vsftpd ftp服务器搭建

vsftpd源码包下载地址点击here,安装包下载地址点击here。本文通过源码包安装vsftpd服务
首先下载vsftpd.tar.gz源码包，解压并进入解压目录。查看INSTALL并按照上面的步骤进行安装

1.第一步

Step 1) Build vsftpd.

Switch to the directory created when you unpacked the vsftpd .tar.gz file.
e.g.:

cd vsftpd-1.1.2

edit "builddefs.h" to handle compile-time settings (tcp_wrappers build,
etc).

Just type "make" (and mail me to fix it if it doesn't build ;-).
This should produce you a vsftpd binary. You can test for this, e.g.:

[chris@localhost vsftpd]$ ls -l vsftpd
-rwxrwxr-x    1 chris    chris       61748 Sep 27 00:26 vsftpd

编辑builddefs.h，把需要的功能前面的undef 改成define

#ifndef VSF_BUILDDEFS_H
#define VSF_BUILDDEFS_H

#undef VSF_BUILD_TCPWRAPPERS
#define VSF_BUILD_PAM
#undef VSF_BUILD_SSL

#endif /* VSF_BUILDDEFS_H */

ftp验证是通过pam方式来验证的，这是一种虚拟用户登录ftp的验证方式。这是vsftpd的一个安全的手段，通过pam方式，本地用户是没有办法登录到ftp上（但匿名ftp是能登录），这在事实上增强了系统的安全。

执行make报错

sysdeputil.o: In function `vsf_sysdep_check_auth':
sysdeputil.c:(.text+0x106): undefined reference to `crypt'
sysdeputil.c:(.text+0x12d): undefined reference to `crypt'
collect2: error: ld returned 1 exit status
make: *** [vsftpd] Error 1

解决方法原文地址

打开Makefile
vim Makefile
LIBS    =       `./vsf_findlibs.sh`
末尾增加 -lcrypt 变成
LIBS    =       `./vsf_findlibs.sh` -lcrypt

再次make 通过ls -l vsftpd查看是否成功

root@ubuntu:/usr/vsftpd/vsftpd-2.3.2# ls -l vsftpd
-rwxr-xr-x 1 root root 124168 Nov  1 18:54 vsftpd
root@ubuntu:/usr/vsftpd/vsftpd-2.3.2#

成功
2.第二步

Step 2) Satisfy vsftpd pre-requisites
2a) vsftpd needs the user "nobody" in the default configuration. Add this
user in case it does not already exist. e.g.:

[root@localhost root]# useradd nobody
useradd: user nobody exists

2b) vsftpd needs the (empty) directory /usr/share/empty in the default
configuration. Add this directory in case it does not already exist. e.g.:

[root@localhost root]# mkdir /usr/share/empty/
mkdir: cannot create directory `/usr/share/empty': File exists

2c) For anonymous FTP, you will need the user "ftp" to exist, and have a
valid home directory (which is NOT owned or writable by the user "ftp").
The following commands could be used to set up the user "ftp" if you do not
have one:

[root@localhost root]# mkdir /var/ftp/
[root@localhost root]# useradd -d /var/ftp ftp

(the next two are useful to run even if the user "ftp" already exists).
[root@localhost root]# chown root.root /var/ftp
[root@localhost root]# chmod og-w /var/ftp

新建一个nobody 用户新建一个文件夹mkdir /usr/share/empty/。2c这步表示匿名登录还有需要一个ftp用户 一个空的/var/ftp文件夹

root@ubuntu:/usr/vsftpd/vsftpd-2.3.2# useradd nobody
useradd: user 'nobody' already exists
root@ubuntu:/usr/vsftpd/vsftpd-2.3.2# mkdir /usr/share/empty/
root@ubuntu:/usr/vsftpd/vsftpd-2.3.2# mkdir /var/ftp/
root@ubuntu:/usr/vsftpd/vsftpd-2.3.2# useradd -d /var/ftp ftp
root@ubuntu:/usr/vsftpd/vsftpd-2.3.2#

第三步

Step 3) Install vsftpd config file, executable, man page, etc.

Running "make install" will try to copy the binary, man pages, etc. to
somewhere sensible.
Or you might want to copy these things by hand, e.g.:
cp vsftpd /usr/local/sbin/vsftpd
cp vsftpd.conf.5 /usr/local/man/man5
cp vsftpd.8 /usr/local/man/man8

"make install" doesn't copy the sample config file. It is recommended you
do this:
cp vsftpd.conf /etc

执行make install

root@ubuntu:/usr/vsftpd/vsftpd-2.3.2# make install
if [ -x /usr/local/sbin ]; then \
                install -m 755 vsftpd /usr/local/sbin/vsftpd; \
        else \
                install -m 755 vsftpd /usr/sbin/vsftpd; fi
'if [ -x /usr/local/man ]; then \
                install -m 644 vsftpd.8 /usr/local/man/man8/vsftpd.8; \
                install -m 644 vsftpd.conf.5 /usr/local/man/man5/vsftpd.conf.5; \
        elif [ -x /usr/share/man ]; then \
                install -m 644 vsftpd.8 /usr/share/man/man8/vsftpd.8; \
                install -m 644 vsftpd.conf.5 /usr/share/man/man5/vsftpd.conf.5; \
        else \
                install -m 644 vsftpd.8 /usr/man/man8/vsftpd.8; \
                install -m 644 vsftpd.conf.5 /usr/man/man5/vsftpd.conf.5; fi
if [ -x /etc/xinetd.d ]; then \
                install -m 644 xinetd.d/vsftpd /etc/xinetd.d/vsftpd; fi
root@ubuntu:/usr/vsftpd/vsftpd-2.3.2# 

注意：”make install” doesn’t copy the sample config file. It is recommended you
do this:
cp vsftpd.conf /etc
需要把配置文件拷贝到/etc目录下

root@ubuntu:/usr/vsftpd/vsftpd-2.3.2# cp vsftpd.conf /etc
root@ubuntu:/usr/vsftpd/vsftpd-2.3.2#

第四步

Step 4) Smoke test (without an inetd).

vsftpd can run standalone or via an inetd (such as inetd or xinetd). You will
typically get more control running vsftpd from an inetd. But first we will run
it without, so we can check things are going well so far.
Edit /etc/vsftpd.conf, and add this line at the bottom:

listen=YES

This tells vsftpd it will NOT be running from inetd.
Right, now let's try and run it!
Log in as root.
Make sure you are not running other FTP servers (or vsftpd will not be able
to use the FTP port, 21).
Run the binary from wherever you put it, e.g.:

[root@localhost root]# /usr/local/sbin/vsftpd &
[1] 2104

If all is well, you can now connect! e.g.:

[chris@localhost chris]$ ftp localhost
Connected to localhost (127.0.0.1).
220 (vsFTPd 1.1.1)
Name (localhost:chris): ftp
331 Please specify the password.
Password:
230 Login successful. Have fun.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (127,0,0,1,229,133)
150 Here comes the directory listing.
d--x--x--x    2 0        0            4096 Jan 14  2002 bin
d--x--x--x    2 0        0            4096 Apr 21 20:52 etc
drwxr-xr-x    2 0        0            4096 Apr 21 20:52 lib
drwxr-sr-x    2 0        50           4096 Jul 26 22:58 pub
226 Directory send OK.
ftp>

照着上面的步骤实验一下

root@ubuntu:/etc#  /usr/local/sbin/vsftpd &
[1] 5023
root@ubuntu:/etc#

root@ubuntu:/etc# ftp localhost
Connected to localhost.
220 (vsFTPd 2.3.2)
Name (localhost:root): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
226 Directory send OK.
ftp> bye
221 Goodbye.
root@ubuntu:/etc#

执行/usr/local/sbin/vsftpd &表示开启vsftpd服务并且将控制台交还

第五步

Step 5) Run from an inetd of some kind (optional - standalone mode is now
recommended)

You may want to run the binary from an inetd of some kind, because this can
give you extra features - e.g. xinetd has a lot of settings. (Note that
vsftpd's inbuilt listener covers most of the more useful xinetd settings).

5a) If using standard "inetd", you will need to edit /etc/inetd.conf, and add
a line such as:

ftp stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/vsftpd

(Make sure to remove or comment out any existing ftp service lines. If you
don't have tcp_wrappers installed, or don't want to use them, take out the
/usr/sbin/tcpd part).

inetd will need to be told to reload its config file:
kill -SIGHUP `pidof inetd`

5b) If using "xinetd", you can follow a provided example, by looking at the
file EXAMPLE/INTERNET_SITE/README. Various other examples show how to leverage
the more powerful xinetd features.

第六步

Step 6) Set up PAM for local logins (optional)

If you are running vsftpd on a PAM enabled machine, you will need to have a
/etc/pam.d/ftp file present, otherwise non-anonymous logins will fail. [NOTE -
if you have an older version of PAM, that file might be /etc/pam.conf]

For a standard setup, you can just copy a provided example file:
cp RedHat/vsftpd.pam /etc/pam.d/ftp

将RedHat目录中的vsftpd.pam复制为/etc/pam.d/ftp 否则非匿名用户登陆将失败e

root@ubuntu:/usr/vsftpd/vsftpd-2.3.2/RedHat# cp vsftpd.pam /etc/pam.d/ftp
root@ubuntu:/usr/vsftpd/vsftpd-2.3.2/RedHat#

关闭匿名登陆功能：修改/etc/vsftpd.conf

root@ubuntu:/home# vi /etc/vsftpd.conf

anonymous_enable=NO
# 禁止匿名用户登陆
# Uncomment this to allow local users to log in.
local_enable=YES
 # 允许本地用户登陆
# Uncomment this to enable any form of FTP write command.
write_enable=YES
 # 可以进行写操作
# Default umask for local users is 077. You may wish to change this to 022,
#if your users expect that (022 is used by most other ftpd's)
local_umask=022
# 上传文件的权限 默认没有读的权限
# It is recommended that you define on your system a unique user which the

更多配置参考
vsftpd.conf配置
Ubuntu防火墙配置
java代码测试
先更改 上传路径的执行权限，否则 非root用户无法上传文件（没有写的权限）

root@ubuntu:/usr/local/myImage# chmod 777 -R /usr/local/myImage/image/
root@ubuntu:/usr/local/myImage#

java代码

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;

import org.apache.commons.net.ftp.FTP;
import org.apache.commons.net.ftp.FTPClient;
import org.junit.Test;

public class TestFtp {
    @Test
    public void testFtp() {
        // 创建FTPClient对象
        FTPClient ftpClient = new FTPClient();
        // C创建连接
        // 上传文件
                // 第一个参数 ：服务器端的文件名称 第二个参数：文件上传io流
        try {
            ftpClient.connect("192.168.10.229", 21);
            // 登陆ftp服务器---用户名 和 密码
            ftpClient.login("wl", "mima");
            // 更改上传到服务器的路径----这里为我的nginx静态文件服务器的存储路径
            // 注意 更改该目录的执行权限 chmod 777 -R /usr/local/myImage/image
            ftpClient.changeWorkingDirectory("/usr/local/myImage/image");

            // 设置缓冲大小
            ftpClient.setBufferSize(1024);
            // 设置编码集
            ftpClient.setControlEncoding("UTF-8");
            // 上传文件格式 二进制
            ftpClient.setFileType(FTP.BINARY_FILE_TYPE);
            // 在工程根目录下放一张图片
            File file = new File("12.jpg");
            ftpClient.storeFile("file.getName()", new FileInputStream(file));
        } catch (IOException e) {
            e.printStackTrace();
        }finally{
            try {
                ftpClient.abort();
            } catch (IOException e) {
            e.printStackTrace();
        }
    }
    }

}

通过我的nginx静态资源服务器访问该图片。nginx静态资源服务器的配置可以参考我的另一篇博客 《nginx静态资源服务器配置》

成功
注意： 如果/etc/vsftpd.conf配置文件中的local_umask=为默认值，不为022时是没有读的权限的。nginx会返回403 forbidden。