|
实验要求: RHEL6.4 下搭建一个ftp服务器 禁止匿名用户登录,允许本地账户登录 禁锢普通账户在自己的宿主目录中 设置普通账户登录访问/data/ftp 限制普通账户下载速度150KB/s
[root@ftp-server ~]# rpm -q vsftpd vsftpd-2.2.2-11.el6.x86_64
[root@ftp-server ~]# vim /etc/vsftpd/vsftpd 12 anonymous_enable=NO //禁止匿名用户登录 …… 120 chroot_local_user=YES //禁锢普通账户在自己的宿主目录 121 local_root=/data/ftp //设置宿主目录/data/ftp 122 local_max_rate=150000 //限制普通账户下载速度150KB/s
[root@ftp-server ~]# useradd obama [root@ftp-server ~]# echo "123456" | passwd --stdin obama [root@ftp-server ~]# mkdir -p /data/ftp [root@ftp-server ~]# ls -ld /data/ftp drwxr-xr-x. 2 root root 4096 Apr 16 05:35 /data/ftp //实体帐户不能上传 [root@ftp-server ~]# dd if=/dev/zero of=/data/ftp/film.avi bs=1M count=512 //创建测试文件
[root@ftp-server ~]# service vsftpd start [root@ftp-server ~]# chkconfig vsftpd on
[root@client ~]# ftp 192.168.100.1 //也可使用图形化软件测试,ftp命令若没有,需先安装软件包yum install ftp Connected to 192.168.100.2 (192.168.100.1). 220 (vsFTPd 2.2.2) Name (192.168.100.2:root): obama 331 Please specify the password. Password: 500 OOPS: cannot change directory:/home/obama //此提示说明selinux问题 Login failed.
[root@ftp-server ~]# getsebool -a | grep ftp //查找ftp有关的布尔值 allow_ftpd_anon_write --> off allow_ftpd_full_access --> off allow_ftpd_use_cifs --> off allow_ftpd_use_nfs --> off ftp_home_dir --> off ftpd_connect_db --> off ftpd_use_passive_mode --> off httpd_enable_ftp_server --> off tftp_anon_write --> off
[root@client ~]# ftp 192.168.100.1 Connected to 192.168.100.1 (192.168.100.1). 220 (vsFTPd 2.2.2) Name (192.168.100.2:root): obama 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (192,168,100,2,123,195). 150 Here comes the directory listing. -rw-r--r-- 1 0 0 536870912 Apr 16 12:38 film.avi 226 Directory send OK.
|