BB Black 入门基础之FTP服务器配置

lonerzf

BB Black 入门基础之FTP服务器配置 [复制链接]

那啥，感谢大家的支持，趁今天有空，再发两篇，然后就要忙自己的事情了。希望有网友能帮忙接下去，分享更多的经验。
准备工作：
安装在μSD上的debian系统
安装FTP工具 FileZilla

开始进入正题。
1.安装vsftpd
sudo apt-get install vsftpd
安装完毕后或许会自动生成一个帐户"ftp"，然后去/srv/ftp下面新建一个共享文件夹share_ftp
修改用户及用户组为  ftp:ftp ,权限为所有都可读可写可执行。
sudo chown ftp:ftp /srv/ftp/share_ftp
sudo chmod 777  /srv/ftp/share_ftp

注意，如果想要新建一个ftp用户，那么就要用
adduser --home /srv/ftp/pub  ftp_zhao
然后别忘了输入密码。接着将pub 权限改为 ftp_zhao:ftp_zhao 777
sudo chmod 777  /srv/ftp/pub

最后,可以设置chroot_local_user=NO 将使用者限制在自己的家目录之内

还有一点，实践中发现ftp与anonymous 性质相似，都属于是匿名访问方式(都不需要密码).

修改ftp用户密码方法(可不改):
sudo passwd ftp

2.修改配置文件
通过sudo gedit /etc/vsftpd.conf修改。

1. 完整配置代码如下（这是我自己的配置文件，可能会有不妥的地方，请仔细检查）：
   
2. 
   
3. # Example config file /etc/vsftpd.conf
   
4. #
   
5. # The default compiled in settings are fairly paranoid. This sample file
   
6. # loosens things up a bit, to make the ftp daemon more usable.
   
7. # Please see vsftpd.conf.5 for all compiled in defaults.
   
8. #
   
9. # READ THIS: This example file is NOT an exhaustive list of vsftpd options.
   
10. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
    
11. # capabilities.
    
12. #
    
13. #
    
14. # Run standalone?  vsftpd can run either from an inetd or as a standalone
    
15. # daemon started from an initscript.
    
16. listen=YES
    
17. #
    
18. # Run standalone with IPv6?
    
19. # Like the listen parameter, except vsftpd will listen on an IPv6 socket
    
20. # instead of an IPv4 one. This parameter and the listen parameter are mutually
    
21. # exclusive.
    
22. #listen_ipv6=YES
    
23. #
    
24. # Allow anonymous FTP? (Disabled by default)
    
25. anonymous_enable=YES
    
26. #
    
27. # Uncomment this to allow local users to log in.
    
28. local_enable=YES
    
29. #
    
30. # Uncomment this to enable any form of FTP write command.
    
31. write_enable=YES
    
32. #
    
33. # Default umask for local users is 077. You may wish to change this to 022,
    
34. # if your users expect that (022 is used by most other ftpd's)
    
35. local_umask=022
    
36. #
    
37. # Uncomment this to allow the anonymous FTP user to upload files. This only
    
38. # has an effect if the above global write enable is activated. Also, you will
    
39. # obviously need to create a directory writable by the FTP user.
    
40. anon_upload_enable=YES
    
41. #
    
42. # Uncomment this if you want the anonymous FTP user to be able to create
    
43. # new directories.
    
44. anon_mkdir_write_enable=YES
    
45. #
    
46. # Activate directory messages - messages given to remote users when they
    
47. # go into a certain directory.
    
48. dirmessage_enable=YES
    
49. #
    
50. # If enabled, vsftpd will display directory listings with the time
    
51. # in  your  local  time  zone.  The default is to display GMT. The
    
52. # times returned by the MDTM FTP command are also affected by this
    
53. # option.
    
54. use_localtime=YES
    
55. #
    
56. # Activate logging of uploads/downloads.
    
57. xferlog_enable=YES
    
58. #
    
59. # Make sure PORT transfer connections originate from port 20 (ftp-data).
    
60. connect_from_port_20=YES
    
61. #
    
62. # If you want, you can arrange for uploaded anonymous files to be owned by
    
63. # a different user. Note! Using "root" for uploaded files is not
    
64. # recommended!
    
65. chown_uploads=YES
    
66. chown_username=ftp
    
67. #
    
68. # You may override where the log file goes if you like. The default is shown
    
69. # below.
    
70. #xferlog_file=/var/log/vsftpd.log
    
71. #
    
72. # If you want, you can have your log file in standard ftpd xferlog format.
    
73. # Note that the default log file location is /var/log/xferlog in this case.
    
74. xferlog_std_format=YES
    
75. #
    
76. # You may change the default value for timing out an idle session.
    
77. #idle_session_timeout=600
    
78. #
    
79. # You may change the default value for timing out a data connection.
    
80. #data_connection_timeout=120
    
81. #
    
82. # It is recommended that you define on your system a unique user which the
    
83. # ftp server can use as a totally isolated and unprivileged user.
    
84. #nopriv_user=ftpsecure
    
85. #
    
86. # Enable this and the server will recognise asynchronous ABOR requests. Not
    
87. # recommended for security (the code is non-trivial). Not enabling it,
    
88. # however, may confuse older FTP clients.
    
89. #async_abor_enable=YES
    
90. #
    
91. # By default the server will pretend to allow ASCII mode but in fact ignore
    
92. # the request. Turn on the below options to have the server actually do ASCII
    
93. # mangling on files when in ASCII mode.
    
94. # Beware that on some FTP servers, ASCII support allows a denial of service
    
95. # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
    
96. # predicted this attack and has always been safe, reporting the size of the
    
97. # raw file.
    
98. # ASCII mangling is a horrible feature of the protocol.
    
99. ascii_upload_enable=YES
    
100. ascii_download_enable=YES
     
101. #
     
102. # You may fully customise the login banner string:
     
103. ftpd_banner=Welcome to blah Zhao's FTP service.
     
104. #
     
105. # You may specify a file of disallowed anonymous e-mail addresses. Apparently
     
106. # useful for combatting certain DoS attacks.
     
107. #deny_email_enable=YES
     
108. # (default follows)
     
109. #banned_email_file=/etc/vsftpd.banned_emails
     
110. #
     
111. # You may restrict local users to their home directories.  See the FAQ for
     
112. # the possible risks in this before using chroot_local_user or
     
113. # chroot_list_enable below.
     
114. chroot_local_user=NO
     
115. #
     
116. # You may specify an explicit list of local users to chroot() to their home
     
117. # directory. If chroot_local_user is YES, then this list becomes a list of
     
118. # users to NOT chroot().
     
119. #chroot_local_user=YES
     
120. #chroot_list_enable=YES
     
121. # (default follows)
     
122. #chroot_list_file=/etc/vsftpd.chroot_list
     
123. #
     
124. # You may activate the "-R" option to the builtin ls. This is disabled by
     
125. # default to avoid remote users being able to cause excessive I/O on large
     
126. # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
     
127. # the presence of the "-R" option, so there is a strong case for enabling it.
     
128. #ls_recurse_enable=YES
     
129. #
     
130. # Debian customization
     
131. #
     
132. # Some of vsftpd's settings don't fit the Debian filesystem layout by
     
133. # default.  These settings are more Debian-friendly.
     
134. #
     
135. # This option should be the name of a directory which is empty.  Also, the
     
136. # directory should not be writable by the ftp user. This directory is used
     
137. # as a secure chroot() jail at times vsftpd does not require filesystem
     
138. # access.
     
139. secure_chroot_dir=/var/run/vsftpd/empty
     
140. #
     
141. # This string is the name of the PAM service vsftpd will use.
     
142. pam_service_name=vsftpd
     
143. #
     
144. # This option specifies the location of the RSA certificate to use for SSL
     
145. # encrypted connections.
     
146. rsa_cert_file=/etc/ssl/private/vsftpd.pem

复制代码

这样，在同局域网的电脑上，用我的IP地址，用帐号"ftp"和对应密码就可以登录了，密码是第一步里面passwd那句指定的。

对了，更改配置后不要忘了重启ftp服务  

命令:
sudo /etc/init.d/vsftpd restart

这样应该就没问题了。

打开FileZilla


FTP目录下空空的，从桌面拖一个new2.txt的文件进去试试。


是不是可以了呢？如果出现了，那就恭喜了。


如果需要用到匿名方式

这里选匿名即可。匿名用户可以上传下载就是不能修改，也不能跨目录，安全性比较好。

到这里，本文就算完成了。

[ 本帖最后由 lonerzf 于 2013-12-19 16:04 编辑 ]

anananjjj

顶楼主的帖子！学习了！

kaizhiyu

最近在试BBB与win或者Ubuntu互传文件   发现SSH挺好的  

suoma

喜欢BBB，期待更多作品