最好先sudo su获得root权限。
- 安装vsftpd
sudo apt-get install vsftpd
修改/etc/vsftpd.conf如下:
listen=NO
listen_ipv6=YES
# Allow anonymous FTP? (Disabled by default).
anonymous_enable=NO
# Uncomment this to allow local users to log in.
local_enable=YES
# Uncomment this to enable any form of FTP write command.
write_enable=YES
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# If enabled, vsftpd will display directory listings with the time
# in your local time zone. The default is to display GMT. The
# times returned by the MDTM FTP command are also affected by this
# option.
use_localtime=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=YES
# You may fully customise the login banner string:
ftpd_banner=Welcome to FTP service.
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
chroot_local_user=YES
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd.chroot_list
# This option should be the name of a directory which is empty. Also, the
# directory should not be writable by the ftp user. This directory is used
# as a secure chroot() jail at times vsftpd does not require filesystem
# access.
secure_chroot_dir=/var/run/vsftpd/empty
#
# This string is the name of the PAM service vsftpd will use.
# pam_service_name=vsftpd
pam_service_name=ftp
# This option specifies the location of the RSA certificate to use for SSL
# encrypted connections.
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO
#
# Uncomment this to indicate that vsftpd use a utf8 filesystem.
utf8_filesystem=YES
上面的配置文件中,部分讲解
#不了解,我查看了很多博客,这个设置的是YES,但是我设置成YES,登陆直接被拒绝。
listen=NO
#拒绝匿名登陆
anonymous_enable=NO
#设置可以上传文件,这个设置看需要个人需要
write_enable=YES
#开启日志记录
xferlog_enable=YES
#设置日志文件路径
xferlog_file=/var/log/vsftpd.log
#设置日志格式为标准输出
xferlog_std_format=YES
#绑定20端口
connect_from_port_20=YES
#欢迎语句,在使用shell时可以看到
ftpd_banner=Welcome to FTP service.
下面这几个的设置比较重要:
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
#上面的这几个配置实现的功能是:用户被限制在自己的主目录下。用户名单来源于/etc/vsftpd.chroot_list。具体可以参考:http://blog.csdn.net/bluishglc/article/details/42398811
#一个重要的配置原配置中为vsftpd,ubuntu用户需要更改成ftp
pam_service_name=ftp
#不知道这项有没有起作用,上传的文件不乱码,用浏览器打开是乱码
utf8_filesystem=YES
- 创建用户
mkdir /home/xxx
sudo useradd xxx -g ftp -d /home/xxx
#限制用户xxx只能通过ftp登陆,而不能直接登陆服务器
usermod -s /sbin/nologin xxx
- 新建/etc/vsftpd.chroot_list将xxx放进去,文件如下所示,一行一个用户
xxx
- 启动vsftpd或者重启
启动
systemctl start vsftpd 或 service vsftpd start
重启
systemctl restart vsftpd或 service vsftpd restart
- 登陆
在windows的文件资源管理器或者在浏览器中打开ftp://your_server_ip输入账号密码,即可用登陆。浏览器中只能查看,文件操作如新建等需要在window的文件资源管理器中或者filezila中进行。