資源共享的伺服器
1.ftp: 跨平台,支持tcp/ip的平台就可以,使用ftp協議
2.Samba: 使用smb協議
linux<->windows資源共享
3.nfs: 使用rpc協議
遠程訪問協議
Server種類:
Windows
1) iis
2) server-u
Linux
Wu-ftp
Vsftpd
Pureftp
ftp 是 client/server的模式
client訪問ftp時方式:
1.tcp/ip cmd
2.瀏覽器
3.Cuteftp leapftp flashxp
--為了安全可以使用ssl
ftp 工作方式
(主動和被動由client決定)
1.主動方式
PORT(主動)方式的連接過程是:客戶端向伺服器的FTP埠(默認是21)發送連接請求,伺服器接受連接,建立一條命令鏈路.當需要傳送數據時,客戶端在命令鏈路上用PORT命令告訴伺服器:“我打開了XXXX埠,你過來連接我”.於是伺服器從20埠向客戶端的XXXX埠發送連接請求,建立一條數據鏈路來傳送數據.
不安全,啟用內部伺服器放置在防火牆后,防火牆起不到作用.
如果通過代理上網的話,就不能用主動模式,因為伺服器連接的是上網代理伺服器的埠,而不是連接客戶端的埠,
有時候,客戶端也不是輕易就開門的,因為有防火牆阻擋,除非客戶端開放大於1024的高端埠.
2.被動方式
PASV(被動)方式的連接過程是:客戶端向伺服器的FTP埠(默認是21)發送連接請求,伺服器接受連接,建立一條命令鏈路.當需要傳送數據時,伺服器在命令鏈路上用PASV命令告訴客戶端:“我打開了XXXX埠,你過來連接我”.於是客戶端向伺服器的XXXX埠發送連接請求,建立一條數據鏈路來傳送數據.
傳輸模式
1. ascii
2. binary(默認)
訪問方式
ftp 有身份驗證
lftp 沒有身份驗證
ftp指令
ftp> help
Commands may be abbreviated. Commands are:
! cr mdir proxy send
$ delete mget sendport site
account debug mkdir put size
append dir (查看遠程) mls pwd status
ascii disconnect mode quit struct
bell form modtime quote system
binary get mput recv sunique
bye glob newer reget tenex
case hash nmap rstatus trace
ccc help nlist rhelp type
cd idle ntrans rename user
cdup image open reset umask
chmod lcd passive restart verbose
clear ls private rmdir ?
close macdef prompt runique
cprotect mdelete protect safe
ftp>
get /mget
put /mput
!dir查看本地的
lcd 本地的
[root@mail Server]# rpm -ivh vsftpd-2.0.5-12.el5.i386.rpm
[root@mail Server]# service vsftpd start
Starting vsftpd for vsftpd: [ OK ]
[root@mail Server]#
[root@mail pub]# vim /etc/vsftpd/vsftpd.conf
anonymous_enable=YES
local_enable=YES
write_enable=YES
anon_umask=073 ----屏蔽許可權,解決可以上傳不可以可以下載
anon_upload_enable=YES --匿名用戶有上傳的許可權
anon_mkdir_write_enable=YES
anon_other_write_enable=YES --匿名用戶創建的文件可以被其他用戶讀取的許可權,更改目錄名稱和上傳的目錄的許可權
dirmessage_enable=YES --目錄說明的文件
--要打開日誌文件才會有傳輸日誌
xferlog_enable=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
#要顯示詳細日誌,請求應答log
#xferlog_std_format=no
#log_ftp_protocol=no
--會顯示詳細日誌信息,必須是非標準日誌模式下
#默認傳輸是二進位
#ascii_upload_enable=YES
#ascii_download_enable=YES
# You may fully customise the login banner string:
ftpd_banner=Welcome to lwy's FTP service.
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
deny_email_enable=YES
banned_email_file=/etc/vsftpd/banned_emails
#添加拒絕的郵箱
[root@mail pub]# man 5 vsftpd.conf
dirmessage_enable
If enabled, users of the FTP server can be shown messages when
they first enter a new directory. By default, a directory is
scanned for the file .message, but that may be overridden with
the configuration setting message_file.
Default: NO (but the sample config file enables it)
anon_other_write_enable
If set to YES, anonymous users will be permitted to perform
write operations other than upload and create directory, such as
deletion and renaming. This is generally not recommended but
included for completeness.
Default: NO
本地用戶登錄
[root@mail pub]# lftp -u user1 127.0.0.1
Password:
lftp user1@127.0.0.1:~> user user2
Password:
lftp user2@127.0.0.1:~> pwd
ftp://user2@127.0.0.1
lftp user2@127.0.0.1:~> cd pub
cd: Access failed: 550 Failed to change directory. (/home/user2/pub)
lftp user2@127.0.0.1:~> bye
[root@mail ~]# cd /var/ftp
[root@mail ftp]# chmod o wt pub/ --改變許可權pub目錄可寫只有創建的人才能刪除
創建目錄說明文件
[root@mail pub]# vim .message
This is pub dir
[root@mail log]# ftp 127.0.0.1
Connected to 127.0.0.1.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/"
ftp> cd pub
250-This is pub dir
250 Directory successfully changed.
ftp> bye
221 Goodbye.
拒絕的郵箱密碼登陸的測試
--lftp用戶訪問沒有目錄切換說明
[root@mail log]# lftp 127.0.0.1
lftp 127.0.0.1:~> cd pub
cd ok, cwd=/pub
lftp 127.0.0.1:/pub> dir
drwx---r-- 2 14 50 4096 Aug 27 17:48 dd
drwx---r-- 2 14 50 4096 Aug 27 17:05 ff
drwxr-xr-x 2 0 0 4096 Aug 27 17:48 ll
drwxr-xr-x 2 0 0 4096 Aug 27 17:48 yy
drwx---r-- 2 14 50 4096 Aug 27 17:05 新文件夾 (3)
lftp 127.0.0.1:/pub> get ll
get: Access failed: 550 Failed to open file. (ll)
lftp 127.0.0.1:/pub> get dd
get: Access failed: 550 Failed to open file. (dd)
lftp 127.0.0.1:/pub> get 123.txt
6 bytes transferred
[root@mail pub]# tail /var/log/vsftpd.log
Sat Aug 27 18:12:35 2011 1 127.0.0.1 0 /pub/ll b _ o a lftp@ ftp 0 * i
Sat Aug 27 18:12:42 2011 1 127.0.0.1 0 /pub/dd b _ o a lftp@ ftp 0 * i
Sat Aug 27 18:13:55 2011 1 192.168.101.177 6 /pub/123.txt.txt b _ i a IEUser@ ftp 0 * c
Sat Aug 27 18:15:20 2011 1 127.0.0.1 6 /pub/123.txt b _ o a lftp@ ftp 0 * c
[root@mail pub]#
[root@mail pub]# ftp 127.0.0.1
Connected to 127.0.0.1.
220 Welcome to lwy's FTP service.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): user1
331 Please specify the password.
Password: --輸入lwy@126.com
530 Login incorrect.
Login failed.
ftp>
--防止用戶郵箱登陸ftp
本文出自 「一抹茶色陽光」 博客,請務必保留此出處http://sweetsingle.blog.51cto.com/3429592/742193
[火星人 ] linux-vsftp基礎1已經有688次圍觀
