缘起
公司事宜,需要安装ftp使用,遇到了一些问题记录一下。
步骤一:安装
按照惯例,我们查看一下本机是否安装的有ftp,命令:
[root@localhost ~]# rpm -qa |grep vsftpd
vsftpd-3.0.2-28.el7.x86_64
如果能查询到东西,看上面,说明已经安装了,如果没有安装,我们就要通过yum安装一下,命令:
[root@localhost ~]# yum install vsftpd -y
安装以后,我们查看服务状态,命令:
[root@localhost vsftpd]# systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
[root@localhost vsftpd]#
步骤二:修改配置
编辑配置文件,命令:
[root@localhost vsftpd]# vi /etc/vsftpd/vsftpd.conf
修改部分配置,如下:
chroot_local_user=YES
chroot_list_enable=YES
userlist_enable=YES
创建用户并设置用户目录,参数:-d:设置主目录,-s shell登录权限
命令:
useradd -d /ftpFile -s /sbin/nologin ftp
编辑user_list文件,添加允许登录的用户
#编辑user_list文件
[root@localhost vsftpd]# vi /etc/vsftpd/user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
root
ftpadmin
编辑chroot_list文件,添加允许登录的用户
#编辑chroot_list文件
[root@localhost vsftpd]# vi /etc/vsftpd/chroot_list
#录入登录用户
ftpadmin
步骤三:启动
此时启动已经可以访问了,命令:
[root@localhost /]# systemctl start vsftpd
[root@localhost /]# systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
Active: active (running) since Thu 2021-10-14 17:41:31 CST; 5s ago
Process: 85075 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
Main PID: 85076 (vsftpd)
CGroup: /system.slice/vsftpd.service
└─85076 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
Oct 14 17:41:31 localhost.localdomain systemd[1]: Starting Vsftpd ftp daemon...
Oct 14 17:41:31 localhost.localdomain systemd[1]: Started Vsftpd ftp daemon.
[root@localhost /]#
访问试试,命令:
[root@localhost vsftpd]# ftp 192.168.101.131
ftp: connect: No route to host
在另一台电脑访问试试,命令ftp ip
:
[root@localhost vsftpd]# ftp 192.168.1.132
Connected to 192.168.1.132 (192.168.1.132).
220 (vsFTPd 3.0.2)
Name (192.168.1.132:root): ftpadmin
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
异常解决方案
Q:530 Permission denied.
S:添加用户到user_list
[root@localhost vsftpd]# vi /etc/vsftpd/user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
root
ftpadmin
Q:No route to host
S:关闭防火墙
或将端口加入允许访问列表
,命令:
#关闭防火墙
systemctl stop firewalld
#添加到防火墙
firewall-cmd --zone=public --add-port=21/tcp --permanent success
Q:530 Login incorrect.
S:如果其他方式都试过了还不行,重新设置密码登录试试,使用passwd 用户名
命令:
[root@localhost vsftpd]# passwd ftpadmin
Changing password for user ftpadmin.
New password:
BAD PASSWORD: The password contains the user name in some form
Retype new password:
passwd: all authentication tokens updated successfully.
[root@localhost vsftpd]#
Q:ftp: connect: Connection refused
S:同上关闭防火墙
或将端口加入允许访问列表
Q:在配置完后无法通过工具上传
S:设置sexlinux
getsebool -a | grep ftp
setsebool -P allow_ftpd_anon_write on
setsebool -P allow_ftpd_full_access on