构建基于虚拟用户,本地用户的vsftpd服务器

构建基于虚拟用户的vsftpd服务器

                                                                                                                       ——白·月

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33

TYPE=Ethernet

BOOTPROTO=static

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

IPV6_ADDR_GEN_MODE=stable-privacy

NAME=ens33

UUID=fcba9029-9415-4fe6-b076-0a83857d01ec

DEVICE=ens33

ONBOOT=yes

IPADDR=192.168.1.1

NETMASK=255.255.255.0

[root@localhost ~]# systemctl restart network

[root@localhost ~]# ifconfig

ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 192.168.1.1  netmask 255.255.255.0  broadcast 192.168.1.255

        inet6 fe80::e1da:4a27:77d0:a6dd  prefixlen 64  scopeid 0x20<link>

        ether 00:0c:29:1b:a7:25  txqueuelen 1000  (Ethernet)

        RX packets 0  bytes 0 (0.0 B)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 15  bytes 1104 (1.0 KiB)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536

        inet 127.0.0.1  netmask 255.0.0.0

        inet6 ::1  prefixlen 128  scopeid 0x10<host>

        loop  txqueuelen 1  (Local Loopback)

        RX packets 0  bytes 0 (0.0 B)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 0  bytes 0 (0.0 B)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@localhost ~]# cd /etc/yum.repos.d/

[root@localhost yum.repos.d]# mkdir a

[root@localhost yum.repos.d]# mv C* a

[root@localhost yum.repos.d]# vim yum.repo

[a]

name=a

baseurl=file:///media

gpgcheck=0

[root@localhost yum.repos.d]# mount /dev/cdrom /media

mount: /dev/sr0 is write-protected, mounting read-only

[root@localhost yum.repos.d]# cd

[root@localhost ~]# yum -y install vsftpd  ftp

Installed:

  ftp.x86_64 0:0.17-67.el7          vsftpd.x86_64 0:3.0.2-21.el7         

Complete!

[root@localhost ~]# vim /etc/vsftpd/vusers.list      \\建立虚拟FTP用户的帐号数据库文件

a

123

b

123

~   

[root@localhost ~]# cd /etc/vsftpd/

[root@localhost vsftpd]# db_load -T -t hash -f vusers.list vusers.db

[root@localhost vsftpd]# file vusers.db

vusers.db: Berkeley DB (Hash, version 9, native byte-order)

[root@localhost vsftpd]# chown 600 /etc/vsftpd/vusers.*            \\给账号密码权限

[root@localhost vsftpd]# useradd -d /syj -s /sbin/nologin baiyue            \\创建FTP根目录及虚拟用户映射的系统用户

[root@localhost vsftpd]# chmod 755 /syj               \\给文件权限

[root@localhost vsftpd]# vim /etc/pam.d/vsftp                 \\建立支持虚拟用户的PAM认证文件

#%PAM-1.0

auth        required    pam_userdb.so  db=/etc/vsftpd/vusers

account     required    pam_userdb.so  db=/etc/vsftpd/vusers

[root@localhost vsftpd]# vim /etc/vsftpd/vsftpd.conf              \\修改配置文件

anonymous_enable=NO

local_enable=YES

write_enable=YES

local_umask=022

anon_umask=022

chroot_local_user=YES

allow_writeable_chroot=YES

pam_service_name=vsftpd

userlist_enable=YES

tcp_wrappers=YES

guest_enable=YES

guest_username=baiyue

user_config_dir=/etc/vsftpd/vusers_dir

[root@localhost vsftpd]# mkdir /etc/vsftpd/vusers_dir

[root@localhost vsftpd]# cd /etc/vsftpd/vusers_dir/

[root@localhost vusers_dir]# touch a  b

[root@localhost vusers_dir]# vim a

anon_upload_enable=YES

anon_mkdir_write_enable=YES

[root@localhost vsftpd]# mkdir /etc/vsftpd/vusers_dir                \\为个别虚拟用户建立独立的配置文件

[root@localhost vsftpd]# cd /etc/vsftpd/vusers_dir/

[root@localhost vusers_dir]# touch a  b

[root@localhost vusers_dir]# vim a

anon_upload_enable=YES

anon_mkdir_write_enable=YES

[root@localhost vusers_dir]# systemctl start vsftpd            \\启动ftp

[root@localhost vusers_dir]# systemctl stop firewalld.service

[root@localhost vusers_dir]# setenforce 0                \\降低沙盒

[root@localhost vusers_dir]# cd /syj

[root@localhost syj]# touch a

[root@localhost syj]# ls

a

客户端:

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33

TYPE=Ethernet

BOOTPROTO=static

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

IPV6_ADDR_GEN_MODE=stable-privacy

NAME=ens33

UUID=fcba9029-9415-4fe6-b076-0a83857d01ec

DEVICE=ens33

ONBOOT=yes

IPADDR=192.168.1.2

NETMASK=255.255.255.0

[root@localhost ~]# systemctl restart network

[root@localhost ~]# ifconfig

ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 192.168.1.2  netmask 255.255.255.0  broadcast 192.168.1.255

        inet6 fe80::8237:c6c4:f9e9:6e23  prefixlen 64  scopeid 0x20<link>

        ether 00:0c:29:45:b2:6f  txqueuelen 1000  (Ethernet)

        RX packets 3  bytes 180 (180.0 B)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 11  bytes 840 (840.0 B)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536

        inet 127.0.0.1  netmask 255.0.0.0

        inet6 ::1  prefixlen 128  scopeid 0x10<host>

        loop  txqueuelen 1  (Local Loopback)

        RX packets 0  bytes 0 (0.0 B)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 0  bytes 0 (0.0 B)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@localhost ~]# cd /etc/yum.repos.d/

[root@localhost yum.repos.d]# mkdir a

[root@localhost yum.repos.d]# mv C* a

[root@localhost yum.repos.d]# vim yum.repo

[a]

name=a

baseurl=file:///media

gpgcheck=0

[root@localhost yum.repos.d]# mount /dev/cdrom /media

mount: /dev/sr0 is write-protected, mounting read-only

[root@localhost yum.repos.d]# cd

[root@localhost ~]# yum -y install vsftpd ftp

Installed:

  ftp.x86_64 0:0.17-67.el7      vsftpd.x86_64 0:3.0.2-21.el7     

Complete!

[root@localhost ~]# touch b

[root@localhost ~]# ftp  192.168.1.1                  \\验证

Connected to 192.168.1.1 (192.168.1.1).

220 (vsFTPd 3.0.2)

Name (192.168.1.1:root): a

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> ls

227 Entering Passive Mode (192,168,1,1,245,184).

150 Here comes the directory listing.

-rw-r--r--    1 0        0               0 Jun 18 19:57 a

226 Directory send OK.

ftp> get  a

local: a remote: a

227 Entering Passive Mode (192,168,1,1,44,190).

150 Opening BINARY mode data connection for a (0 bytes).

226 Transfer complete.

ftp> put b

local: b remote: b

227 Entering Passive Mode (192,168,1,1,101,140).

150 Ok to send data.

226 Transfer complete.

ftp> quit

221 Goodbye.

[root@localhost ~]# ftp  192.168.1.1

Connected to 192.168.1.1 (192.168.1.1).

220 (vsFTPd 3.0.2)

Name (192.168.1.1:root): b

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> ls

227 Entering Passive Mode (192,168,1,1,141,152).

150 Here comes the directory listing.

-rw-r--r--    1 0        0               0 Jun 18 19:57 a

-rw-r--r--    1 1001     1001            0 Jun 18 20:00 b

226 Directory send OK.

ftp> get a

local: a remote: a

227 Entering Passive Mode (192,168,1,1,248,56).

150 Opening BINARY mode data connection for a (0 bytes).

226 Transfer complete.

ftp> put b

local: b remote: b

227 Entering Passive Mode (192,168,1,1,163,6).

550 Permission denied.

ftp>

[root@localhost ~]# ls

a                Desktop    initial-setup-ks.cfg  Public

anaconda-ks.cfg  Documents  Music                 Templates

b                Downloads  Pictures              Videos

                                              构建本地用户验证的vsftpd服务器

                                                                                                                                   ——白·月

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33

TYPE=Ethernet

BOOTPROTO=static

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

IPV6_ADDR_GEN_MODE=stable-privacy

NAME=ens33

UUID=fcba9029-9415-4fe6-b076-0a83857d01ec

DEVICE=ens33

ONBOOT=yes

IPADDR=192.168.1.1

NETMASK=255.255.255.0

[root@localhost ~]# systemctl restart network

[root@localhost ~]# ifconfig

ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 192.168.1.1  netmask 255.255.255.0  broadcast 192.168.1.255

        inet6 fe80::e1da:4a27:77d0:a6dd  prefixlen 64  scopeid 0x20<link>

        ether 00:0c:29:1b:a7:25  txqueuelen 1000  (Ethernet)

        RX packets 0  bytes 0 (0.0 B)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 15  bytes 1104 (1.0 KiB)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536

        inet 127.0.0.1  netmask 255.0.0.0

        inet6 ::1  prefixlen 128  scopeid 0x10<host>

        loop  txqueuelen 1  (Local Loopback)

        RX packets 0  bytes 0 (0.0 B)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 0  bytes 0 (0.0 B)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@localhost ~]# cd /etc/yum.repos.d/

[root@localhost yum.repos.d]# mkdir a

[root@localhost yum.repos.d]# mv C* a

[root@localhost yum.repos.d]# vim yum.repo

[a]

name=a

baseurl=file:///media

gpgcheck=0

[root@localhost yum.repos.d]# mount /dev/cdrom /media

mount: /dev/sr0 is write-protected, mounting read-only

[root@localhost yum.repos.d]# cd

[root@localhost ~]# yum -y install vsftpd  ftp

Installed:

  ftp.x86_64 0:0.17-67.el7          vsftpd.x86_64 0:3.0.2-21.el7         

Complete!

[root@localhost ~]# vim /etc/vsftpd/vsftpd.conf

anonymous_enable=NO

allow_writeable_chroot=YES

local_enable=YES

write_enable=YES

anon_umask=022

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_mkdir_write_enable=YES

dirmessage_enable=YES

xferlog_enable=YES

connect_from_port_20=YES

xferlog_std_format=YES

listen=NO

listen_ipv6=YES

pam_service_name=vsftpd

userlist_enable=YES

tcp_wrappers=YES

[root@localhost ~]# systemctl start vsftpd

[root@localhost ~]# systemctl stop  firewalld.service

[root@localhost ~]# setenforce 0

[root@localhost ~]# chmod 755  /var/ftp/

[root@localhost ~]# useradd zhangsan

[root@localhost ~]# useradd lisi

[root@localhost ~]# passwd zhangsan

Changing password for user zhangsan.

New password:

BAD PASSWORD: The password fails the dictionary check - it is too simplistic/systematic

Retype new password:

passwd: all authentication tokens updated successfully.

[root@localhost ~]# passwd lisi

Changing password for user lisi.

New password:

BAD PASSWORD: The password fails the dictionary check - it is too simplistic/systematic

Retype new password:

passwd: all authentication tokens updated successfully.

[root@localhost ~]# cd /var/ftp/

[root@localhost ftp]# ls

pub

[root@localhost ftp]# touch a

客户端:

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33

TYPE=Ethernet

BOOTPROTO=static

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

IPV6_ADDR_GEN_MODE=stable-privacy

NAME=ens33

UUID=fcba9029-9415-4fe6-b076-0a83857d01ec

DEVICE=ens33

ONBOOT=yes

IPADDR=192.168.1.2

NETMASK=255.255.255.0

[root@localhost ~]# systemctl restart network

[root@localhost ~]# ifconfig

ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 192.168.1.2  netmask 255.255.255.0  broadcast 192.168.1.255

        inet6 fe80::8237:c6c4:f9e9:6e23  prefixlen 64  scopeid 0x20<link>

        ether 00:0c:29:45:b2:6f  txqueuelen 1000  (Ethernet)

        RX packets 3  bytes 180 (180.0 B)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 11  bytes 840 (840.0 B)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536

        inet 127.0.0.1  netmask 255.0.0.0

        inet6 ::1  prefixlen 128  scopeid 0x10<host>

        loop  txqueuelen 1  (Local Loopback)

        RX packets 0  bytes 0 (0.0 B)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 0  bytes 0 (0.0 B)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@localhost ~]# cd /etc/yum.repos.d/

[root@localhost yum.repos.d]# mkdir a

[root@localhost yum.repos.d]# mv C* a

[root@localhost yum.repos.d]# vim yum.repo

[a]

name=a

baseurl=file:///media

gpgcheck=0

[root@localhost yum.repos.d]# mount /dev/cdrom /media

mount: /dev/sr0 is write-protected, mounting read-only

[root@localhost yum.repos.d]# cd

[root@localhost ~]# yum -y install vsftpd ftp

Installed:

  ftp.x86_64 0:0.17-67.el7      vsftpd.x86_64 0:3.0.2-21.el7     

Complete!

[root@localhost ~]# touch b

[root@localhost ~]# ls

anaconda-ks.cfg  Documents             Music     Templates

b                Downloads             Pictures  Videos

Desktop          initial-setup-ks.cfg  Public

[root@localhost ~]# ftp 192.168.1.1

Connected to 192.168.1.1 (192.168.1.1).

220 (vsFTPd 3.0.2)

Name (192.168.1.1:root): zhangsan

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> put b

local: b remote: b

227 Entering Passive Mode (192,168,1,1,252,63).

150 Ok to send data.

226 Transfer complete.

ftp> ls

227 Entering Passive Mode (192,168,1,1,217,154).

150 Here comes the directory listing.

-rw-r--r--    1 1001     1001            0 Jun 17 00:44 1.txt

-rw-r--r--    1 1001     1001            0 Jun 17 01:06 b

226 Directory send OK.

[root@localhost ~]# ftp 192.168.1.1

Connected to 192.168.1.1 (192.168.1.1).

220 (vsFTPd 3.0.2)

Name (192.168.1.1:root): lisi

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> put b

local: b remote: b

227 Entering Passive Mode (192,168,1,1,182,96).

150 Ok to send data.

226 Transfer complete.

ftp> ls

227 Entering Passive Mode (192,168,1,1,117,245).

150 Here comes the directory listing.

-rw-r--r--    1 1002     1002            0 Jun 17 01:07 b

226 Directory send OK.

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值