Linux-FTP服務(wù)器配置實驗報告

1、實驗六Linux系統(tǒng)環(huán)境下的FTP服務(wù)器安裝與配置一實驗?zāi)康?1) 掌握Vsftpd服務(wù)器的配置安裝方法。(2) 熟悉FTP的使用。(3) 掌握FTP服務(wù)器的啟動與停止扌桑作。二實驗容練習(xí)Linux系統(tǒng)下Vsftpd服務(wù)器的配置安裝方法及具的使用，掌握FTP服務(wù)器的啟動與停 止操作。三、實驗步驟1.查看FTP服務(wù)是否巳安裝，可知服務(wù)巳安裝，并査看文件信息瓚 rootdf osbird.:login as; rootroot192. 168. 32. 132 s password:Server refused to set all environment variablesLast login:

2、 Wed Mar 28 10:24:29 2012 from 192. 168. 32.1 rootfoxbirdrpm -qa Igrep vsftpdvsftpd-2. 0. 5-16. el5_5. 1rootfoxbirdrpm -ql vsftpd/etc/Logrotate d/vsftpdlog/etc/pam. d/vsftpd/etc/rc d/init d/vsftpd/etc/vsftpd/etc/vsftpd/ftpusers/etc/vsftpd/user_list/etc/vsftpd/vsftpd. conf/etc/vsftpd/vsftpd_con.f_ini

3、grate sh/usr /sbin/vsf tpd/usr/share/doc/vsft pd-2 0 5 /usr/share/doc/vsftpd-2. 0. 5/AUDIT/usr/share/doc/vsftpd-2. 0. 5/BENCHMARKS/usr/share/doc/vsftpd2. 0. 5/BUGS/usr/share/doc/vsftpd-2. 0. 5/COPYING/usr/share/doc/vsftpd2. 0. 5/Changelog /usr/share/doc/vsftpd-2. 0. 5/EXMPLE/usr/share/doc/vsftpd-2.

4、0. 5/EKMTLE/INTERNET.SITE2、啟動FTP服務(wù)rootfoxbird # service vsftpd start 為 vsftpd 啟動jzsftpd：確定rootfoxbird ps -eaf I grep vsftproot 502710 10:42 ?00:00:00 /usr/sbin/vsftpd /etc/vsftpd/vsftpd confroot 5030 4973 0 10:43 pts/0 00:00:00 grep vsftp rootfoxbird、# netstat -anp Igrep :21tcp00 ::+

5、LISTEN 5027/vsftpdrootfoxbird # |3、修改FTP服務(wù)配置文件只允許匿名用戶登錄WORD版木: J I f 1 Example config file /etc/vsftpd/vsftpd conf2 #3 # The default compiled in settings are fairly paranoid. This sample fi le4 # loosens things up a bit5 to make the ftp daemon more usable.5 # Please see vsftpd. conf. 5 for all compi

6、led in defaults.6 #7 # READ THIS: This example file is NOT an exhaustive list of vsftpd opt ions.8 # Please read the vsftpd .con f 5 manual page to get a full idea of vs ft pd s9 # capab10 # . .11 # Allow anonymous FTP? (Beware 一 allowed by default if you. coinment thi s out).12 anonymousenabl e=YES

7、13 #14 # UncQiriment this to allow local users to log in.15 local-enableNO16 #17 # Unconinent this to enable any form of FTP write coiranand18 wri t e_enabl e=YES19 #20 # Default umask for local users is 077. You. may wish to change this to022, . ,21 # if your users expect that (022 is used by most

8、other ftpds)22 local_uinask=02223 #24 # Uncoiranent this to allow the anonymous FTP user to upload files Thisonly25 # has an effect if the above global write enable is activated Also, y ou will26 # obviously need to create a directory writable by the FTP user.27 anon_uplo ad_enable=YES28 #29 # Uncon

9、irient this if you want the anonymous FTP user to be able to crea te30 # new directories31 anon_mk di r_wr i t e_enab 1 e=Y E S 嚴(yán)#.33 # Activate directory messages 一 messages given to remote users when th I eyI# chmod 777 /var/ftp/pub4、測試FTP服務(wù)只允許匿名用戶登錄 重啟FTP服務(wù)：;rootfoxbirdd；,rootfoxbird # service vs

10、ftpd restart 關(guān)閉 Ysftpd；_ 為vsftpd啟動rootfoxbird只允許匿名用戶登錄：rootwroxbird;rootfoxbird T# ftp 127. 0. 0.1Connected to 127. 0. 0.1.220 (vsFTPd 2. 0.5)530 Please login with USER and PASS.530 Please login with USER and PASS.KERBEROS_V4 rejected as an authentication typeName (127. 0. 0.1:root): anonymous331 Pl

11、ease specify the password.Password:230 Login successful.Remote system type is UNIX.Using binary mode to transfer filesftp Is227 Entering Passive Mode (127, 0, 0, 1210184)150 Here comes the directory listing drwxrwxrwx 2 004096 May 25 2010 pub226 Directory send OK.ftp bye221 Goodbye.rootfoxbird V# ft

12、p 127. 0. 0.1Connected to 127. 0. 0.1.220 (vsFTPd 2. 0. 5)530 Please login with USER and PASS.530 Please login with USER and PASS.KERBEROS_V4 rejected as an authentication typeName (127 0. 0wukong530 This FTP server is anonymous only.Login failed.ftp bye221 Goodbye. 、rootfoxbird |5、限定本地用戶配置信息3 Exair

13、iple config file /etc/vsftpd/vsftpd.conf# The default conpiled in settings are fairly paranoid This sample file# loosens things up a bit, to make the ftp daemon more usable# Please see vsftpdconf5 for all compiled in defaults# READ THIS: This example file is NOT an exhaustive list of vsftpd options.

14、# Please read the vsftpd .conf .5 manual page to get a full idea of vsftpd s# capabilities# Allow anonymous FTP? (Beware 一 allowed by default if you coiunent this out) anonyirious_enab 1 巴二NO# Uncoiriment this to allow local users to log in.1ocal_enable-YES# Uncoiranent this to enable any form of FT

15、P write coirarandwrite_enable二YES# Default umask for local users is 077 You may wish to change this to 022,# if your users expect that (022 is used by most other ftpds)1 OC81_UIDdsk二 022# Uncoiransnt this to allow the anonymous FTP user to upload files This only# has an effect if the above global wr

16、ite enable is activated. Also, you will# obviously need to create a directory writable by the FTP user anon_uploadenableYES# Uncoiranent this if you want the anonymous FTP user to be able to create# new directoriesanon_inkdir_writ eenabl e=YES# Activate directory messages 一 messages given to renote

17、users when they# go into a certain directory. diririessageenableES6 在本地用戶中包含用戶shine jkrootfoxbird:1 # vsftpd userlist2 # If user1istdenyNO, only allow users in this file3 # If user 1 istdenYES (default), never alloiv users in this file, and4 # do not even pronipt for a password5 # Noie that the defa

18、uIt vsftpd pam config also checks /etc/vsftpd/ftpusers6 # for users that are denied.7 root8 bin9 daemon10 adm11 lp12 sync13 shutdown14 halt15 mail16 news17 uucp18 operator19 games20 nobody21 shinejk7 重啟FTP服務(wù) shinejk用戶無法登錄上述設(shè)置正確 FTP服務(wù)工作正常_rootfoKbird 宀片 vi /etc/vsftpd/user_list rrootfoxbird # service

19、 vsftpd restart TlJJ vsftpd：為 vsftpd 啟動 vsftpd： rootfoxbird ftp 127. 0. 0. 1 Connected to 127. 0. 0.1.220 (vsRTPd 2. 0. 5)530 Please login with USER and PASS.530 Please login with USER and PASS.KERBEROS_V4 rejected as an authentication type Name (127. 0. 0.1:root) : shinejk530 Perinission deniedLogi

20、n failedftp bye221 Goodbye、rootfoxbird 1# I8設(shè)置所有的本地用戶都不能切換到主目錄以外的目錄在 vsftpd. conf 中添加 chroot_local_user =YESword版木104 #1s_recurse_enableYES105 # _106 # When listen directive is enabled, vsftpd runs in standalone mod nd107 # listens on IPv4 sockets. This directive cannot be used in conjunc n108 # wit

21、h the listen_ipv6 directive109 listen 二YES110 # # .111 # This directive enables listening on IPv6 sockets. To listen on IP and IPv6112 # sockets, you must run two copies of vsftpd whith two configuratio: iles.113 # Make sure, that one of the listen options is coiranented !114 #listenJpv6=YES115115 p

22、 airis ervi c e_nairie=vs ft p d116 user1i st_enable=YES117 t cp_wrappers=YES118 chroot_local_user=YES|一 INSERT 一9設(shè)置指定的用戶不可切換到主目錄以外的目錄首先，編輯vsftpd. conf文件，修改配置為chroot.list_enable=YESchroot_li st_file=/etc/vsftpd/chroot_list指定/etc/vsftpd/chroot_list文件中的用戶不能切換到主目錄以外的目錄# You may specify an explicit list

23、 of local users to chroot 0# directory If chrootocal_user is YES, then this list becoi# users to NOT chroot() chroot_list_enable=YES# (defauIt follows)Bhroot_lis巴二/巴tc/vsftpd/chrQQt_listWORD版木10、添加限定用戶wukongJ?JL UU CJL UJ.UXL U.pSj1 3 vsftpd userlist2 # If us er1i s t _deny=N0, only allow users in t

24、his file3 # If user 1 ist_deny=YES (default), never allow users in this file,4 # do not even prompt for a password5 # Note that the default vsftpd pam config also checks /etc/vsftpd/: sers6 # for users that are denied7 root8 bin9 daemon10 adm11 lp12 sync13 shutdown14 halt15 mail16 news17 uucp18 oper

25、ator19 games20 nobody21 shinejk22 wukong11本地用戶wukong登錄FTP服務(wù)器后無法切換到主目錄以外的目錄roo-tfoxbir-d roo-tfoxbir-d roo-tfoxbird ,roo-tfoxbir-d# vi /et c/ chro ot Ji st# vi /etc/chroot Jist# vi /etc/chroot_list# ftp Connected to 127. 0. 0. 1.220 (vsFTPd 2. Q.5) 530 Please login with USER and PASS.53Q Ple

26、ase login with USER and PASS.KERBER0S_V4 rejected as an authentication type Name (127. 0. 0. 1 :xoot): wukons331 Please specify the password.Password:230 Login successful.Remote system type is UNIX. Using binary mode to transfer files. ftp cd250 Directory successfully changed ftp 11Invalid conmand f

27、tp 11Invalid command ftp pwd257 /hoiDE ftp 11 ?Invalid command ftp Is227 Entering Passive Mode (127, 0, 0, 1, 129, 77)150 Here comes the directory listing226 Transfer done (but failed to open directory) ftp cd /etc/250 Directory successfully changedftp cd /root/var550 Failed to change directoryftp b

28、ye221 Goodbye. . rootfoxbir-d I12 在FTP服務(wù)配置文件中設(shè)置歡迎信息ff axxacKvia xne Goirmana/rig/riie inirioc# predicted this attack and has always been safe, reporting 井 raw file.岸 ASCII mangling is a horrible feature of the protoco1 ttascii_upload_enable=YES#ascii_download_enable=YES# You may fully customise the

29、login banner string:tpd_banner=Welcome to blah FTP service13 登錄FTP服務(wù)器時顯示歡迎信息.rootfoxbird # vi /etc/vsftpd/vsftpd conf _rootfoxbird service vsftpd restart 關(guān)閉 vsftpd s 為 vsftpd 啟動 vsftpd：rootfoxbird ftp 127. 0.0.1Connected to 127. 20 Welcome to blah FTP service530 Please login with USER and PASS.530 Please login with USER and PASS. KERBER0S_V4 rejected as an authentication type Name (127. 0. 0.1:root): |14 設(shè)置上傳和下載速率114 #listen3pv6=YES115115 p am_s ervi ce_name=vsft pd116 userli st_enable=YES117 t appers=YES118 anon_max_rat e=20000119 1ocal_max_