部署匿名vsftpd服务器
1.设置静态的ip、关闭防火墙,禁用selinux,设置主机名。
1)配置ip地址
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 HWADDR=00:0C:29:6A:41:A2 TYPE=Ethernet ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=static IPADDR=192.168.200.202 NETMASK=255.255.255.0 GATEWAY=192.168.200.254 DNS1=192.168.200.254 DNS2=202.106.0.20
2)关闭iptables和selinux
/etc/init.d/network restart
/etc/init.d/iptables stop
chkconfig iptables off
chkconfig network on
vi /etc/selinux/config
SELINUX=disabled
:wq
[root@leslie ~]# vi /etc/sysconfig/selinux [root@leslie ~]# cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted [root@leslie ~]# /etc/init.d/iptables stop [root@leslie ~]# chkconfig iptables off
3)设置主机名 (重启后生效)
[root@leslie ~]# vi /etc/sysconfig/network [root@leslie ~]# reboot
4)验证:
iptables -L
getenforce
hostname
ip a
ip r
[root@leslie ~]# [root@leslie ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@leslie ~]# getenforce Disabled [root@leslie ~]# hostname leslie [root@leslie ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:6a:41:a2 brd ff:ff:ff:ff:ff:ff inet 192.168.200.202/24 brd 192.168.200.255 scope global eth0 inet6 fe80::20c:29ff:fe6a:41a2/64 scope link valid_lft forever preferred_lft forever [root@leslie ~]# ip r 192.168.200.0/24 dev eth0 proto kernel scope link src 192.168.200.202 169.254.0.0/16 dev eth0 scope link metric 1002 default via 192.168.200.254 dev eth0
2.安装软件,并且了解安装的所有的文件。
1)配置yum:
rm -rf /etc/yum.repos.d/*
vi /etc/yum.repos.d/centos.repo
[local]
name=local
baseurl=file:///mnt/
enabled=1
gpgcheck=0
:wq
[root@leslie ~]# cat /etc/yum.repos.d/centos.repo [local] named=local baseurl=ftp://192.168.200.254/centos6 enabled=1 gpgcheck=0 [root@leslie ~]#
##这里192.168.200.254是另一台服务器,通过ftp提供yum源
2)安装和查看安装的文件:
yum -y install vsftpd &>/dev/null ##安装,并将输出信息导入到垃圾桶,就是不看安装过程
rpm -qa |grep vsftpd ##查看vsftpd是否安装,是由哪个软件包安装
rpm -qc vsftpd ##查看ftp的配置文件位置
rpm -qd vsftpd ##查看ftp的帮助文档位置
rpm -ql vsftpd ##查看ftp的所有文件位置
[root@leslie ~]# yum -y install vsftpd &>/dev/null [root@leslie ~]# rpm -qa |grep vsftpd vsftpd-2.2.2-11.el6_4.1.x86_64 [root@leslie ~]# rpm -qc vsftpd /etc/logrotate.d/vsftpd /etc/pam.d/vsftpd /etc/vsftpd/ftpusers /etc/vsftpd/user_list /etc/vsftpd/vsftpd.conf [root@leslie ~]# rpm -qd vsftpd /usr/share/doc/vsftpd-2.2.2/AUDIT /usr/share/doc/vsftpd-2.2.2/BENCHMARKS /usr/share/doc/vsftpd-2.2.2/BUGS /usr/share/doc/vsftpd-2.2.2/COPYING /usr/share/doc/vsftpd-2.2.2/Changelog /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE/README /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE/README.configuration /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE/vsftpd.conf /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE/vsftpd.xinetd /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE_NOINETD/README /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE_NOINETD/README.configuration /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE_NOINETD/vsftpd.conf /usr/share/doc/vsftpd-2.2.2/EXAMPLE/PER_IP_CONFIG/README /usr/share/doc/vsftpd-2.2.2/EXAMPLE/PER_IP_CONFIG/README.configuration /usr/share/doc/vsftpd-2.2.2/EXAMPLE/PER_IP_CONFIG/hosts.allow /usr/share/doc/vsftpd-2.2.2/EXAMPLE/README /usr/share/doc/vsftpd-2.2.2/EXAMPLE/VIRTUAL_HOSTS/README /usr/share/doc/vsftpd-2.2.2/EXAMPLE/VIRTUAL_USERS/README /usr/share/doc/vsftpd-2.2.2/EXAMPLE/VIRTUAL_USERS/README.configuration /usr/share/doc/vsftpd-2.2.2/EXAMPLE/VIRTUAL_USERS/logins.txt /usr/share/doc/vsftpd-2.2.2/EXAMPLE/VIRTUAL_USERS/vsftpd.conf /usr/share/doc/vsftpd-2.2.2/EXAMPLE/VIRTUAL_USERS/vsftpd.pam /usr/share/doc/vsftpd-2.2.2/EXAMPLE/VIRTUAL_USERS_2/README 。。。。。。省略 [root@leslie ~]# rpm -ql vsftpd /etc/logrotate.d/vsftpd /etc/pam.d/vsftpd /etc/rc.d/init.d/vsftpd /etc/vsftpd /etc/vsftpd/ftpusers /etc/vsftpd/user_list /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd_conf_migrate.sh /usr/sbin/vsftpd /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE/README /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE/README.configuration /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE/vsftpd.conf /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE/vsftpd.xinetd /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE_NOINETD /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE_NOINETD/README /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE_NOINETD/README.configuration /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE_NOINETD/vsftpd.conf /usr/share/doc/vsftpd-2.2.2/EXAMPLE/PER_IP_CONFIG /usr/share/doc/vsftpd-2.2.2/EXAMPLE/PER_IP_CONFIG/README /usr/share/doc/vsftpd-2.2.2/EXAMPLE/PER_IP_CONFIG/README.configuration /usr/share/doc/vsftpd-2.2.2/SIZE /usr/share/doc/vsftpd-2.2.2/SPEED /usr/share/doc/vsftpd-2.2.2/TODO /usr/share/doc/vsftpd-2.2.2/TUNING /usr/share/doc/vsftpd-2.2.2/vsftpd.xinetd /usr/share/man/man5/vsftpd.conf.5.gz /usr/share/man/man8/vsftpd.8.gz /var/ftp /var/ftp/pub 。。。。。。省略
3.根据需求,修改配置文件定制功能。
cd /etc/vsftpd/
cp vsftpd.conf vsftpd.conf.bak ##备份配置文件,方便恢复
/bin/cp -rf /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE_NOINETD/vsftpd.conf /etc/vsftpd.conf ##这一步是拷贝匿名配置文件的模板,复制可以直接使用。
[root@leslie ~]# cp /etc/vsftpd/vsftpd.conf{,.bak}
[root@leslie ~]# ls /etc/vsftpd/vsftpd
vsftpd.conf vsftpd.conf.bak vsftpd_conf_migrate.sh
[root@leslie ~]# cp /usr/share/doc/vsftpd-2.2.2/EXAMPLE/INTERNET_SITE_NOINETD/vsftpd.conf /etc/vsftpd/
cp:是否覆盖"/etc/vsftpd/vsftpd.conf"? y
cat /etc/vsftpd/vsftpd.conf
[root@leslie ~]# cat /etc/vsftpd/vsftpd.conf
# Standalone mode
listen=YES
max_clients=200
max_per_ip=4
# Access rights
anonymous_enable=YES
local_enable=NO
write_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
# Security
anon_world_readable_only=YES
connect_from_port_20=YES
hide_ids=YES
pasv_min_port=50000
pasv_max_port=60000
# Features
xferlog_enable=YES
ls_recurse_enable=NO
ascii_download_enable=NO
async_abor_enable=YES
# Performance
one_process_model=YES
idle_session_timeout=120
data_connection_timeout=300
accept_timeout=60
connect_timeout=60
anon_max_rate=50000
4.启动服务、测试。
/etc/init.d/vsftpd start
chkconfig vsftpd on
[root@leslie ~]# /etc/init.d/vsftpd start 为 vsftpd 启动 vsftpd: [确定] [root@leslie ~]# chkconfig vsftpd on
往ftp里面写入测试文件
[root@leslie ~]# [root@leslie ~]# cd /var/ftp/pub/ [root@leslie pub]# touch 测试文件 [root@leslie pub]# ls 测试文件
客户端访问测试:
yum -y install lftp ftp
lftp 192.168.200.202-->get 测试文件--bye
[root@leslie ~]# yum -y intall lftp ftp&>>/dev/null [root@leslie ~]# lftp 192.168.200.202 lftp 192.168.200.202:~> ls drwxr-xr-x 4 ftp ftp 4096 Aug 11 19:18 pub lftp 192.168.200.202:/> cd pub lftp 192.168.200.202:/pub> ls drwxr-xr-x 2 ftp ftp 4096 Aug 11 19:18 测试文件 在另一台服务器上访问: [root@leslie ~]# [root@leslie ~]# lftp 192.168.200.202 lftp 192.168.200.202:~> cd pub/ lftp 192.168.200.202:/pub> ls -rw-r--r-- 1 ftp ftp 0 Aug 11 19:37 测试文件 lftp 192.168.200.202:/pub> get 测试文件 lftp 192.168.200.202:/pub> bye [root@leslie ~]# ls anaconda-ks.cfg install.log install.log.syslog 测试文件
在windows上访问测试:
win+r 打开资源管理器 &或者是浏览器
输入url : ftp://192.168.200.202
由于是公共匿名的ftp,考虑到安全。所以匿名用户只可以下载 不可更改、上传、删除等操作
转载于:https://blog.51cto.com/lesliecheung/1955571
扫一扫
1005
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
