1.在安装前检查是否已安装vsftpd
vsftpd -v
2.安装vsftp(vsftpd 的名字代表"very secure FTP daemon"):
yum install -y vsftpd
3.设置开机启动:
systemctl enable vsftpd
4.启动ftp服务:
systemctl enable vsftpd
5.打开防火墙
firewall-cmd --zone=public --add-port=21/tcp --permanent //永久添加tcp 21 端口
firewall-cmd --permanent --zone=public --add-service=ftp //添加ftp服务
firewall-cmd --reload //重启防火墙
6.添加用户:
useradd -g root -d /home/data -s /sbin/nologin zhc
新建zhc用户 添加到root组
但是不允许用户登录,仅仅可以ftp登录
ftp登录后的默认目录是/home/data
7.设置用户密码
passwd zhc
8.设置权限
chown -R zhc:root /home/data
setsebool -P ftpd_full_access on
如果系统报错:setsebool: SELinux is disabled.
就:vi /etc/selinux/config
把里面的内容改为如下:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=permissive
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
9.修改vsftp配置文件,禁止匿名登录
vi /etc/vsftpd/vsftpd.conf
把anonymous_enable=YES 改为: anonymous_enable=NO
然后重启服务器:
reboot
vsftpd -v
2.安装vsftp(vsftpd 的名字代表"very secure FTP daemon"):
yum install -y vsftpd
3.设置开机启动:
systemctl enable vsftpd
4.启动ftp服务:
systemctl enable vsftpd
5.打开防火墙
firewall-cmd --zone=public --add-port=21/tcp --permanent //永久添加tcp 21 端口
firewall-cmd --permanent --zone=public --add-service=ftp //添加ftp服务
firewall-cmd --reload //重启防火墙
6.添加用户:
useradd -g root -d /home/data -s /sbin/nologin zhc
新建zhc用户 添加到root组
但是不允许用户登录,仅仅可以ftp登录
ftp登录后的默认目录是/home/data
7.设置用户密码
passwd zhc
8.设置权限
chown -R zhc:root /home/data
setsebool -P ftpd_full_access on
如果系统报错:setsebool: SELinux is disabled.
就:vi /etc/selinux/config
把里面的内容改为如下:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=permissive
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
9.修改vsftp配置文件,禁止匿名登录
vi /etc/vsftpd/vsftpd.conf
把anonymous_enable=YES 改为: anonymous_enable=NO
然后重启服务器:
reboot