方法一:vsftpd(推荐)\
方法二:gssftp\
方法三:proftpd\
方法一:vsftpd(推荐)
测试机FTP服务:
先用rpm -qa | grep vsftpd命令或者which vsftpd检查是否已经安装,找到了就说明已经安装过。
# rpm -qa | grep vsftpd
vsftpd-2.0.1-5.EL4.3
# which vsftpd
/usr/sbin/vsftpd
如果ftp没有安装,使用命令 yum -y install vsftpd 安装(使用root帐号安装)
# yum -y install vsftpd
启动服务
运行命令 /sbin/service vsftpd start 或者 /etc/init.d/vsftpd start
# /sbin/service vsftpd start
开机自启动
启动要让FTP每次开机自动启动,运行命令: /sbin/chkconfig –level 35 vsftpd on
# /sbin/chkconfig --level 35 vsftpd on
FAQ:
1.启动失败
ftp还是不行 或者 /sbin/service vsftpd start 失败了怎么办?
答:这个问题十有八九是因为21端口被占用了,导致vsftpd无法启动,找到占用服务然后停掉。往往都是另外的ftp服务,例如proftpd、xinetd等。
# netstat -anpt | grep :21
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 5026/proftpd:
# netstat -anpt | grep :21
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 2431/xinetd
停掉已有的服务,释放端口,然后再启动vsftpd。例如停掉proftpd,命令/sbin/service proftpd stop。
2.不能匿名访问怎么办?
答:修改vsftp配置,打开匿名访问开关。vim /etc/vsftpd/vsftpd.conf,找到#anonymous_enable=YES,打开注释。
# vim /etc/vsftpd/vsftpd.conf
# /sbin/service vsftpd restart
3.服务和端口启动正常,但是提示No such directory?
答:目录或文件权限不正常,修改目录或文件权限。目录要有-x可执行权限。
# wget ftp://cp01-test08.epc.baidu.com:/home/work/a.txt
--15:02:33-- ftp://cp01-test08.epc.baidu.com/home/work/a.txt
=> `a.txt'
Resolving cp01-test08.epc.baidu.com... 10.94.219.34
Connecting to cp01-test08.epc.baidu.com|10.94.219.34|:21... connected.
Logging in as anonymous ... Logged in!
==> SYST ... done. ==> PWD ... done.
==> TYPE I ... done. ==> CWD /home/work ...
No such directory `home/work'.
# ls -l
# drwxr--r-- 48 work work 4096 Dec 22 14:56 work
# chmod 755 work
# drwxr-xr-x 48 work work 4096 Dec 22 14:57 work
方法二:gssftp
需要设置Ftp和Telnet服务文件,才能启动Ftp和Telnet服务 (需要root权限)
vi /etc/xinetd.d/gssftp,server_args 干掉-a ,disable设置为no /*配置开启telnet服务*/
vi /etc/xinetd.d/krb5-telnet ,disable 设置为no /*配置开启telnet服务*/
cd /etc/rc.d/init.d/ && /sbin/service xinetd restart /*xinetd是超级守护进程 telnet /ftp 是挂在 xinetd 底下的 重启一下就就可以读取新的配置开启ftp服务*/
方法三:proftpd
测试服务
确认ftp服务使用的是proftpd,或准备使用proftpd。
是否正在使用proftpd
# netstat -anpt | grep :21
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 28828/proftpd: (acc
安装过proftpd
# which proftpd
/usr/sbin/proftpd
检查配置文件/etc/proftpd.conf,这里常常目录权限被注释掉,导致虽有ftp服务但是访问ftp无权限。附件提供了一份正常的proftpd.conf,供参考对比。
重启服务
# /sbin/service proftpd restart
Shutting down proftpd: [ OK ]
Starting proftpd: [ OK ]
参考配置
ServerName "ProFTPD"
ServerType standalone
DefaultServer on
timesGMT off
# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
IdentLookups off
UseReverseDNS off
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# Normally, we want files to be overwriteable.
<Directory /*>
AllowOverwrite on
</Directory>
# A basic anonymous configuration, no upload directories.
<Anonymous ~ftp>
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Limit the maximum number of anonymous logins
MaxClients 30
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>
<Directory /etc>
<Limit ALL>
DenyAll
</Limit>
</Directory>
<Directory /lib64>
<Limit ALL>
DenyAll
</Limit>
</Directory>
<Directory /lib>
<Limit ALL>
DenyAll
</Limit>
</Directory>
<Directory /bin>
<Limit ALL>
DenyAll
</Limit>
</Directory>
<Directory /sbin>
<Limit ALL>
DenyAll
</Limit>
</Directory>
<Directory /usr>
<Limit ALL>
DenyAll
</Limit>
</Directory>
<Directory /var>
<Limit ALL>
DenyAll
</Limit>
</Directory>
<Directory /home/*>
<Limit LIST NLST>
AllowAll
</Limit>
</Directory>
<Directory />
<Limit LIST NLST>
DenyAll
</Limit>
</Directory>
<Directory /opt>
<Limit LIST NLST>
DenyAll
</Limit>
</Directory>
<Directory /flash/>
<Limit LIST NLST>
AllowAll
</Limit>
</Directory>
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
注:【定制高级篇】若想设置更细粒度目录控制权限,请参考官网进行配置,官网limit说明http://www.proftpd.org/docs/howto/Limit.html。