在密码验证之后拒绝登陆.(提示密码错误) 用户列表默认存放在/etc/ftpusers中,一行
#一个. (可通过/etc/pam.d/vsftpd重定向用户列表存放文件)
userlist_enable=YES
#限制了这里的用户不能访问
tcp_wrappers=YES
#支持tcp_wrappers,限制访问(/etc/hosts.allow,/etc/hosts.deny)
#anon_world_readable_only=YES
#允许匿名用户浏览,下载文件,默认没有这一项,只有在虚拟用户的配置文件里才有用
anon_other_write_enable=YES
#允许匿名用户具有建立目录,上传之外的权限,如重命名,删除
#banner_file=/etc/vsftpd/banner_file.txt
#ftp的欢迎信息
#欢迎信息存放在banner_file.txt文件中,如果添加中文欢迎信息,就需要在xp中将此文件编辑
#好后上传到/etc/vsftpd 目录中。如果ftpd_banner和banner_file同时设置,那么banner_file将覆盖ftpd_banner的设置。
#Listen_address=10.1.6.0 #默认没有这一项,禁止10.1.6.0段访问此FTP
#listen_port=21
#ftp监听端口
#userlist_enable=YES
#/etc/vsftpd/user__list文件中的用户将不能访问vsftpd服务器
#userlist_deny=YES
#与下面这条参数:userlist_file=/etc/vsftpd/localuser_list 结合使用
#userlist_file=/etc/vsftpd/localuser_list
#来改变存放可以登录或禁止登录的账号
max_clients=100 #最大用户在线数量
max_per_ip=2
#每ip最大线程
anon_max_rate=30000
#匿名用户最大传输速度 单位: bytes/秒
local_max_rate=50000
#本地用户最大传输速度 单位:bytes/秒
#user_config_dir=/etc/userconf
#个别用户配置目录(用来设定特殊帐号)
#在/etc/userconf/下创建文本文件blue(与用户名相同),加入local_max_rate=100000
anon_root=/var/ftp/pub/
#设定匿名用户登陆后所在的目录
#local_root=/var/local_user
#设定所有本地用户登陆后的目录
use_localtime=YES
#使用本地时间而不是GMT
![[海淘攻略]Drugstore海淘攻略](/upload/jingyan/2024/1028/e5908bf5.jpg)
