{"id":1518,"date":"2024-05-08T13:35:45","date_gmt":"2024-05-08T05:35:45","guid":{"rendered":"http:\/\/oneai.eu.org\/?p=1518"},"modified":"2024-05-08T13:35:45","modified_gmt":"2024-05-08T05:35:45","slug":"vsftpd%e6%90%ad%e5%bb%ba","status":"publish","type":"post","link":"https:\/\/oneai.eu.org\/?p=1518","title":{"rendered":"vsftpd\u642d\u5efa"},"content":{"rendered":"

\u5b89\u88c5 \uff1a atp install vsftp
\nFTP\u6a21\u5f0f\u4e0e\u6570\u636e\u7aef\u53e3
\nFTP \u5206\u4e3a\u4e24\u7c7b\uff0cPORT FTP\u548cPASV FTP\uff0cPORT FTP\u662f\u4e00\u822c\u5f62\u5f0f\u7684FTP\u3002\u8fd9\u4e24\u79cdFTP\u5728\u5efa\u7acb\u63a7\u5236\u8fde\u63a5\u65f6\u64cd\u4f5c\u662f\u4e00\u6837\u7684\uff0c\u90fd\u662f\u7531\u5ba2\u6237\u7aef\u9996\u5148\u548cFTP\u670d\u52a1\u5668\u7684\u63a7\u5236\u7aef\u53e3(\u9ed8\u8ba4\u503c\u4e3a21)\u5efa\u7acb\u63a7\u5236\u94fe\u63a5\uff0c\u5e76\u901a\u8fc7 \u6b64\u94fe\u63a5\u8fdb\u884c\u4f20\u8f93\u64cd\u4f5c\u6307\u4ee4\u3002\u5b83\u4eec\u7684\u533a\u522b\u5728\u4e8e\u4f7f\u7528\u6570\u636e\u4f20\u8f93\u7aef\u53e3(ftp- data)\u7684\u65b9\u5f0f\u3002PORT FTP\u7531FTP\u670d\u52a1\u5668\u6307\u5b9a\u6570\u636e\u4f20\u8f93\u6240\u4f7f\u7528\u7684\u7aef\u53e3\uff0c\u9ed8\u8ba4\u503c\u4e3a20\u3002PASV FTP\u7531FTP\u5ba2\u6237\u7aef\u51b3\u5b9a\u6570\u636e\u4f20\u8f93\u7684\u7aef\u53e3\u3002 PASV FTP\u8fd9\u79cd\u505a\u6cd5\uff0c\u4e3b\u8981\u662f\u8003\u8651\u5230\u5b58\u5728\u9632\u706b\u5899\u7684\u73af\u5883\u4e0b\uff0c\u7531\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u8fdb\u884c\u6c9f\u901a(\u5ba2\u6237\u7aef\u5411\u670d\u52a1\u5668\u53d1\u51fa\u6570\u636e\u4f20\u8f93\u8bf7\u6c42\u4e2d\u5305\u542b\u4e86\u6570\u636e\u4f20\u8f93\u7aef\u53e3)\uff0c\u51b3\u5b9a\u4e24\u8005\u4e4b\u95f4\u7684\u6570 \u636e\u4f20\u8f93\u7aef\u53e3\u66f4\u4e3a\u65b9\u4fbf\u4e00\u4e9b\u3002
\nport_enable=YES|NO
\n\u5982\u679c\u4f60\u8981\u5728\u6570\u636e\u8fde\u63a5\u65f6\u53d6\u6d88PORT\u6a21\u5f0f\u65f6\uff0c\u8bbe\u6b64\u9009\u9879\u4e3aNO\u3002\u9ed8\u8ba4\u503c\u4e3aYES\u3002
\nconnetc_from_port_20=YES|NO
\n\u63a7\u5236\u4ee5PORT\u6a21\u5f0f\u8fdb\u884c\u6570\u636e\u4f20\u8f93\u65f6\u662f\u5426\u4f7f\u752820\u7aef\u53e3(ftp-data)\u3002YES\u4f7f\u7528\uff0cNO\u4e0d\u4f7f\u7528\u3002\u9ed8\u8ba4\u503c\u4e3aNO\uff0c\u4f46RHL\u81ea\u5e26\u7684vsftpd.conf\u6587\u4ef6\u4e2d\u6b64\u53c2\u6570\u8bbe\u4e3aYES\u3002
\nftp_data_port=port number
\n\u8bbe\u5b9aftp\u6570\u636e\u4f20\u8f93\u7aef\u53e3(ftp-data)\u503c\u3002\u9ed8\u8ba4\u503c\u4e3a20\u3002\u6b64\u53c2\u6570\u7528\u4e8ePORT FTP\u6a21\u5f0f\u3002<\/p>\n

port_promiscuous=YES|NO
\n\u9ed8\u8ba4\u503c\u4e3aNO\u3002\u4e3aYES\u65f6\uff0c\u53d6\u6d88PORT\u5b89\u5168\u68c0\u67e5\u3002\u8be5\u68c0\u67e5\u786e\u4fdd\u5916\u51fa\u7684\u6570\u636e\u53ea\u80fd\u8fde\u63a5\u5230\u5ba2\u6237\u7aef\u4e0a\u3002\u5c0f\u5fc3\u6253\u5f00\u6b64\u9009\u9879\u3002<\/p>\n

pasv_enable=YES|NO
\nYES\uff0c\u5141\u8bb8\u6570\u636e\u4f20\u8f93\u65f6\u4f7f\u7528PASV\u6a21\u5f0f\u3002NO\uff0c\u4e0d\u5141\u8bb8\u4f7f\u7528PASV\u6a21\u5f0f\u3002\u9ed8\u8ba4\u503c\u4e3aYES\u3002<\/p>\n

pasv_min_port=port number
\npasv_max_port=port number
\n\u8bbe\u5b9a\u5728PASV\u6a21\u5f0f\u4e0b\uff0c\u5efa\u7acb\u6570\u636e\u4f20\u8f93\u6240\u53ef\u4ee5\u4f7f\u7528port\u8303\u56f4\u7684\u4e0b\u754c\u548c\u4e0a\u754c\uff0c0 \u8868\u793a\u4efb\u610f\u3002\u9ed8\u8ba4\u503c\u4e3a0\u3002\u628a\u7aef\u53e3\u8303\u56f4\u8bbe\u5728\u6bd4\u8f83\u9ad8\u7684\u4e00\u6bb5\u8303\u56f4\u5185\uff0c\u6bd4\u598250000-60000\uff0c\u5c06\u6709\u52a9\u4e8e\u5b89\u5168\u6027\u7684\u63d0\u9ad8\u3002<\/p>\n

pasv_promiscuous=YES|NO
\n\u6b64\u9009\u9879\u6fc0\u6d3b\u65f6\uff0c\u5c06\u5173\u95edPASV\u6a21\u5f0f\u7684\u5b89\u5168\u68c0\u67e5\u3002\u8be5\u68c0\u67e5\u786e\u4fdd\u6570\u636e\u8fde\u63a5\u548c\u63a7\u5236\u8fde\u63a5\u662f\u6765\u81ea\u540c\u4e00\u4e2aIP\u5730\u5740\u3002\u5c0f\u5fc3\u6253\u5f00\u6b64\u9009\u9879\u3002\u6b64\u9009\u9879\u552f\u4e00\u5408\u7406\u7684\u7528\u6cd5\u662f\u5b58\u5728\u4e8e\u7531\u5b89\u5168\u96a7\u9053\u65b9\u6848\u6784\u6210\u7684\u7ec4\u7ec7\u4e2d\u3002\u9ed8\u8ba4\u503c\u4e3aNO\u3002<\/p>\n

pasv_address=
\n\u6b64\u9009\u9879\u4e3a\u4e00\u4e2a\u6570\u5b57IP\u5730\u5740\uff0c\u4f5c\u4e3aPASV\u547d\u4ee4\u7684\u54cd\u5e94\u3002\u9ed8\u8ba4\u503c\u4e3anone\uff0c\u5373\u5730\u5740\u662f\u4ece\u547c\u5165\u7684\u8fde\u63a5\u5957\u63a5\u5b57(incoming connectd socket)\u4e2d\u83b7\u53d6\u3002<\/p>\n

 <\/p>\n

\u6240\u4ee5\u5982\u679clinux\u6253\u5f00\u4e86\u9632\u706b\u573a\uff0c\u5fc5\u987b\u5f00\u901a\u5bf9\u5e94\u7684\u7aef\u53e3<\/h2>\n

\u653e\u5f00\u7684\u914d\u7f6e\u9879\u4e0e\u503c\u53c2\u8003\uff1a
\nlisten=NO
\nlisten_ipv6=YES
\nanonymous_enable=NO
\nlocal_enable=YES
\nlocal_umask=022
\ndirmessage_enable=YES
\nuse_localtime=YES
\nconnect_from_port_20=YES
\nchroot_local_user=YES
\nchroot_list_enable=YES
\nsecure_chroot_dir=\/var\/run\/vsftpd\/empty
\npam_service_name=vsftpd
\nssl_enable=NO
\npasv_enable=YES #\u5141\u8bb8\u88ab\u52a8\u6a21\u5f0f
\npasv_min_port=50000
\npasv_max_port=60000<\/h2>\n

\u653e\u5f00\u9632\u706b\u5899\u914d\u7f6e\uff1a ubutun:
\nufw allow 50000:60000\/tcp
\nufw reload<\/h2>\n

\u6dfb\u52a0ftp\u8d26\u53f7:
\nuseradd -m -d \/opt\/ftptest ftptest
\npasswd ftptest<\/h2>\n

\u5728 \/etc\/vsftpd.chroot_list
\n\u6dfb\u52a0\u8981\u767b\u5f55\u7684ftp\u8d26\u53f7\uff1a
\nftptest<\/p>\n","protected":false},"excerpt":{"rendered":"

\u5b89\u88c5 \uff1a atp install vsftp FTP\u6a21\u5f0f\u4e0e\u6570\u636e\u7aef\u53e3 FTP \u5206\u4e3a\u4e24\u7c7b\uff0cPORT FTP\u548cPASV FTP\uff0cPORT FTP\u662f\u4e00\u822c\u5f62\u5f0f\u7684FTP\u3002\u8fd9\u4e24\u79cdFTP\u5728\u5efa\u7acb\u63a7\u5236\u8fde\u63a5\u65f6\u64cd\u4f5c\u662f\u4e00\u6837\u7684\uff0c\u90fd\u662f\u7531\u5ba2\u6237\u7aef\u9996\u5148\u548cFTP\u670d\u52a1\u5668\u7684\u63a7\u5236\u7aef\u53e3(\u9ed8\u8ba4\u503c\u4e3a21)\u5efa\u7acb\u63a7\u5236\u94fe\u63a5\uff0c\u5e76\u901a\u8fc7 \u6b64\u94fe\u63a5\u8fdb\u884c\u4f20\u8f93\u64cd\u4f5c\u6307\u4ee4\u3002\u5b83\u4eec\u7684\u533a\u522b\u5728\u4e8e\u4f7f\u7528\u6570\u636e\u4f20\u8f93\u7aef\u53e3(ftp- data)\u7684\u65b9\u5f0f\u3002PORT FTP\u7531FTP\u670d\u52a1\u5668\u6307\u5b9a\u6570\u636e\u4f20\u8f93\u6240\u4f7f\u7528\u7684\u7aef\u53e3\uff0c\u9ed8\u8ba4\u503c\u4e3a20\u3002PASV FTP\u7531FTP\u5ba2\u6237\u7aef\u51b3\u5b9a\u6570\u636e\u4f20\u8f93\u7684\u7aef\u53e3\u3002 PASV FTP\u8fd9\u79cd\u505a\u6cd5\uff0c\u4e3b\u8981\u662f\u8003\u8651\u5230\u5b58\u5728\u9632\u706b\u5899\u7684\u73af\u5883\u4e0b\uff0c\u7531\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u8fdb\u884c\u6c9f\u901a(\u5ba2\u6237\u7aef\u5411\u670d\u52a1\u5668\u53d1\u51fa\u6570\u636e\u4f20\u8f93\u8bf7\u6c42\u4e2d\u5305\u542b\u4e86\u6570\u636e\u4f20\u8f93\u7aef\u53e3)\uff0c\u51b3\u5b9a\u4e24\u8005\u4e4b\u95f4\u7684\u6570 \u636e\u4f20\u8f93\u7aef\u53e3\u66f4\u4e3a\u65b9\u4fbf\u4e00\u4e9b\u3002 port_enable=YES|NO \u5982\u679c\u4f60\u8981\u5728\u6570\u636e\u8fde\u63a5\u65f6\u53d6\u6d88PORT\u6a21\u5f0f\u65f6\uff0c\u8bbe\u6b64\u9009\u9879\u4e3aNO\u3002\u9ed8\u8ba4\u503c\u4e3aYES\u3002 connetc_from_port_20=YES|NO \u63a7\u5236\u4ee5PORT\u6a21\u5f0f\u8fdb\u884c\u6570\u636e\u4f20\u8f93\u65f6\u662f\u5426\u4f7f\u752820\u7aef\u53e3(ftp-data)\u3002YES\u4f7f\u7528\uff0cNO\u4e0d\u4f7f\u7528\u3002\u9ed8\u8ba4\u503c\u4e3aNO\uff0c\u4f46RHL\u81ea\u5e26\u7684vsftpd.conf\u6587\u4ef6\u4e2d\u6b64\u53c2\u6570\u8bbe\u4e3aYES\u3002 ftp_data_port=port number \u8bbe\u5b9aftp\u6570\u636e\u4f20\u8f93\u7aef\u53e3(ftp-data)\u503c\u3002\u9ed8\u8ba4\u503c\u4e3a20\u3002\u6b64\u53c2\u6570\u7528\u4e8ePORT FTP\u6a21\u5f0f\u3002 port_promiscuous=YES|NO \u9ed8\u8ba4\u503c\u4e3aNO\u3002\u4e3aYES\u65f6\uff0c\u53d6\u6d88PORT\u5b89\u5168\u68c0\u67e5\u3002\u8be5\u68c0\u67e5\u786e\u4fdd\u5916\u51fa\u7684\u6570\u636e\u53ea\u80fd\u8fde\u63a5\u5230\u5ba2\u6237\u7aef\u4e0a\u3002\u5c0f\u5fc3\u6253\u5f00\u6b64\u9009\u9879\u3002 pasv_enable=YES|NO YES\uff0c\u5141\u8bb8\u6570\u636e\u4f20\u8f93\u65f6\u4f7f\u7528PASV\u6a21\u5f0f\u3002NO\uff0c\u4e0d\u5141\u8bb8\u4f7f\u7528PASV\u6a21\u5f0f\u3002\u9ed8\u8ba4\u503c\u4e3aYES\u3002 pasv_min_port=port number pasv_max_port=port number \u8bbe\u5b9a\u5728PASV\u6a21\u5f0f\u4e0b\uff0c\u5efa\u7acb\u6570\u636e\u4f20\u8f93\u6240\u53ef\u4ee5\u4f7f\u7528port\u8303\u56f4\u7684\u4e0b\u754c\u548c\u4e0a\u754c\uff0c0 \u8868\u793a\u4efb\u610f\u3002\u9ed8\u8ba4\u503c\u4e3a0\u3002\u628a\u7aef\u53e3\u8303\u56f4\u8bbe\u5728\u6bd4\u8f83\u9ad8\u7684\u4e00\u6bb5\u8303\u56f4\u5185\uff0c\u6bd4\u598250000-60000\uff0c\u5c06\u6709\u52a9\u4e8e\u5b89\u5168\u6027\u7684\u63d0\u9ad8\u3002 pasv_promiscuous=YES|NO \u6b64\u9009\u9879\u6fc0\u6d3b\u65f6\uff0c\u5c06\u5173\u95edPASV\u6a21\u5f0f\u7684\u5b89\u5168\u68c0\u67e5\u3002\u8be5\u68c0\u67e5\u786e\u4fdd\u6570\u636e\u8fde\u63a5\u548c\u63a7\u5236\u8fde\u63a5\u662f\u6765\u81ea\u540c\u4e00\u4e2aIP\u5730\u5740\u3002\u5c0f\u5fc3\u6253\u5f00\u6b64\u9009\u9879\u3002\u6b64\u9009\u9879\u552f\u4e00\u5408\u7406\u7684\u7528\u6cd5\u662f\u5b58\u5728\u4e8e\u7531\u5b89\u5168\u96a7\u9053\u65b9\u6848\u6784\u6210\u7684\u7ec4\u7ec7\u4e2d\u3002\u9ed8\u8ba4\u503c\u4e3aNO\u3002 pasv_address= \u6b64\u9009\u9879\u4e3a\u4e00\u4e2a\u6570\u5b57IP\u5730\u5740\uff0c\u4f5c\u4e3aPASV\u547d\u4ee4\u7684\u54cd\u5e94\u3002\u9ed8\u8ba4\u503c\u4e3anone\uff0c\u5373\u5730\u5740\u662f\u4ece\u547c\u5165\u7684\u8fde\u63a5\u5957\u63a5\u5b57(incoming connectd socket)\u4e2d\u83b7\u53d6\u3002   \u6240\u4ee5\u5982\u679clinux\u6253\u5f00\u4e86\u9632\u706b\u573a\uff0c\u5fc5\u987b\u5f00\u901a\u5bf9\u5e94\u7684\u7aef\u53e3 \u653e\u5f00\u7684\u914d\u7f6e\u9879\u4e0e\u503c\u53c2\u8003\uff1a listen=NO listen_ipv6=YES anonymous_enable=NO local_enable=YES local_umask=022 dirmessage_enable=YES use_localtime=YES connect_from_port_20=YES chroot_local_user=YES chroot_list_enable=YES secure_chroot_dir=\/var\/run\/vsftpd\/empty pam_service_name=vsftpd ssl_enable=NO pasv_enable=YES #\u5141\u8bb8\u88ab\u52a8\u6a21\u5f0f pasv_min_port=50000 pasv_max_port=60000 \u653e\u5f00\u9632\u706b\u5899\u914d\u7f6e\uff1a ubutun: ufw allow 50000:60000\/tcp ufw reload \u6dfb\u52a0ftp\u8d26\u53f7: useradd -m -d \/opt\/ftptest ftptest passwd ftptest \u5728 \/etc\/vsftpd.chroot_list \u6dfb\u52a0\u8981\u767b\u5f55\u7684ftp\u8d26\u53f7\uff1a ftptest<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_eb_attr":"","footnotes":""},"categories":[87,80],"tags":[],"class_list":["post-1518","post","type-post","status-publish","format-standard","hentry","category-linux","category-80"],"_links":{"self":[{"href":"https:\/\/oneai.eu.org\/index.php?rest_route=\/wp\/v2\/posts\/1518","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oneai.eu.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/oneai.eu.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/oneai.eu.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/oneai.eu.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1518"}],"version-history":[{"count":1,"href":"https:\/\/oneai.eu.org\/index.php?rest_route=\/wp\/v2\/posts\/1518\/revisions"}],"predecessor-version":[{"id":1519,"href":"https:\/\/oneai.eu.org\/index.php?rest_route=\/wp\/v2\/posts\/1518\/revisions\/1519"}],"wp:attachment":[{"href":"https:\/\/oneai.eu.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1518"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/oneai.eu.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1518"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/oneai.eu.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1518"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}