{"id":191,"date":"2010-10-22T16:46:19","date_gmt":"2010-10-22T08:46:19","guid":{"rendered":"http:\/\/www.ipcpu.com\/?p=191"},"modified":"2010-10-22T16:46:19","modified_gmt":"2010-10-22T08:46:19","slug":"linux-pureftp-two","status":"publish","type":"post","link":"https:\/\/c.ipcpu.com\/2010\/10\/linux-pureftp-two\/","title":{"rendered":"Linux\u5b66\u4e60\u7b14\u8bb0\u4e4bpureftp\uff08\u4e8c\uff09\u533f\u540d\u7528\u6237"},"content":{"rendered":"

\u5173\u952e\u5b57\uff1apureftp pureftpd \u6280\u672f\u6587\u6863 Linux \u670d\u52a1\u5668 \u67b6\u8bbe \u5b66\u4e60\u7b14\u8bb0 proftp proftpd vsftp FTP Serv-U Xlight \u88ab\u52a8\u6a21\u5f0f iptables \u7aef\u53e3 \u8303\u56f4<\/span><\/p>\n

pureftp\u9ed8\u8ba4\u652f\u6301\u533f\u540d\u7528\u6237\u7684\uff0c\u4f46\u662f\u9ed8\u8ba4\u7684\u533f\u540d\u7528\u6237\u8981\u767b\u5f55\u5fc5\u987b\u6ee1\u8db3\u4e00\u4e0b\u4e24\u4e2a\u6761\u4ef6\uff1a<\/p>\n

1.\u786e\u4fdd\u6709ftp\u7528\u6237<\/strong>
\ngrep ftp \/etc\/passwd<\/p>\n

2.\u786e\u4fdd\u6709ftp\u7528\u6237\u4e3b\u76ee\u5f55<\/strong><\/p>\n

usermod -d \/data ftp<\/p>\n

\u9ed8\u8ba4\u652f\u6301\u533f\u540d\u7528\u6237\u4e0a\u4f20\uff0c\u533f\u540d\u7528\u6237\u4e0a\u4f20\u662f\u6839\u636e\u7528\u6237\u4e3b\u76ee\u5f55\u6743\u9650\u6765\u63a7\u5236\u7684<\/p>\n

chown ftp:ftp \/data\/upload<\/p>\n

\u533f\u540d\u7528\u6237\u53ef\u8c03\u53c2\u6570\uff1a<\/strong><\/span><\/p>\n

# Don\u2019t allow authenticated users \u2013 have a public anonymous FTP only.
\n#\u662f\u5426\u53ea\u8ba9\u533f\u540d\u767b\u5f55
\nAnonymousOnly\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 no<\/p>\n

# Disallow anonymous connections. Only allow authenticated users.
\n#\u4e0d\u5141\u8bb8\u533f\u540d\u8fde\u63a5\uff0c\u4ec5\u5141\u8bb8\u8ba4\u8bc1\u7528\u6237\u4f7f\u7528
\nNoAnonymous\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 no<\/p>\n

# Are anonymous users allowed to create new directories ?
\n#\u5141\u8bb8\u533f\u540d\u7528\u6237\u521b\u5efa\u65b0\u76ee\u5f55
\nAnonymousCanCreateDirs\u00a0\u00a0\u00a0\u00a0\u00a0 no<\/p>\n

# If the system is more loaded than the following value,
\n# anonymous users aren\u2019t allowed to download.
\n#\u5982\u679c\u7cfb\u7edf\u88abloaded\u8d85\u8fc7\u4e0b\u9762\u7684\u503c\uff0c\u533f\u540d\u7528\u6237\u4f1a\u88ab\u7981\u6b62\u4e0b\u8f7d
\nMaxLoad\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 4<\/p>\n

# Upload\/download ratio for anonymous users.
\n#\u533f\u540d\u7528\u6237\u7684\u4e0a\u4f20\/\u4e0b\u8f7d\u7684\u6bd4\u7387
\n# AnonymousRatio\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 1 10<\/p>\n

# Maximum bandwidth for anonymous users in KB\/s
\n#\u533f\u540d\u7528\u6237\u7684\u6700\u5927\u5e26\u5bbd\uff08KB\/s\uff09
\n# AnonymousBandwidth\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 8<\/p>\n

# Disallow anonymous users to upload new files (no = upload is allowed)
\n#\u4e0d\u63a5\u53d7\u533f\u540d\u7528\u6237\u4e0a\u4f20\u65b0\u6587\u4ef6(no=\u5141\u8bb8\u4e0a\u4f20)
\nAnonymousCantUpload\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 no<\/span><\/p>\n

# This option is useful with servers where anonymous upload is
\n# allowed. As \/var\/ftp is in \/var, it save some space and protect
\n# the log files. When the partition is more that X percent full,
\n# new uploads are disallowed.
\n#\u6700\u5927\u78c1\u76d8\u5229\u7528\u7387
\nMaxDiskUsage\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 99<\/p>\n

# Disallow downloading of files owned by \u201cftp\u201d, ie.
\n# files that were uploaded but not validated by a local admin.
\n# \u662f\u5426\u5141\u8bb8\u4e0b\u8f7d\u533f\u540d\u7528\u6237\u4e0a\u4f20\u7684\u6587\u4ef6\uff1fNO \u4e3a\u5141\u8bb8\u4e0b\u8f7d\u3002\u5426\u5219\u4f1a\u51fa\u73b0\u8fd9\u4e2a
\n#\u6587\u4ef6\u6ca1\u6709\u88ab\u7ba1\u7406\u5458\u6838\u51c6\u4e0b\u8f7d\u7684\u63d0\u793a\u3002
\nAntiWarez yes<\/p>\n

\u53c2\u8003\u8d44\u6599\uff1a<\/strong>
\nhttp:\/\/www.crazylemon.net\/ftp\/96.html<\/span><\/a>
\nhttp:\/\/tech.ddvip.com\/2008-10\/122310831173588.html<\/span><\/a><\/p>\n

\u8f6c\u8f7d\u8bf7\u6ce8\u660e\uff1aIPCPU-\u7f51\u7edc\u4e4b\u8def<\/a> » Linux\u5b66\u4e60\u7b14\u8bb0\u4e4bpureftp\uff08\u4e8c\uff09\u533f\u540d\u7528\u6237<\/a><\/p>","protected":false},"excerpt":{"rendered":"

\u5173\u952e\u5b57\uff1apureftp pureftpd \u6280\u672f\u6587\u6863 Linux \u670d\u52a1\u5668 \u67b6\u8bbe \u5b66\u4e60\u7b14\u8bb0 proftp proftpd vsftp FTP Serv-U Xlight \u88ab\u52a8\u6a21\u5f0f iptables \u7aef\u53e3 \u8303\u56f4 pureftp\u9ed8\u8ba4\u652f\u6301\u533f\u540d\u7528\u6237\u7684\uff0c\u4f46\u662f\u9ed8\u8ba4\u7684\u533f\u540d\u7528\u6237\u8981\u767b\u5f55\u5fc5\u987b\u6ee1\u8db3\u4e00\u4e0b\u4e24\u4e2a\u6761\u4ef6\uff1a 1.\u786e\u4fdd\u6709ftp\u7528\u6237 grep ftp \/etc\/passwd 2.\u786e\u4fdd\u6709ftp\u7528\u6237\u4e3b\u76ee\u5f55 usermod -d \/data ftp \u9ed8\u8ba4\u652f\u6301\u533f\u540d\u7528\u6237\u4e0a\u4f20\uff0c\u533f\u540d\u7528\u6237\u4e0a\u4f20\u662f\u6839\u636e\u7528\u6237\u4e3b\u76ee\u5f55\u6743\u9650\u6765\u63a7\u5236\u7684 chown ftp:ftp \/data\/upload \u533f\u540d\u7528\u6237\u53ef\u8c03\u53c2\u6570\uff1a # Don\u2019t allow authenticated users \u2013 have a public anonymous FTP only. #\u662f\u5426\u53ea\u8ba9\u533f\u540d\u767b\u5f55 AnonymousOnly\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 no # Disallow anonymous connections. Only allow authenticated users. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3,13],"tags":[],"_links":{"self":[{"href":"https:\/\/c.ipcpu.com\/wp-json\/wp\/v2\/posts\/191"}],"collection":[{"href":"https:\/\/c.ipcpu.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/c.ipcpu.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/c.ipcpu.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/c.ipcpu.com\/wp-json\/wp\/v2\/comments?post=191"}],"version-history":[{"count":0,"href":"https:\/\/c.ipcpu.com\/wp-json\/wp\/v2\/posts\/191\/revisions"}],"wp:attachment":[{"href":"https:\/\/c.ipcpu.com\/wp-json\/wp\/v2\/media?parent=191"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/c.ipcpu.com\/wp-json\/wp\/v2\/categories?post=191"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/c.ipcpu.com\/wp-json\/wp\/v2\/tags?post=191"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}