- linux 挂载ftp目录:
#从ubuntu 客户机,挂载centos6的ftp目录
mkdir /home/wang/ftp
sudo apt install curlftpfs
sudo curlftpfs ftp://ftp1:123456@cent6:/ /home/wang/ftp -o rw,allow_other,uid=0,gid=0,codepage=utf8
#sudo umount /home/wang/ftp
[wang@controller:~]$ ls ftp/
a.html derby.log jars look others pwd.txt sh windows-packs
# 设置开机挂载
cat >> /etc/fstab <<EOF
curlftpfs#ftp1:123456@cent6/ /home/wang/ftp2 fuse rw,allow_other,uid=0,gid=0,codepage=utf8,allow_other 0 0
EOF
sudo mount -a #测试是否可以正常挂载
- windows 挂载ftp目录( 我的电脑: 映射网络驱动 —> 连接到可用于存储文档和图片的网站)
1, Centos7安装配置vsftpd
1, 安装vsftpd服务
默认的匿名登陆, 用户只允许下载文件, 无写权限 (登陆后,目录为/var/ftp/)
#1, 防火墙设置
firewall-cmd --permanent --add-service=ftp
firewall-cmd --reload
sed -i /SELINUX/s/=enforcing/=disabled/ /etc/selinux/config
setenforce 0
#2, 安装并启动服务
yum -y install vsftpd #目前的版本为3.0
systemctl enable vsftpd
systemctl start vsftpd
#3,查看默认的配置:/etc/vsftpd/vsftpd.conf
anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES#
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
2, 修改配置,本地用户有写权限
- 需求和说明:
匿名用户只有下载权限
本地用户验证: 有写权限 (登陆后,根目录设置为家目录)
使用 chroot_list_enable=YES 表示启动<用户禁用列表>
报错和解决
- Vsftpd本地用户不能登陆的解决方法: (解决:修改文件 /etc/pam.d/vsftpd, 注释掉这行auth required pam_shells.so )
- 500 OOPS: run two copies of vsftpd for IPv4 and IPv6: ipv4, ipv6不能同时监听(解决:listen=NO,listen_ipv6=YES)
- 500 OOPS: refusing to run with writable root inside chroot() : ((解决:allow_writeable_chroot=YES)
#1, 添加测试用户
useradd ftp1 -s /sbin/nologin -d /home/mypacks/ #指定ftp登陆后的目录地址
echo ftp1pass | passwd --stdin ftp1
useradd ftp2 -s /sbin/nologin
echo ftp2pass | passwd --stdin ftp2
#2, 修改配置
mv /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak
cat >/etc/vsftpd/vsftpd.conf <<EOF
anonymous_enable=YES
local_enable=YES
chroot_local_user=YES
chroot_list_enable=NO
allow_writeable_chroot=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
#ipv4, ipv6不能同时监听
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
tcp_wrappers=YES
userlist_enable=YES
#使用启用:禁用列表
#默认/etc/vsftpd/user_list为禁用列表, 可以设置userlist_deny=NO表示此文件为启用列表
EOF
#3,重启服务
sed -i /pam_shells.so/s/^/#/ /etc/pam.d/vsftpd
systemctl restart vsftpd
ftp命令行, 验证登陆
yum -y install ftp
[root@node1 vsftpd]# ftp
ftp> open
(to) localhost
Trying ::1...
Connected to localhost (::1).
220 (vsFTPd 3.0.2)
Name (localhost:root): ftp2
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> mput vsftpd.conf
mput vsftpd.conf? y
229 Entering Extended Passive Mode (|||16617|).
150 Ok to send data.
226 Transfer complete.
483 bytes sent in 4.5e-05 secs (10733.33 Kbytes/sec)
ftp> ls
229 Entering Extended Passive Mode (|||57168|).
150 Here comes the directory listing.
-rw-r--r-- 1 0 0 8 Oct 31 06:36 a.txt
-rw-r--r-- 1 1001 1001 483 Oct 31 06:38 vsftpd.conf
226 Directory send OK.
ftp> dir
229 Entering Extended Passive Mode (|||54472|).
150 Here comes the directory listing.
-rw-r--r-- 1 0 0 8 Oct 31 06:36 a.txt
-rw-r--r-- 1 1001 1001 483 Oct 31 06:38 vsftpd.conf
226 Directory send OK.
ftp> pwd
257 "/"
ftp> cd /bin
550 Failed to change directory.
ftp> delete a.txt
250 Delete operation successful.
2, Centos6安装配置vsftpd
#1, 添加测试用户
useradd ftp1 -s /sbin/nologin -d /home/mypacks #指定ftp登陆后的目录地址
echo ftp1pass | passwd --stdin ftp1
#2, 防火墙设置
cat >> /etc/sysconfig/iptables-config<<EOF
IPTABLES_MODULES="ip_conntrack_ftp"
IPTABLES_MODULES="ip_nat_ftp"
EOF
iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --sport 20 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
service iptables save; service iptables restart
sed -i /SELINUX/s/=enforcing/=disabled/ /etc/selinux/config
setenforce 0
#3, 安装并启动服务
yum -y install vsftpd ftp #目前的版本为2.2
service vsftpd start
chkconfig vsftpd on
2, 修改配置,本地用户有写权限
cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf .bak
cat > /etc/vsftpd/vsftpd.conf <<EOF
anonymous_enable=YES
local_enable=YES
chroot_local_user=YES
chroot_list_enable=NO
#allow_writeable_chroot=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
#ipv4, ipv6不能同时监听
listen=YES
listen_ipv6=NO
pam_service_name=vsftpd
tcp_wrappers=YES
userlist_enable=YES
#使用启用:禁用列表
#默认/etc/vsftpd/user_list为禁用列表, 可以设置userlist_deny=NO表示此文件为启用列表
#开启被动模式
pasv_enable=YES
pasv_min_port=30000
pasv_max_port=30099
EOF
#重启服务
sed -i /pam_shells.so/s/^/#/ /etc/pam.d/vsftpd
service vsftpd restart
#开放端口
iptables -I INPUT -p tcp --dport 30000:30099 -j ACCEPT
service iptables save
ftp命令行, 验证登陆
[ wang@controller:~]$ ftp windows
Connected to eadage.
220 (vsFTPd 2.2.2)
Name (windows:wang): ftp1
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Oct 31 07:48 iso
drwxr-xr-x 3 0 0 4096 Oct 30 02:20 jars
drwxr-xr-x 6 0 0 4096 Oct 22 06:37 linux-packs
-rw-r--r-- 1 0 0 1365 Oct 12 04:13 look
-rw-r--r-- 1 0 0 707 Oct 10 02:29 nginx.conf
drwxr-xr-x 6 0 0 4096 Sep 29 04:18 others
226 Directory send OK.
ftp> put a.html
local: a.html remote: a.html
200 PORT command successful. Consider using PASV.
150 Ok to send data.
226 Transfer complete.
577 bytes sent in 0.02 secs (34.5755 kB/s)
ftp> get look
local: look remote: look
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for look (1365 bytes).
226 Transfer complete.
1365 bytes received in 0.01 secs (205.3308 kB/s)
