先用rpm -qa| grep vsftpd命令检查是否已经安装,如果ftp没有安装,使用yum -y install ftp vsftpd 安装,(ubuntu 下使用apt-get install ftp vsftpd)
yum -y install ftp vsftpd
查看配置文件所在路径
rpm -qc vsftpd
备份vsftpd原有配置文件
cd /etc/vsftpd
cp vsftpd.conf vsftpd.conf.origin
创建密码明文文件
vi /etc/vsftpd/ftpuser.txt
ftpuser
ftpuser
根据明文创建密码DB文件
db_load -T -t hash -f /etc/vsftpd/ftpuser.txt /etc/vsftpd/ftpuser.db
查看密码数据文件
file /etc/vsftpd/ftpuser.db
创建vftpd的guest账户
useradd -d /ftp/private -s /sbin/nologin ftpuser
mkdir /ftp
mkdir /ftp/private
chown -R ftpuser /ftp/private
打开 /etc/pam.d/vsftpd,将auth及account的所有配置行行均在注释掉,添加如下内容:
auth required pam_userdb.so db=/etc/vsftpd/ftpuser
account required pam_userdb.so db=/etc/vsftpd/ftpuser
打开/etc/vsftpd/vsftpd.conf,将# anonymous_enable=YES 改为 anonymous_enable=NO
在最下面添加如下内容:
virtual_use_local_privs=YES
guest_enable=YES
guest_username=ftpuser
chroot_local_user=YES
allow_writeable_chroot=YES
设置vsftpd开机启动, systemctl enable vsftpd
重新启动vsftpd服务
systemctl restart vsftpd
systemctl start vsftpd.service
systemctl stop vsftpd.service
systemctl status vsftpd.service
测试如下:
关闭SELinux,如果不关闭则不能创建文件夹
vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing 将此处的默认值改成disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted