运行环境:RHEL 6.6
首先安装RHEL 6.6,并且设置RHEL 6.6 iso作为本地YUM源。
1. 找到vsftpd软件
vsftpd(very secure FTP daemon)软件就在RHEL 6.6 iso中,挂载后,进入Packages目录,
# ls *ftp*
ftp-0.17-54.el6.x86_64.rpm tftp-0.49-7.el6.x86_64.rpm
gvfs-obexftp-1.4.3-18.el6.x86_64.rpm tftp-server-0.49-7.el6.x86_64.rpm
lftp-4.0.9-1.el6_5.1.i686.rpm vsftpd-2.2.2-12.el6_5.1.x86_64.rpm
lftp-4.0.9-1.el6_5.1.x86_64.rpm
2. 安装vsftpd
# rpm -ivh vsftpd-2.2.2-12.el6_5.1.x86_64.rpm
warning: vsftpd-2.2.2-12.el6_5.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing... ########################################### [100%]
1:vsftpd ########################################### [100%]
# rpm -qa | grep vsftpd
vsftpd-2.2.2-12.el6_5.1.x86_64
3. 启动vsftpd
# service vsftpd start
# chkconfig --level 35 vsftpd on
4. disable SELinux
# vim /etc/selinux/config
修改后的文件内容如下:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
5. 设置防火墙,开启port:20和port:21
# vim /etc/sysconfig/iptables
修改后的文件内容如下:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 20 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
6. 如果需要使用root账户登录ftp,需要修改以下两个文件
# vim /etc/vsftpd.ftpusers, 注释root这一行
# vim /etc/vsftpd.user_list,注释root这一行
7. 重启机器
# netstat -an | grep 21
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
8. 使用FileZilla连接
这样设置后,连接时会报告一个错误: 无法建立数据连接:ECONNREFUSED - 连接被服务器拒绝。
需要把传输模式设置为“主动”。
参考文献:
1. http://blog.csdn.net/ft1512975/article/details/6620227
2. http://meiyitianabc.blog.163.com/blog/static/1050221272013111393315536/
3. http://blog.163.com/yxhui_cool/blog/static/770197702010712516841/
首先安装RHEL 6.6,并且设置RHEL 6.6 iso作为本地YUM源。
1. 找到vsftpd软件
vsftpd(very secure FTP daemon)软件就在RHEL 6.6 iso中,挂载后,进入Packages目录,
# ls *ftp*
ftp-0.17-54.el6.x86_64.rpm tftp-0.49-7.el6.x86_64.rpm
gvfs-obexftp-1.4.3-18.el6.x86_64.rpm tftp-server-0.49-7.el6.x86_64.rpm
lftp-4.0.9-1.el6_5.1.i686.rpm vsftpd-2.2.2-12.el6_5.1.x86_64.rpm
lftp-4.0.9-1.el6_5.1.x86_64.rpm
2. 安装vsftpd
# rpm -ivh vsftpd-2.2.2-12.el6_5.1.x86_64.rpm
warning: vsftpd-2.2.2-12.el6_5.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing... ########################################### [100%]
1:vsftpd ########################################### [100%]
# rpm -qa | grep vsftpd
vsftpd-2.2.2-12.el6_5.1.x86_64
3. 启动vsftpd
# service vsftpd start
# chkconfig --level 35 vsftpd on
4. disable SELinux
# vim /etc/selinux/config
修改后的文件内容如下:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
5. 设置防火墙,开启port:20和port:21
# vim /etc/sysconfig/iptables
修改后的文件内容如下:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 20 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
6. 如果需要使用root账户登录ftp,需要修改以下两个文件
# vim /etc/vsftpd.ftpusers, 注释root这一行
# vim /etc/vsftpd.user_list,注释root这一行
7. 重启机器
# netstat -an | grep 21
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
8. 使用FileZilla连接
这样设置后,连接时会报告一个错误: 无法建立数据连接:ECONNREFUSED - 连接被服务器拒绝。
需要把传输模式设置为“主动”。
参考文献:
1. http://blog.csdn.net/ft1512975/article/details/6620227
2. http://meiyitianabc.blog.163.com/blog/static/1050221272013111393315536/
3. http://blog.163.com/yxhui_cool/blog/static/770197702010712516841/
没有评论:
发表评论