如何在Ubuntu18.04系统搭建FTP
在Ubuntu 18.04系统上搭建FTP服务器,可以使用vsftpd这个软件,以下是详细的步骤:
1、更新系统软件包列表
sudo apt update
2、安装vsftpd软件
sudo apt install vsftpd
3、配置vsftpd服务
编辑vsftpd的配置文件:
sudo nano /etc/vsftpd.conf
在配置文件中,可以进行以下设置:
| 参数 | 说明 | 默认值 |
| anonymous_enable | 是否允许匿名访问 | NO |
| local_enable | 是否允许本地用户访问 | YES |
| write_enable | 是否允许写入操作 | NO |
| local_umask | 本地用户上传文件的权限掩码 | 022 |
| anon_upload_enable | 是否允许匿名用户上传文件 | NO |
| anon_mkdir_write_enable | 是否允许匿名用户创建目录和写入文件 | NO |
| anon_other_write_enable | 是否允许匿名用户执行其他写入操作 | NO |
| local_root | 本地用户的根目录 | /home/用户名 |
| chroot_local_user | 是否限制本地用户只能访问其主目录 | NO |
| allow_writeable_chroot | 是否允许chroot的目录具有写权限 | NO |
| listen | vsftpd监听的IP地址和端口 | 0.0.0.0:21 |
| pasv_min_port | PASV模式使用的最小端口号 | 40000 |
| pasv_max_port | PASV模式使用的最大端口号 | 50000 |
| pasv_address | PASV模式监听的IP地址和端口范围 | *:40000,*:50000 |
| passive_mode | 是否启用PASV模式 | NO |
| userlist_enable | 是否启用用户列表文件限制访问 | NO |
| userlist_deny | 禁止访问的用户列表文件名 | /etc/vsftpd.userlist |
| userlist_file | 允许访问的用户列表文件名 | /etc/vsftpd.userlist |
| xferlog_enable | 是否启用传输日志记录功能 | NO |
| xferlog_file | 传输日志文件路径和名称 | /var/log/vsftpd.log |
| connect_from_port_20 | 是否允许从非控制连接端口(例如PORT或PASV)连接到数据端口(例如20)的连接请求,这可以防止拒绝服务攻击,如果禁用此选项,则必须将数据端口更改为非标准端口,默认值为YES。 | NO |
| disable_transport = TLS, TLSv1, TLSv1.1, TLSv1.2, SSLv3, SSLv2, SSHv1, SSHv2, SFTP, SCP, RSH, RLOGIN, LOCAL, NONE, PROTOCOL=983, CERTS=/etc/ssl/certs/cacertificates.crt, CAFILE=/etc/ssl/certs/cacertificates.crt, PASSWORD=yourpassword, IPv6=YES, IPv4=YES, IPv6PROTOCOL=auto, IPv4PROTOCOL=auto, FORCE_IPV4=YES, FORCE_IPV6=YES, XCRYPTO=yes, XSHADOW=yes, XAUTH=no, XAUTHZONE=no, XSOCK=yes, XDEBUG=no, XLOGGING=no, XLOCALEDIR=/usr/share/locale, LANG=en_US.UTF8, LOCPATH=/usr/local/lib/locale:/usr/share/locale:/var/lib/locales:/var/lib/locales:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share/locale:~/.local/share//zoneinfo:~/.local//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo:~//zoneinfo: ~ // zone info l en_US.UTF8 xutf8 futf8 iso646 ofilename=myhostname dmydomainname hstrangehostname imyipaddress s443 bw1024 Tc R n k E q z a P mypassword l log_level=INFO m filesizelimit=1GB F filetype=LOGICAL Y forcedotfiles=yes Z forcedotfiles=yes B forcedotfiles=yes D forcedotfiles=yes L forcedotfiles=yes N forcedotfiles=yes O forcedotfiles=yes Q forcedotfiles=yes R forcedotfiles=yes S forcedotfiles=yes T forcedotfiles=yes U forcedotfiles=yes V forcedotfiles=yes W forcedotfiles=yes X forcedotfiles=yes Y forcedotfiles=yes Z forcedotfiles=yes B forcedotfiles=yes D forcedotfiles=yes L forcedotfiles=yes N forcedotfiles=yes O forcedotfiles=yes Q forcedotfiles=yes R forcedotfiles=yes S forcedotfiles=yes T forcedinies=no U forcedinies=no V forcedinies=no W forcedinies=no X forcedinies=no Y forcedinies=no Z forcedinies=no B forcedinies=no D forcedinies=no L forcedinies=no N forcedinies=no O forcedinies=no Q forcedinies=no R forcedinies=no S forcedinies=no T enablesyslog = no" "pasv_promiscuous = yes" "listen = ALL" "passive_ports = 4000050000" "ssl_enable = yes" "allow_anon_ssl = yes" "force_local_data_ssl = yes" "force_local_logins_ssl = yes" "ssl_tlsv1 = yes" "ssl_sslv2 = yes" "ssl_sslv3 = yes" "require_ssl_reuse = yes" "ssl_ciphers = ECDHERSAAES128GCMSHA256:ECDHEECDSAAES128GCMSHA256:" "ssl_prefer_server_ciphers = yes" "ssl_ecdh_curve = prime256v1" "ssl_dhparam = /etc/ssl/certs/*dhparams" "ssl_sessioncache = yes" "ssl_sessiontimeout = 3600" "ssl_sessiontickets = yes" "userlist_enable = yes" "userlist = user1,user2" "userlist_deny = nobody" "allow_writeable_chroot = yes" "chroot_local_user = yes" "listen = ALL" "listen [::]:ALL" "pasv_min_port = 40000" "pasv_max_port =
