安装ftp
关闭防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service
setenforce 0
SELINUX=disabled
useradd -s /sbin/nologin -d /rcb01/upload/test rcb01
yum -y install vsftpd
sudo cat /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
use_localtime = YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YES
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
pam_service_name=vsftpd
userlist_enable=YES
userlist_deny=NO
tcp_wrappers=YES
allow_writeable_chroot=YES
ascii_upload_enable=YES
ascii_download_enable=YES
local_root=/rcb01/upload/test(设置目录)
listen_port=6769
pasv_min_port=6000
pasv_max_port=6010
创建文件
cat /etc/vsftpd/chroot_list
rcb01 需要登录的账号
cat /etc/pam.d/vsftpd
#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
#auth required pam_shells.so
#auth include password-auth
account include password-auth
session required pam_loginuid.so
session include password-auth
#auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers
#account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers
如果修改了非21端口
需要修改
vim /etc/services
ftp 6769/tcp
ftp 6769/udp fsp fspd
systemctl restart vsftpd.service
ftp登录
ftp xxxxx xxx
passive
内外网隔离 被动模式
anonymous_enable=NO
local_enable=YES
write_enable=YES
use_localtime=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
allow_writeable_chroot=YES
pam_service_name=vsftpd
userlist_enable=YES
listen_port=6769
tcp_wrappers=NO
pasv_enable=YES
pasv_min_port=4500
pasv_max_port=4500
pasv_address=xxx.xxx.xxx.xxx
转载于:https://blog.51cto.com/12473494/2317471