1.环境
系统为centos6.8的物理服务器
一键安装包lnmp1.4.tar.gz中的pureftpd安装脚本
安装参考文档:
https://blog.51cto.com/865516915/2064503
http://www.ttlsa.com/system/install-pureftpd/
http://www.zxdown.com/hanhua/1662.html
http://www.zxdown.com/hanhua/1662.html
2.配置和使用
cp /usr/local/pureftpd/etc/pure-ftpd.conf /usr/local/pureftpd/etc/pure-ftpd.conf.bak
egrep -v "^#|^$" /usr/local/pureftpd/etc/pure-ftpd.conf.bak >/usr/local/pureftpd/etc/pure-ftpd.conf[root@git-server pureftpd]# cd /usr/local/pureftpd/
[root@git-server pureftpd]# cd etc/
[root@git-server etc]# ls
pure-ftpd.conf pure-ftpd.conf.bak pureftpd.passwd pureftpd.pdb
[root@git-server etc]# /etc/init.d/pureftpd restart
Restarting Pure-FTPd...
Stopping Pure-FTPd... done
Starting Pure-FTPd... done
[root@git-server etc]# netstat -lntup|grep pure-ftpd
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 25749/pure-ftpdBind 0.0.0.0,1038
3.修改ftp的端口为1038
添加参数Bind 1038
[root@localhost etc]# cat pure-ftpd.conf
chrootEveryone yes
BrokenClientsCompatibility no
MaxClientsNumber 20
Daemonize yes
MaxClientsPerIP 5
VerboseLog no
DisplayDotFiles yes
AnonymousOnly no
NoAnonymous yes
SyslogFacility ftp
DontResolve yes
MaxIdleTime 15
PureDB /usr/local/pureftpd/etc/pureftpd.pdb
LimitRecursion 10000 8
AnonymousCanCreateDirs no
MaxLoad 4
###端口范围默认是20000到30000之间,安全起见可以给定的小一点
PassivePortRange 1030 1050
##云主机默认的网卡为内网卡,所以此处必须绑定VPS的外网ip
#ForcePassiveIP 58.26.110.7
AntiWarez yes
Bind ,1038
Umask 133:022
MinUID 100
AllowUserFXP no
AllowAnonymousFXP no
ProhibitDotFilesWrite no
ProhibitDotFilesRead no
AutoRename no
AnonymousCantUpload yes
PIDFile /var/run/pure-ftpd.pid
MaxDiskUsage 99
##默认允许上传才8KB
UserBandwidth 200
4.iptables放行ftp1038端口
[root@localhost etc]# cat /etc/sysconfig/iptables
#Generated by iptables-save v1.4.21 on Mon Mar 16 17:13:43 2020
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [7:3549]
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1030:1050 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m multiport --dports 80,8080,443,102230,1038 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 5/sec --limit-burst 10 -j ACCEPT
-A INPUT -j DROP
COMMIT
#Completed on Mon Mar 16 17:13:43 20204.添加ftp虚拟用户,前提是系统用户www,必须是存在的
[root@git-server test03]# pure-pw useradd jiantest01 -u www -d /data/www/test01
Password: zykj@test01
Enter it again: zykj@test01
chown -R www.www /data/www/test01[root@git-server test03]# pure-pw useradd jiantest02 -u www -d /data/www/test02
Password: zykj@test02
Enter it again: zykj@test02
chown -R www.www /data/www/test02[root@git-server test03]#
[root@git-server test03]# pure-pw useradd jiantest03 -u www -d /data/www/test03
Password: zykj@test03
Enter it again: zykj@test03
chown -R www.www /data/www/test03注意:
新添加完用户以及改完密码,以及授权管理目录时,必须修得要执行以下命令才可以生效[root@git-server etc]# /usr/local/pureftpd/bin/pure-pw mkdb
查看用户列表:
[root@git-server etc]# /usr/local/pureftpd/bin/pure-pw list
jiantest01 /data/www/test01/./
jiantest02 /data/www/test02/./
jiantest03 /data/www/test03/./ 查看密码文件:
[root@git-server etc]# cat /usr/local/pureftpd/etc/pureftpd.passwd
jiantest01:$6$5mDEpGv5S695qpk0$vVd9hoGBRTia3s3j1zughrG59Sq31k7c1lYdWaE27teqr6IT.ylZiHE61OeqB8R94yHPQDiYW8aKUCwB5NN1K0:501:501::/data/www/test01/./::::::::::::
jiantest02:$6$b2lVvgMFQI7Mps00$KQFYuoZKt3yR9zmDByR3vMN6G8A9Vac6ovdXr.ps903J/YfdAknaN1TfkqUmIfA6vuoOh4dICx/JfbvawOhgp1:501:501::/data/www/test02/./::::::::::::
jiantest03:$6$VbYXJjUEMGJMwcw0$Yn3HKwRtW6qAt4Saki/xFfiarC3kixYoFGZnTjXizNPOW59uscUergqf.u0Gvy0/jLcylZWAAwphrKj/FLgma0:501:501::/data/www/test03/./::::::::::::
[root@git-server etc]# 如果添加完用户以后想要删除可以使用/usr/local/pureftpd/bin/pure-pw userdel jiantest01这条指令
[root@git-server etc]# /usr/local/pureftpd/bin/pure-pw userdel jiantest01
[root@git-server etc]# /usr/local/pureftpd/bin/pure-pw list
jiantest02 /data/www/test01/./
jiantest03 /data/www/test03/./ 想要修改密码可以使用/usr/local/pureftpd/bin/pure-pw passwd jiantest02这条指令
[root@git-server etc]# /usr/local/pureftpd/bin/pure-pw passwd jiantest02
Password: zykj123456
Enter it again: zykj123456修改完密码记得要执行以下命令才可以生效
[root@git-server etc]# /usr/local/pureftpd/bin/pure-pw mkdb来源:oschina
链接:https://my.oschina.net/u/4338930/blog/4405886