溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
騰訊 云主機或者Ucloud云云主機,系統為Centos6 X86_64位,云主機本地不需要開啟防火墻,只需要控制臺安全組做防火墻策略就行,如下截圖放開pureftpd的登錄端口
yum -y install make gcc gcc-c++ gcc-g77 openssl openssl-devel
wget https://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.49.tar.gz
tar xf pure-ftpd-1.0.49.tar.gz
cd pure-ftpd-1.0.49
./configure --prefix=/usr/local/pureftpd CFLAGS=-O2 --with-puredb --with-quotas --with-cookie --with-virtualhosts --with-diraliases --with-sysquotas --with-ratios --with-altlog --with-paranoidmsg --with-shadow --with-welcomemsg --with-throttling --with-uploadscript --with-language=english --with-rfc2640 --with-ftpwho --with-tls
make &&make install
chmod +x /etc/init.d/pureftpd
chkconfig pureftpd on
touch /usr/local/pureftpd/etc/pureftpd.passwd
touch /usr/local/pureftpd/etc/pureftpd.pdb
echo "export PATH=$PATH:/usr/local/pureftpd/sbin:/usr/local/pureftpd/bin" > /etc/profile.d/pureftpd.sh
source /etc/profile下面是生成環境pure-ftpd.conf的配置文件參數,pureftpd的配置文件中參數后面是不支持#號注釋的,所以生產上要去掉參數后面的#注釋,否則啟動pureftpd會報錯
[root@10-9-156-50 ~]# cat /usr/local/pureftpd/etc/pure-ftpd.conf
chrootEveryone yes
BrokenClientsCompatibility no
MaxClientsNumber 50
Daemonize yes
MaxClientsPerIP 10
VerboseLog no
DisplayDotFiles yes
AnonymousOnly no
NoAnonymous yes
SyslogFacility ftp
DontResolve yes
MaxIdleTime 15
PureDB /usr/local/pureftpd/etc/pureftpd.pdb
LimitRecursion 10000 8
AnonymousCanCreateDirs no
MaxLoad 4
PassivePortRange 2037 2045 ###端口范圍默認是20000到30000之間,安全起見可以給定的小一點
ForcePassiveIP 117.50.12.93 ##云主機默認的網卡為內網卡,所以此處必須綁定VPS的外網ip
AntiWarez yes
Bind ,2038
Umask 133:022
MinUID 100
AllowUserFXP no
AllowAnonymousFXP no
ProhibitDotFilesWrite no
ProhibitDotFilesRead no
AutoRename no
AnonymousCantUpload yes
PIDFile /var/run/pure-ftpd.pid
MaxDiskUsage 99
UserBandwidth 80 ##默認允許上傳才8KB問題的原因:服務器存在內網IP,而pureftp沒有設置被動模式返回的IP地址,默認返回了內網的IP導致客戶端無法鏈接。
參考鏈接:http://blog.hanlei.org/pureftpd%E7%99%BB%E5%BD%95%E5%90%8E%E8%8E%B7%E5%8F%96%E7%9B%AE%E5%BD%95%E5%A4%B1%E8%B4%A5%E7%9A%84%E9%97%AE%E9%A2%98/
說明:為了安全起見purevtpd一般是禁止匿名用戶登錄ftp的,pureftpd服務主要是通過服務器本地的系統虛擬用戶來創建ftp的登錄賬戶的。然而在選用服務器系統本地的虛擬用戶是有要求的,要求虛擬用戶的uid不能小于100,要是uid小于100的話,通過此虛擬用戶創建的ftp登錄賬戶是登錄不了ftp的,會提示密碼不正確(這個是經過本人多次驗證測試過的)
對于web服務的站點工程目錄一般給的權限是www或者apache的系統虛擬用戶的權限
如果采用的是系統默認存在的apache用戶的話,此用戶默認的uid和gid都是48,小于100,必須直接修改成大于等于100的數值
默認值如下:
[root@localhost ~]# grep apache /etc/passwd
apache:x:48:48::/home/apache:/sbin/nologin
[root@localhost ~]# grep apache /etc/group
apache:x:48:
[root@localhost www]# id apache
uid=48(apache) gid=48(apache) groups=48(apache)
直接編輯配置文件修改后的值如下:
[root@localhost ~]# grep apache /etc/passwd
apache:x:100:100::/home/apache:/sbin/nologin
[root@localhost ~]# grep apache /etc/group
apache:x:100:
[root@localhost www]# id apache
uid=100(apache) gid=100(apache) groups=100(apache)
給工程站點目錄授權apache的權限:
chown -R apache.apache /data/www/test/指定apache系統虛擬用戶創建ftp登錄賬戶:sansan
[root@localhost www]# pure-pw list
[root@localhost www]# pure-pw useradd sansan -u apache -d /data/www/test
Password:
Enter it again:
[root@localhost www]# pure-pw mkdb
[root@localhost www]# cat /usr/local/pureftpd/etc/pureftpd.passwd
sansan:$6$92arGKjDIi/aODb0$SmyMeKUpsIYXVAqarsPH9xWqO4bdOqYKUXmP8TyUFlwTbTcvGhfJiW2pNMP56J3rHzSYp.mwCP8UB30MttMK01:100:100::/data/www/test/./::::::::::::通過Xftp客戶端登錄ftp賬戶sansan
到此處演示完成
[root@localhost home]# useradd www -s /sbin/nologin -M
[root@localhost home]# id www
uid=1003(www) gid=1003(www) groups=1003(www)
[root@localhost home]# chown -R www.www /data/www/test
[root@localhost home]# pure-pw list
sansan /data/www/test/./
[root@localhost home]# pure-pw useradd huahua -u www -d /data/www/test
Password:
Enter it again:
[root@localhost home]#
[root@localhost home]# pure-pw mkdb
[root@localhost home]# pure-pw list
sansan /data/www/test/./
huahua /data/www/test/./
[root@localhost home]# cat /usr/local/pureftpd/etc/pureftpd.passwd
sansan:$6$92arGKjDIi/aODb0$SmyMeKUpsIYXVAqarsPH9xWqO4bdOqYKUXmP8TyUFlwTbTcvGhfJiW2pNMP56J3rHzSYp.mwCP8UB30MttMK01:100:100::/data/www/test/./::::::::::::
huahua:$6$oUXu6U/V/UNM7K50$ztuftPKh7ZuzkHkY.XdNlQOmr6i6krlVQ0Mhsv7kuK5Qppvz440T55fRlssB5GrKkmMrSR220I5lU3yEA5Zsu/:1003:1003::/data/www/test/./::::::::::::
[root@localhost home]# 通過filezilla ftp工具登錄ftp賬戶huahua
上傳文件成功
pureftpd服務啟動腳本:
[root@localhost ~]# cat /etc/init.d/pureftpd
#!/bin/bash
#
# chkconfig: 2345 85 15
# description: Pure-FTPd is an FTP server daemon based upon Troll-FTPd
# processname: pure-ftpd
### BEGIN INIT INFO
# Provides: pureftpd
# Required-Start: $all
# Required-Stop: $all
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: starts pureftpd server
# Description: starts pureftpd server
### END INIT INFO
# Author: licess
# website: https://lnmp.org
# Pure-FTPd Settings
PURE_FTPD="/usr/local/pureftpd/sbin/pure-ftpd"
PURE_CONF="/usr/local/pureftpd/etc/pure-ftpd.conf"
PURE_PID="/var/run/pure-ftpd.pid"
RETVAL=0
prog="Pure-FTPd"
start() {
echo -n $"Starting $prog... "
$PURE_FTPD $PURE_CONF
if [ "$?" = 0 ] ; then
echo " done"
else
echo " failed"
fi
}
stop() {
echo -n $"Stopping $prog... "
if [ ! -f "$PURE_PID" ]; then
echo -n $"$prog is not running."
exit 1
fi
kill `cat $PURE_PID`
if [ "$?" = 0 ] ; then
echo " done"
else
echo " failed"
fi
}
restart(){
echo $"Restarting $prog..."
$0 stop
sleep 2
$0 start
}
status(){
if [ -f "$PURE_PID" ]; then
echo $"$prog is running."
else
echo $"$prog is not running."
fi
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
status)
status
;;
*)
echo $"Usage: $0 {start|stop|restart}"
esac官方文檔:https://download.pureftpd.org/pub/pure-ftpd/doc/README.Virtual-Users
到此處演示完成了。歡迎感興趣的網友一起交流學習
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
