Linux FTP服务器配置实验报告

实验三服务器配置FTP实验课程名Red HatEnterprise Linux系统管理专业班级09学号姓名实验时间实验地点:指导教师:

一、实验目的1掌握Vsftpd服务器的配置方法2熟悉FTP客户端工具的使用3掌握常见的FTP服务器的故障排除

二、项目背景构建一台FTP服务器，为局域网的计算机提供文件传送任务，要求能够对FTP服务器设置连接限制、日志记录、消息、验证客户端身份等属性，并能够创建用户隔离的FTP站点

三、实验内容练习Linux系统下Vsftpd服务器的配置方法及FTP客户端工具的使用

四、实验步骤L查看FTP服务是否已安装，可知服务已安装，并查看文件信息.root@foxbirdvi/etc/vsftpd/vsftpd.conf_root@foxbird」#service vsftpdrestart关闭vsftpd_为vsftpd启动vsftpd[rootSfoxbird1#ftp

127.

0.

0.1Connected to［确

127.

0.

0.

1.定］220Welcome toblah FTPservice.530Please loginwith USERand PASS.530Please loginwith USERand PASS.KERBEROS_V4rejected asan authenticationtype Name

127.

0.

0.1root|

14.设置上传和下载速率、Jb IIJibA114#listen_ipv6=YES115116p am_s ervic e-name11vs ftp d117user1ist_enable=YES118t cp_wr apper s=YE S119anon_max_r at e=200001201ocal_max_rat e=l000000|-INSERT-

15.使用shine jk用户登录FTP服务器，并使用常见FTP命令[rootSfoxbird1#ftp

192.

168.

32.132Connected to

192.

168.

32.

132.220Welcome toblah FTPservice.530Please loginwith USERand PASS.530Please loginwith USERand PASS.KERBEROS_V4rejected asan authenticationtype Naine

192.

168.

32.132rootshinejk331Please specifythe password.Password230Login successful.Remote systemtype isUNIX.Using binarymode totransferfiles.ftp Is227Entering Passive Mode1921632s132s91-54150Here comesthe5directory listing.226Directory sendOK.ftp Ilsanaconda-ks.cfg countflDesktop dirletc flf2f4f5fstab-link install_flash_player_ll_linux.i386install_f1ash_p1ayer_11_1inux.i

386.tar.gz install,log install,log.syslog1ibf1ashplayer.so password,txt student,txtswitchdesk-

1.

7.0switchdesk-

1.

7.0-

1.src.rpm switchdesk-

1.

7.0-

1.src.rpin_FILESusr X.tar

三、实验小结通过本次试验的实践和学习，掌握了在Linux下Vsftpd的安装和配置方法，以及了解了FTP服务配置文件的信息内容和功能作用，熟悉了FTP客户端工具的使用，同时还掌握了常见FTP服务器的故障排除，对FTP各种常见命令有了一定的了解通过本次试验的实践和学习，掌握了在Linux下Vsftpd的安装和配置方法，以及了解了FTP服务配置文件的信息内容和功能作用，熟悉了FTP客户端工具的使用，同时还掌握了常见FTP服务器的故障排除，对FTP各种常见命令有了一定的了解1/root©foxbird:login asroot.

32.132’s passwordServer refusedto setall environmentvariablesLast loginWed Mar2810:24:292012from

192.

168.

32.1[root@foxbird rpm-qa|grepvsftpdvsftpd-

2.

0.5-

16.el5_

5.1[root@foxbird rpm-ql vsftpd/etc/logrotate.d/vsftpd.log/etc/pain.d/vsftpd/etc/rc.d/init.d/vsftpd/etc/vsftpd/etc/vsftpd/ftpusers/etc/vsftpd/user_list/etc/vsftpd/vsftpd.conf/etc/vsftpd/vsftpd_conf_migrate,sh/usr/sbin/vsftpd/usr/share/doc/vsftpd-

2.

0.5/usr/share/doc/vsftpd-

2.

0.5/AUDIT/usr/share/doc/vsftpd-

2.

0.5/BENCHMARKS/usr/share/doc/vsftpd-

2.

0.5/BUGS/usr/share/doc/vsftpd-

2.

0.5/COPYING/usr/share/doc/vsftpd-

2.

0.5/Changelog/usr/share/doc/vsftpd-

2.

0.5/EXAMPLE/usr/share/doc/vsftpd-

2.

0.5/EXAMPLE/INTERNET_SITE[root@foxbird~1#service vsftpd start为vsftpd启动vsftpd[root@foxbird ps-eaf|grep vsftproot50271010:4200:00:00/usr/sbin/vsftpd/etc/vsftpd/vsftpd.conf00:00:00grep vsftproot

5030.4973010:43pts/021[root@foxbird口#net stat-anp|grep

0.

0.

0.0*LISTtcp

000.

0.

0.0:21EN5027/vsftpd[root@foxbird I#I

2.启动FTP服务

3.修改FTP服务配置文件只允许匿名用户登录13Example configfile/etc/vsftpd/vsftpd.conf E2#3#The defaultcompiled insettings arefairly paranoid.This samplefi le4#loosens thingsup abit,to makethe ftpdaemon moreusable.5#Please seevsftpd.conf.5for allcoinpiled indefaults.6#7#READ THISThis exaKiplefile isNOT anexhaustive listof vsftpdopt ions.8#Please readthe vsftpd.conf.5manual pageto geta fullidea ofvsft pds9#capabilities.10#11#Allow anonymous FTP Beware-allowed bydefault if you coiranentthi sout.12anonyinous_enabl e=YES13#14#Uncomment thisto allowlocal users to login.15local_enab1e=N016#17#Uncoiranent thisto enableany formof FTPwrite coiranand.18write_enable=YES19#20#Default umaskfor local users is

077.You inaywish tochange thisto022,,21#if yourusers expectthat022is usedby mostother ftpds221ocal_umask=02223#24#Uncoinnient thisto allowthe anonymous FTP user to uploadfiles.This only25#has aneffect ifthe aboveglobal writeenable is activated.Also,y ouwill26#obviously needto create a directory writable by the FTP user.27anon_up1oad_enab1e=YES28#29#UncoKiment thisif youwant the anonymousFTP user tobe ableto create30#new directories.31anon_ink dir_m ite__enab1e=YE S32#33#Activate directorymessages-messages givento remoteusers whenth ey

4.测试FTP服务只允许匿名用户登录重启FTP服务_root@foxbird J#chmod777/var/ftp/pub_root@foxbird J#service vsftpdrestart关闭vsftpd_［理叵为vsftpd启动vsftpd［确定.［root@foxbird1#|只允许匿名用户登录:jff*rootwtoxDird:[root@foxbird门#ftp

127.

0.

0.1Connected to

127.

0.

0.

1.220vsFTPd

2.

0.5530Please loginwith USERand PASS.530Please loginwith USERand PASS.KERBEROS_V4rejected asan authenticationtypeName

127.

0.

0.1root:anonymous331Please specifythe password.Password230Login successful.Reinote systemtype isUNIX.Using binaryinode totransfer files.ftp Is227Ent eringPassive Mode127,0,0,1,210,184150Here comesthe directorylisting.drwxrwxrwx2004096May252010pub226Directory sendOK.ftp bye221Goodbye.[root@foxbird1#ftp

127.

0.

0.1Connected to

127.

0.

0.

1.220vsFTPd

2.

0.5530Please loginwith USERand PASS.530Please loginwith USERand PASS.KERBEROS_V4rejected asan authenticationtypeName

127.

0.

0.1rootwukong530This FTPserver isanonymous only.Login failed.ftp bye221Goodbye.[root@foxbird1#|

5.限定本地用户配置信息3Example configfile/etc/vsftpd/vsftpd.conf##The defaultcompiled insettings arefairly paranoid.This sainplefile#loosens thingsup abit,to makethe ftpdaemon moreusable.#Please seevsftpd.conf.5for allcompiled indefaults.##READ THISThis exainplefile isNOT anexhaustive listof vsftpdoptions.#Please readthe vsftpd.conf.5manual pageto geta fullidea ofvsftpds#capabilities.##Allow anonymousFTP Beware一allowed bydefault ifyou coiranentthis out.anonyirious_enab1e=N0##Uncoinment thisto allowlocal users to login.local_enab1e=YES##Uncoiranent thisto enableany formof FTPwrite coininand.write_enab1e=YES##Default umaskfor localusers is

077.You maywish tochange thisto022,#if yourusers expectthat022is usedby mostother ftpds1c al_Umask022##Uncoiranent thisto allowtheanonymousFTPuserto uploadfiles.This only#has aneffect ifthe aboveglobal writeenable isactivated.Also,you will#obviouslyneed to createadirectorywritablebytheFTPuser.anon_upload_enable=YES##Uncomment thisifyouwant theanonymousFTPusertobe abletocreate#new directories.anon_mkdir_write_enabl巳=YES##Activate directorymessages-messages givento remoteusers whenthey#go intoa certaindirectory.dirmessage_enable=YES

6.在本地用户中包含用户shinejkrootdfoxbird:一1#vsftpd userlist2#If user1ist_deny=N0j only allow users in this file3#If user1ist_deny=YES default,never allowusers inthis file,and4#do noteven proinptfor apassword.5#Note thatthe defaultvsftpd painconfig alsochecks/etc/vsftpd/ftpu sers6#for usersthat aredenied.7root8bin9daemon10adm11Ip12sync13shut down14halt15mil16news17uucp18operator19games20nobody21shinejk

7、重启FTP服务，shinejk用户无法登录，上述设置正确，FTP服务工作正常_root@foxbird J#vi/etc/vsftpd/user_list_root@foxbird」#service vsftpdrestart关闭vsftpd_为vsftpd启动vsftpd[root@foxbird1#ftp

127.

0.

0.1Connected to

127.

0.

0.

1.220vsFTPd

2.

0.5530Please loginwith USERand PASS.530Please loginwith USERand PASS.KERBEROS_V4rejected asan authenticationtype Name

127.

0.

0.1rootshinejk530Permission denied.Login failed.ftp bye221Goodbye.[root@foxbird1#|

8、设置所有的本地用户都不能切换到主目录以外的目录在vsftpd.conf中添加chroot_localuser=YES104#1s_recurse__enab1e-YES105#〃〃106#When“listen directiveis enabled,vsftpd runsin standalonemod nd107#listens on IPv4sockets.This directivecannot beused inconjunc n108#with thelisten_ipv6directive.109listen二YES110#111#This directiveenables listeningon IPv6sockets.To listenonIPand IPv6112#sockets,you mstrun twocopies ofvsftpd whithtwo configuratioiles.113#Make sure,that oneof thelisten optionsis coiniriented1!114#listen_ipv6=YES115116pain_service_naine=vsftpd117user1ist_enable-YES118t cp_wr apper s=YE S119chroot_local_user=YES|-INSERT一

9、设置指定的用户不可切换到主目录以外的目录首先，编辑vsftpd.conf文件，修改配置为chroot_list_enable=YESchroot_list_file=/etc/vsftpd/chroot_list指定/etc/vsftpd/chroot_list文件中的用户不能切换到主目录以外的目录.#You mayspecify anexplicit listof localuserstochroot#directory.Ifchroot_local__user isYES’then thislist beco#userstoNOT chroot.chroot」ist_enabl e=YES#default followsSiroot_list_fi1e=/etc/vsftpd/chroot_list

10、添加限定用户wukong13vsftpd userlist2#If user1ist_deny=N0,onlyallowusers inthis file3#If user1ist_deny=YES default,never allowusersinthisfile,4#do noteven proinptfor apassword,5#Note thatthe defaultvsftpd pawconfig alsochecks/etc/vsftpd/sers#for usersthat aredenied,root bindaemon admlpsync shutdownhalt mailnewsuucpoperator gamesnobody shinejkwukong

11.本地用户wukong登录FTP服务器后无法切换到主目录以外的目录0124567_root@foxbird vi/etc/chroot_list vi/etc/chroot_list vi/etc/chroot_list ftp

127._root@foxbird

0.

0.1_root@foxbird Connectedto

127.

0.

0.

1._root@foxbird220vsFTPd

2.

0.5530Please loginandPASS.with USERandPASS.530Please loginwith USERauthenticationtypef[ERBEROS_V4rejected asanName

127.

0.

0.1rootwukong331Please specifythe password.Password230Login successful.Remote systemtype isUNIX.Using binarymode totransfer files.ftp cd250Directory successfullychanged.ftp11Invalid coiumandftp11Invalid commandftppwd257”/home”ftp11Invalid coiniriandftpIs227Ent eringPassiveMode127,0,0,1,129,77150Here comesthe directorylisting.226Transfer donebut failedto opendirectory.ftp cd/etc/250Directory successfullychanged.ftp cd/root/var550Failed tochange directory.ftp bye221Goodbye.[rootSfoxbird1#|

12.在FTP服务配置文件中设置欢迎信息ff aTTacKkuob；via mecoiranana biz-E/Dig/niein Abuiiino#predicted thisattack andhas alwaysbeen safe^reporting#raw file.#ASCH manglingisahorrible featureof theprotocol.#ascii_up1oad_enab1e=YES#ascii_downlo ad_enab1e=YE S##You mayfully customisethe loginbanner stringStpd_banner=We1come toblah FTPservice.#

13.登录FTP服务器时显示欢迎信息。