银河麒麟 FTP环境安装

原创

已于 2024-08-13 16:53:10 修改 · 2.1k 阅读

24 ·

CC 4.0 BY-SA版权

文章标签：

#linux #运维 #服务器

于 2024-08-13 16:43:15 首次发布

安装vsftpd

yum -y install vsftpd

修改vsftpd配置文件

vim /etc/vsftpd/vsftpd.conf

修改下列项

anonymous_enable=NO   限制匿名用户访问
local_enable=YES   启用本地系统用户访问； NO        ##本地用户登陆限制
write_enable=YES   本地系统用户写入权限； NO        ##本地用户写权限限制

设定支持ASCII模式的上传和下载功能。
ascii_upload_enable=YES
ascii_download_enable=YES

pam_service_name=vsftpd       登录FTP服务器，依据/etc/pam.d/vsftpd中内容进行认证；
userlist_enable=YES                  Vsftpd.user_list和ftpusers配置文件里用户禁止访问FTP；
#tcp_wrappers=YES                    设置vsftpd与tcp wrapper结合进行主机的访问控制，Vsftpd服务器检

用户白名单建立
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list   默认所有人都不可以登陆，出现在名单中的可以登陆。没有这个文件可以建立

local_root=/data/ftp/  默认路径

listen_port=21  端口

最终配置

# Example config file /etc/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
# When SELinux is enforcing check for SE bool ftp_home_dir
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a