月份:2017年3月

linux上几种好用ftp软件设置

方法一:vsftpd(推荐)\
方法二:gssftp\
方法三:proftpd\

方法一:vsftpd(推荐)

测试机FTP服务:

先用rpm -qa | grep vsftpd命令或者which vsftpd检查是否已经安装,找到了就说明已经安装过。

# rpm -qa | grep vsftpd
vsftpd-2.0.1-5.EL4.3

# which vsftpd
/usr/sbin/vsftpd

如果ftp没有安装,使用命令 yum -y install vsftpd 安装(使用root帐号安装)

# yum -y install vsftpd

启动服务

运行命令 /sbin/service vsftpd start 或者 /etc/init.d/vsftpd start

# /sbin/service vsftpd start

开机自启动

启动要让FTP每次开机自动启动,运行命令: /sbin/chkconfig –level 35 vsftpd on

# /sbin/chkconfig --level 35 vsftpd on

FAQ:

1.启动失败

ftp还是不行 或者 /sbin/service vsftpd start 失败了怎么办?
答:这个问题十有八九是因为21端口被占用了,导致vsftpd无法启动,找到占用服务然后停掉。往往都是另外的ftp服务,例如proftpd、xinetd等。

# netstat -anpt | grep :21    
tcp 0   0 0.0.0.0:21    0.0.0.0:*   LISTEN  5026/proftpd:
# netstat -anpt | grep :21 
tcp 0   0 0.0.0.0:21    0.0.0.0:*   LISTEN  2431/xinetd

停掉已有的服务,释放端口,然后再启动vsftpd。例如停掉proftpd,命令/sbin/service proftpd stop。

2.不能匿名访问怎么办?

答:修改vsftp配置,打开匿名访问开关。vim /etc/vsftpd/vsftpd.conf,找到#anonymous_enable=YES,打开注释。

# vim /etc/vsftpd/vsftpd.conf
# /sbin/service vsftpd restart

3.服务和端口启动正常,但是提示No such directory?

答:目录或文件权限不正常,修改目录或文件权限。目录要有-x可执行权限。

# wget ftp://cp01-test08.epc.baidu.com:/home/work/a.txt
--15:02:33--  ftp://cp01-test08.epc.baidu.com/home/work/a.txt
           => `a.txt'
Resolving cp01-test08.epc.baidu.com... 10.94.219.34
Connecting to cp01-test08.epc.baidu.com|10.94.219.34|:21... connected.
Logging in as anonymous ... Logged in!
==> SYST ... done.    ==> PWD ... done.
==> TYPE I ... done.  ==> CWD /home/work ...
No such directory `home/work'.
# ls -l
# drwxr--r--  48 work work  4096 Dec 22 14:56 work
# chmod 755 work
# drwxr-xr-x  48 work work  4096 Dec 22 14:57 work

方法二:gssftp

需要设置Ftp和Telnet服务文件,才能启动Ftp和Telnet服务 (需要root权限)

vi /etc/xinetd.d/gssftp,server_args 干掉-a   ,disable设置为no /*配置开启telnet服务*/
vi /etc/xinetd.d/krb5-telnet ,disable 设置为no /*配置开启telnet服务*/
cd /etc/rc.d/init.d/ && /sbin/service xinetd restart /*xinetd是超级守护进程 telnet /ftp 是挂在 xinetd 底下的 重启一下就就可以读取新的配置开启ftp服务*/

方法三:proftpd

测试服务

确认ftp服务使用的是proftpd,或准备使用proftpd。
是否正在使用proftpd

# netstat -anpt | grep :21
 tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN      28828/proftpd: (acc

安装过proftpd

# which proftpd
/usr/sbin/proftpd

检查配置文件/etc/proftpd.conf,这里常常目录权限被注释掉,导致虽有ftp服务但是访问ftp无权限。附件提供了一份正常的proftpd.conf,供参考对比。

重启服务

# /sbin/service proftpd restart
  Shutting down proftpd:                                     [  OK  ]
  Starting proftpd:                                          [  OK  ]

参考配置

ServerName                        "ProFTPD"
ServerType                        standalone
DefaultServer                        on

timesGMT off
# Port 21 is the standard FTP port.
Port                                21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                                022
IdentLookups                             off
UseReverseDNS                            off
# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                        30

# Set the user and group that the server normally runs at.
User                                nobody
Group                                nogroup

# Normally, we want files to be overwriteable.
<Directory /*>
  AllowOverwrite                on
</Directory>

# A basic anonymous configuration, no upload directories.
<Anonymous ~ftp>
  User                                ftp
  Group                                ftp
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias                        anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients                        30

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin                        welcome.msg

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>
<Directory /etc>
        <Limit ALL>
        DenyAll
        </Limit>
</Directory>
<Directory /lib64>
        <Limit ALL>
        DenyAll
        </Limit>
</Directory>

<Directory /lib>
        <Limit ALL>
        DenyAll
        </Limit>
</Directory>

<Directory /bin>
        <Limit ALL>
        DenyAll
        </Limit>
</Directory>

<Directory /sbin>
        <Limit ALL>
        DenyAll
        </Limit>
</Directory>

<Directory /usr>
        <Limit ALL>
        DenyAll
        </Limit>
</Directory>

<Directory /var>
        <Limit ALL>
        DenyAll
        </Limit>
</Directory>


<Directory /home/*>
        <Limit LIST NLST>
        AllowAll
        </Limit>
</Directory>


<Directory />
        <Limit LIST NLST>
        DenyAll
        </Limit>
</Directory>

<Directory /opt>
        <Limit LIST NLST>
        DenyAll
        </Limit>
</Directory>

<Directory /flash/>
        <Limit LIST NLST>
        AllowAll
        </Limit>
</Directory>

  <Limit WRITE>
    DenyAll
  </Limit>

</Anonymous>

注:【定制高级篇】若想设置更细粒度目录控制权限,请参考官网进行配置,官网limit说明http://www.proftpd.org/docs/howto/Limit.html。