centos7 ftp服务的使用开发工具weixin43557605的博客-

1. 匿名用户的ftp服务

确认已经安装vsftpd

[root@localhost ~]# rpm -qa | grep vsftpd [root@localhost ~]# yum -y install vsftpd Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package vsftpd.x86_64 0:3.0.2-25.el7 will be installed --> Finished Dependency Resolution  Dependencies Resolved  ======================================================================================  Package           Arch              Version                    Repository       Size ====================================================================================== Installing:  vsftpd            x86_64            3.0.2-25.el7               vase            171 k  Transaction Summary ====================================================================================== Install  1 Package  Total download size: 171 k Installed size: 353 k Downloading packages: Running transaction check Running transaction test Transaction test succeeded Running transaction   Installing : vsftpd-3.0.2-25.el7.x86_64                                         1/1    Verifying  : vsftpd-3.0.2-25.el7.x86_64                                         1/1   Installed:   vsftpd.x86_64 0:3.0.2-25.el7                                                          Complete! 

修改配置

[root@localhost ~]# vim /etc/vsftpd/vsftpd.conf   12 anonymous_enable=YES #是否允许匿名用户访问ftp  29 anon_upload_enable=YES #取消注释 表示匿名用户可以上传文件  33 anon_mkdir_write_enable=YES#取消注释  表示匿名用户可以创建目录 

创建目录 用户验证（匿名用户在ftp服务的根目录是/var/ftp/ 也就是说 匿名用户登陆ftp服务之后 如果执行cd / 那么它其实是切换到了ftp服务器的/var/ftp目录）

[root@localhost ~]# mkdir /var/ftp/one [root@localhost ~]# touch /var/ftp/one/a.txt 

启动服务

[root@localhost ~]# systemctl start vsftpd 

处理防火墙和selinux

[root@localhost ~]# firewall-cmd --permanent --add-service=ftp success [root@localhost ~]# firewall-cmd --reload success [root@localhost ~]# setenforce 0 

客户端验证

[root@localhost ~]# rpm -qa | grep ftp [root@localhost ~]# yum -y install ftp [root@localhost ~]# ftp 192.168.20.132 Connected to 192.168.20.132 (192.168.20.132). 220 (vsFTPd 3.0.2) Name (192.168.20.132:root): ftp #匿名用户登陆 此处写ftp 331 Please specify the password. Password:  #不输入密码  直接回车 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (192,168,20,132,254,180). 150 Here comes the directory listing. drwxr-xr-x    2 0        0              19 May 07 07:51 one drwxr-xr-x    2 0        0               6 Oct 30  2018 pub 226 Directory send OK. ftp> ls /  #此处可以验证前边的说法 匿名用户的根目录就是/var/ftp 227 Entering Passive Mode (192,168,20,132,238,71). 150 Here comes the directory listing. drwxr-xr-x    2 0        0              19 May 07 07:51 one drwxr-xr-x    2 0        0               6 Oct 30  2018 pub 226 Directory send OK. 

 验证匿名用户是否有创建目录的权限 ftp> mkdir /one/two 550 Create directory operation failed. #创建目录失败 

解决办法如下

原因： 服务器端/var/ftp目录的属主不是ftp用户 需要改过来

[root@localhost ~]# ll /var/ total 8 drwxr-xr-x.  2 root root    6 Apr 11  2018 adm drwxr-xr-x.  5 root root   44 Mar 14 15:49 cache drwxr-xr-x.  2 root root    6 Aug  8  2019 crash drwxr-xr-x.  3 root root   34 Mar 14 15:49 db drwxr-xr-x.  3 root root   18 Mar 14 15:48 empty drwxr-xr-x   4 root root   28 May  7 15:51 ftp [root@localhost ~]# chown -R ftp /var/ftp/one 

改完属主 再次测试

[root@localhost ~]# ftp 192.168.20.132 Connected to 192.168.20.132 (192.168.20.132). 220 (vsFTPd 3.0.2) Name (192.168.20.132:root): ftp 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> mkdir /one/two 257 "/one/two" created ftp> ls one 227 Entering Passive Mode (192,168,20,132,152,32). 150 Here comes the directory listing. -rw-r--r--    1 14       0               0 May 07 07:51 a.txt drwx------    2 14       50              6 May 07 08:12 two 226 Directory send OK. 

2. 基于本地用户验证的ftp服务

修改配置

[root@localhost ~]# vim /etc/vsftpd/vsftpd.conf   16 local_enable=YES #运行本地用户登陆ftp服务  101 chroot_local_user=YES# 取消注释 表示将本地用户限制在根目录(本地用户在ftp服务中的根目录是本地 用户的家目录 如果不进行限制 本地用户登陆ftp服务之后 可以在服务器的任何一个目录 随意游走 不安全)  102 allow_writeable_chroot=YES #新添加的 表示 将用户限制在根目录后 允许其有可写的权限  

服务端添加本地用户 用于验证

[root@localhost ~]# useradd usera [root@localhost ~]# passwd usera Changing password for user usera. New password:  BAD PASSWORD: The password is shorter than 8 characters Retype new password:  passwd: all authentication tokens updated successfully. 

在用户家目录创建文件 用户后续验证

[root@localhost ~]# touch /home/usera/a.txt [root@localhost ~]# mkdir /home/usera/one 

重启服务

[root@localhost ~]# systemctl restart vsftpd 

在客户端验证本地用户的ftp

[root@localhost ~]# ftp 192.168.20.132 Connected to 192.168.20.132 (192.168.20.132). 220 (vsFTPd 3.0.2) Name (192.168.20.132:root): usera #此处写刚才添加的普通用户usera 331 Please specify the password. Password: #此处写usera的密码 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls #查看ftp根目录下的文件有哪些 227 Entering Passive Mode (192,168,20,132,46,190). 150 Here comes the directory listing. -rw-r--r--    1 0        0               0 May 07 08:27 a.txt drwxr-xr-x    2 0        0               6 May 07 08:27 one 226 Directory send OK. ftp> mkdir two #创建目录 257 "/two" created 

本地用户的ftp服务 验证完成