本文共 9483 字，大约阅读时间需要 31 分钟。

Last login: Wed Dec 30 09:33:49 2020 from 172.17.136.10

Authorized users only.All activities will be monitored and reported. [jyc@test ~]$ su - root Password:  [root@test ~]# df -h Filesystem            Size  Used Avail Use% Mounted on /dev/mapper/VolGroup-lv_root                        29G   25G  2.3G  92% / tmpfs                  16G   15M   16G   1% /dev/shm /dev/sda1             477M   84M  364M  19% /boot /dev/mapper/VolGroup-lv_home                       9.5G  1.5G  7.6G  17% /home /dev/mapper/VolGroup-lv_oracle                        29G  6.3G   21G  23% /oracle /dev/mapper/VolGroup-lv_oradata                       3.8T  2.1T  1.6T  58% /oradata [root@test ~]# pwd /root [root@test ~]#  [root@test ~]#  [root@test ~]# yum install vsftpd -y Loaded plugins: refresh-packagekit, security, ulninfo Setting up Install Process ftp-ol6                                                                                                                                                                   | 3.7 kB     00:00      Resolving Dependencies --> Running transaction check ---> Package vsftpd.x86_64 0:2.2.2-24.el6 will be installed --> Processing Dependency: libssl.so.10(libssl.so.10)(64bit) for package: vsftpd-2.2.2-24.el6.x86_64 --> Processing Dependency: libcrypto.so.10(libcrypto.so.10)(64bit) for package: vsftpd-2.2.2-24.el6.x86_64 --> Processing Dependency: libcrypto.so.10(OPENSSL_1.0.1_EC)(64bit) for package: vsftpd-2.2.2-24.el6.x86_64 --> Processing Dependency: libssl.so.10()(64bit) for package: vsftpd-2.2.2-24.el6.x86_64 --> Processing Dependency: libcrypto.so.10()(64bit) for package: vsftpd-2.2.2-24.el6.x86_64 --> Running transaction check ---> Package openssl.x86_64 0:1.0.1e-57.el6 will be installed --> Finished Dependency Resolution

Dependencies Resolved

=================================================================================================================================================================================================

 Package                                      Arch                                        Version                                             Repository                                    Size ================================================================================================================================================================================================= Installing:  vsftpd                                       x86_64                                      2.2.2-24.el6                                        ftp-ol6                                      155 k Installing for dependencies:  openssl                                      x86_64                                      1.0.1e-57.el6                                       ftp-ol6                                      1.5 M

Transaction Summary

================================================================================================================================================================================================= Install       2 Package(s)

Total download size: 1.7 M

Installed size: 4.4 M Downloading Packages: (1/2): openssl-1.0.1e-57.el6.x86_64.rpm                                                                                                                                   | 1.5 MB     00:00      (2/2): vsftpd-2.2.2-24.el6.x86_64.rpm                                                                                                                                     | 155 kB     00:00      ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total                                                                                                                                                             17 MB/s | 1.7 MB     00:00      Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction   Installing : openssl-1.0.1e-57.el6.x86_64                                                                                                                                                  1/2    Installing : vsftpd-2.2.2-24.el6.x86_64                                                                                                                                                    2/2    Verifying  : openssl-1.0.1e-57.el6.x86_64                                                                                                                                                  1/2    Verifying  : vsftpd-2.2.2-24.el6.x86_64                                                                                                                                                    2/2 

Installed:

  vsftpd.x86_64 0:2.2.2-24.el6                                                                                                                                                                   

Dependency Installed:

  openssl.x86_64 0:1.0.1e-57.el6                                                                                                                                                                 

Complete!

[root@test ~]# vi /etc/vsftpd/vsftpd.conf # Example config file /etc/vsftpd/vsftpd.conf # # The default compiled in settings are fairly paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # Please see vsftpd.conf.5 for all compiled in defaults. # # READ THIS: This example file is NOT an exhaustive list of vsftpd options. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=NO # # Uncomment this to allow local users to log in.local_enable=YES # # Uncomment this to enable any form of FTP write command. write_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) local_umask=022 # # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will # obviously need to create a directory writable by the FTP user. #anon_upload_enable=YES # # Uncomment this if you want the anonymous FTP user to be able to create # new directories. #anon_mkdir_write_enable=YES # # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # # The target log file can be vsftpd_log_file or xferlog_file. # This depends on setting xferlog_std_format parameter xferlog_enable=YES # # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # # If you want, you can arrange for uploaded anonymous files to be owned by # a different user. Note! Using "root" for uploaded files is not # recommended! #chown_uploads=YES #chown_username=whoever # # The name of log file when xferlog_enable=YES and xferlog_std_format=YES # WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log #xferlog_file=/var/log/xferlog # # Switches between logging into vsftpd_log_file and xferlog_file files. # NO writes to vsftpd_log_file, YES to xferlog_file xferlog_std_format=YES # # You may change the default value for timing out an idle session. #idle_session_timeout=600 # # You may change the default value for timing out a data connection. #data_connection_timeout=120 # # It is recommended that you define on your system a unique user which the # ftp server can use as a totally isolated and unprivileged user. #nopriv_user=ftpsecure # # Enable this and the server will recognise asynchronous ABOR requests. Not # recommended for security (the code is non-trivial). Not enabling it, # however, may confuse older FTP clients. #async_abor_enable=YES # # By default the server will pretend to allow ASCII mode but in fact ignore # the request. Turn on the below options to have the server actually do ASCII # mangling on files when in ASCII mode. # Beware that on some FTP servers, ASCII support allows a denial of service # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd # predicted this attack and has always been safe, reporting the size of the # raw file. # ASCII mangling is a horrible feature of the protocol. #ascii_upload_enable=YES #ascii_download_enable=YES # # You may fully customise the login banner string: #ftpd_banner=Welcome to blah FTP service. # # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd/banned_emails # # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot().chroot_local_user=YES #chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd/chroot_list "/etc/vsftpd/vsftpd.conf" 119L, 4597C written [root@test ~]# useradd ftpuser [root@test ~]# echo "ftp_1234"| passwd ftpuser --stdin Changing password for user ftpuser. passwd: all authentication tokens updated successfully. [root@test ~]# mkdir -p /oradata/ftpuser [root@test ~]# chmod a-w /oradata/ftpuser && chmod 777 -R /oradata/ftpuser [root@test ~]# usermod -d /oradata/ftpuser ftpuser [root@test ~]# service vsftpd start Starting vsftpd for vsftpd:                                [  OK  ] [root@test ~]# ftp ftpuser@192.168.52.111

ftp: ftpuser@192.168.52.111: Temporary failure in name resolution

ftp> bye

[root@test ~]# ftp ftpuser@192.168.52.111  --这是sftp写法，ftp不支持 ftp: ftpuser@192.168.52.111: Temporary failure in name resolution ftp> bye [root@test ~]# ps -ef|grep ftp root     120905      1  0 11:01 ?        00:00:00 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf root     121135 120294  0 11:03 pts/0    00:00:00 grep ftp [root@test ~]# vi /etc/vsftpd/chroot_list

ftpuser

"/etc/vsftpd/chroot_list" [New] 1L, 8C written

[root@test ~]# cat /etc/vsftpd/chroot_list ftpuser [root@test ~]# service vsftpd restart Shutting down vsftpd:                                      [  OK  ] Starting vsftpd for vsftpd:                                [  OK  ] [jyc@test ~]$ ftp 192.168.52.111 Connected to 192.168.52.111 (192.168.52.111). 220 (vsFTPd 2.2.2) Name (192.168.52.111:jyc): ftpuser 331 Please specify the password. Password: 530 Login incorrect. Login failed. ftp> user ftpuser 331 Please specify the password. Password:  230 Login successful. ftp> ls 227 Entering Passive Mode (10,62,233,213,230,65). 150 Here comes the directory listing. 226 Directory send OK. ftp> mkdir t 257 "/t" created ftp> cd t 250 Directory successfully changed. ftp> ls 227 Entering Passive Mode (10,62,233,213,105,10). 150 Here comes the directory listing. 226 Directory send OK. ftp> bye 221 Goodbye. [jyc@test ~]$ pwd /home/jyc [jyc@test ~]$ ls -l /home total 72 drwx------  4 bdcs    bdcs      4096 Aug 23  2019 bdcs drwx------  5 bjtel   bjtel     4096 Jan 17  2019 bjtel drwx------  4 ftpuser ftpuser   4096 Dec 30 10:59 ftpuser drwx------  6 jyc    jyc      4096 Nov 10 08:52 jyc drwx------. 2 litx    litx      4096 May 23  2017 litx drwx------. 2 liyuhe  liyuhe    4096 May 23  2017 liyuhe drwx------. 2 root    root     16384 May 23  2017 lost+found drwx------  6 oracle  oinstall  4096 Nov 10 08:59 oracle drwxr-xr-x  2 root    root      4096 Apr 17  2019 security drwx------. 2 songyz  songyz    4096 May 23  2017 songyz drwx------. 2 suiyi   suiyi     4096 May 23  2017 suiyi drwx------. 2 sunyue  sunyue    4096 May 23  2017 sunyue drwxr-xr-x  5 root    root      4096 Dec 25  2019 upgrade drwx------. 2 wanglei wanglei   4096 May 23  2017 wanglei drwx------. 2 yanglch yanglch   4096 Jan 17  2019 yanglch [jyc@test ~]$ more /etc/vsftpd/chroot_list ftpuser [jyc@test ~]$ 

参考：

转载地址：http://acsof.baihongyu.com/