Linux FTP服务器配置实验报告

实验三FTP服务器配置实验课程名：RedHatEnterpriseLinux系统管理专业班级：学号：姓名：实验时间：，实验地点：，指导教师：、实验目的（1）掌握Vsftpd服务器的配置方法。（2）熟悉FTP客户端工具的使用。（3）掌握常见的FTP服务器的故障排除。二、项目背景构建一台FTP服务器，为局域网的计算机提供文件传送任务，要求能够对FTP服务器设置连接限制、日志记录、消息、验证客户端身份等属性，并能够创建用户隔离的FTP站点。三、实验内容练习Linux系统下Vsftpd服务器的配置方法及FTP客户端工具的使用。四、实验步骤査看FTP服务是否已安装，可知服务已安装，并査看文件信息rootdfoxbird:loginas:rootroot@32"spassword：ServerrefusedtosetallenvironmentvariablesLastlogin：WedMar2810:24:292012from[root@foxbirdJ#rpm-qa|grepvsftpdvsftpd-2.0.5-16.el5_5.1[root@foxbirdJ#rpm-qlvsftpd/etc/logrotate.d/vsftpd.log/etc/pam.d/vsftpd/etc/rc.d/init.d/vsftpd/etc/vsftpd/etc/vsftpd/ftpusers/etc/vsftpd/user_list/etc/vsftpd/vsftpd.conf/etc/vsftpd/vsftpd_conf_migrate,sh/usr/sbin/vsftpd/usr/share/doc/vsftpd-2.0.5/usr/share/doc/vsftpd-2.0.5/AUDIT/usr/share/doc/vsftpd-2.0.5/BENCHMARKS/usr/share/doc/vsftpd-2.0.5/BUGS/usr/share/doc/vsftpd-2.0.5/COPYING/usr/share/doc/vsftpd-2.0.5/Changelog/usr/share/doc/vsftpd-2.0.5/EXAMPLE/usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE2、启动FTP服务

7#chmod777/var/ftp/pubservicevsftpdrestartd：;root®foxbird.root@foxbird关闭vsftpd：_为vsftpd.启动vs[root@foxbirdJ#7#chmod777/var/ftp/pubservicevsftpdrestartd：只允许匿名用户登录:itrootetoxbird:[rootSfoxbirdftpConnectedto.andPASS,andPASS,authenticationtype(vsFTPd2.0.5)andPASS,andPASS,authenticationtype530PleaseloginwithUSER530PleaseloginwithUSERKERBEROS_V4rejectedasanName(:root):anonymous331Pleasespecifythepassword.Password：230Loginsuccessful.RemotesystemtypeisUNIX.Usingbinarymodetotransferfiles.ftp>Is227EnteringPassiveMode(127,0,0,1,210,184)150Herecomesthedirectorylisting.drwxrwxrwx2004096May252010pub226DirectorysendOK.ftp>byeGoodbye.‘[root@foxbirdT#ftpConnectedto.andPASS,andPASS,authenticationtype(vsFTPd2.0.5)andPASS,andPASS,authenticationtype530PleaseloginwithUSER530PleaseloginwithUSERKERBEROS_V4rejectedasanName(:root):wukong530ThisFTPserverisanonymousonly.Loginfailed.ftp>byeGoodbye.[root@foxbirdT#I5、限定本地用户配置信息

r-j101419vsztpdug=rlistr-j101419vsztpdug=rlistIfuser1i51_den^-NO,onlyallowusersintnisfileIfuser1i=t_den^-YES(d亡fault),neverallo'7userEinthisfil亡，anddonotev=nproniptforapassword.No:ethatthedefault^sftpdpamconfigalsochecks/etc/vsftpd/ftpusersforusersthatsredenied.rootbindaemonadmlpsyncshutdownhaltmailnewsuucp□peratorgamesnobodyshinejkr-jvi/etc/vsftpd/user_listservicevsftpdrestart7、重启FTP服务，shinejkvi/etc/vsftpd/user_listservicevsftpdrestart_root@foxbird_root@foxbird关闭vsftpd：_为vsftpd启动vsftpd：[root@foxbirdT#ftpCormectEdto.andPASS,andPASS,authenticationtype(vsFTPd2.0.5)andPASS,andPASS,authenticationtype530PleaseloginwithUSER530PleaseloginwithUSERKERBEROS_V4rejectedasanName(:root):shinejk530Permissiondenied.Loginfailed.ftp>byeGoodbye.[root@foxbirdT#|8、设置所有的本地用户都不能切换到主目录以外的目录在vsftpd.conf中添加chrootlocaluser=YES

#亡curs亡—亡#亡curs亡—亡nabl亡二YEE#-”_”#When"listen"directiveisenabled,vsftpdrunsinstandaloneroodnd#listensonIPv4sockets・Thisdirectivecannotbeusedinconjuncn#withthelist亡“—ipw&directive.listen=YES##ThisdirectiveenableslisteningonIPv6sockets・TolistenonIP-andIPv6#sockets,youmustruntwocopiesofvsftpdwhithtvgconfiguratio:iles.#Makesure,thatoneofthelistenoptionsiscommented!!#listen_ipv6=YES11511&pam_service_name=vsftpduser1ist_enab1e=YEStcp_m?appers=YESchroot_loc：al_user=YES|—INSERT—9、设置指定的用户不可切换到主目录以外的目录首先，编辑vsftpd.conf文件，修改配置为chroot_list_enable=YESchroot_list_file=/etc/vsftpd/chroot_list指定/etc/vsftpd/chroot_list文件中的用户不能切换到主目录以外的目录。Youmayspecifyanexplicitlistoflocaluserstochroot()directory.Ifchroot_local_userisYES,thenthislistbecojuserstoNOTchroot().chroot_list_enable=YES(defaultfollows)Hhroot_list_file=/etc/vsftpd/chroot_list10、添加限定用户wukongxUUUJL.UXXLL.[■jMvsftpduserlis:#Ifuser1ist_deny=NO,onlyallowusersinthisfile#Ifuser1ist_deny=YES(default),neverallowusersi匚thisfile,I#donotevenpromptforapassword.#Not已thatth已d已faultvsftpdpamconfigalsoch已cks/etc/vsftpd/:#for已T£thatar已d已ni已d.rootbindaemonTOC\o"1-5"\h\zadmlpsyncshutdownhaltmailnewsuucpoperatorgainernobodyshinsjkwukongI--.'f-Jf-Jf-J11、本地用户wukong登录FTP服务器后无法切换到主目录以外的目录rooi:@fcixbirdrooi:@fcixbirdrooi:@fcixbirdrooi:@fcixbirdI--U*-r-rooi:@fcixbirdrooi:@fcixbirdrooi:@fcixbirdrooi:@fcixbirdI--U*-r-上vi/etc/chj7oot_listvi/etc/chj7oot_listftp"Connected-to127・Q・Q・1・andandPAESnuthuntiuntiandandPAESnuthuntiunti口口typ巴53QPleaselogin呷ithUSER.530Pleaselogin凹ithUSER.KBRBBR0S_V4rejectedan.…Name(;xQQt);机ik皿吕331Pleasespecifythepassword・Password;230Loginsuccessfu1.RemotesystemtypeisUNIX・Usingbinarymodetotransferfiles・ftp>cd..250Directorysuccessfullychanged.ftp>11^Invalidcoiranandftp>11^Invalidcoiranandftp>pwd257"/ticimyftp>11^Invalidcoiranandftp>Is227EnteringPassiveJrtode(127,0,0,1,129,77)150Herecomesthedirectorylisting.226Transferdone(butfai1edtoopendirectory).ftp>cd/etc/250Directorysuccessfullychanged.ftp>cd/root/var550Failedtochangedirectory.ftp>byeGoodbye.[root@foxbirdT#|12、在FTP服务配置文件中设置欢迎信息p