当前位置: 首页 > article >正文

LINUX 66 FTP 2 ;FTP被动模式;FTP客户服务系统

article 2025/8/21 13:54:12

19. 在vim中将所有 abc 替换为 def,在底行模式下执行©?D

A、s/abc/def
B、s/abc/def/g
C、%s/abc/def
D、%s/abc/def/g
在这里插入图片描述

FTP连接

在这里插入图片描述
在这里插入图片描述
用户名应该填什么

[root@code ~]# grep -v ^# /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
local_root=/date/kefu
chroot_local_user=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YESpam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@code ~]# man 5 /etc/vsftpd/vsftpd.conf

怎么理解匿名访问FTP anonymous_enable=YES在这里插入图片描述

怎么理解匿名访问FTP anonymous_enable=NO

如果不支持匿名访问,用户名和密码是什么
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

  chroot_local_userIf set to YES, local users will be (by default) placed in a chroot() jail in their home directory after login.  Warning:This option has security implications, especially if the users have upload permission, or shell access. Only  enable  ifyou  know what you are doing.  Note that these security implications are not vsftpd specific. They apply to all FTP dae‐mons which offer to put local users in chroot() jails.

chroot_local_user
若设置为YES,本地用户在登录后将被默认禁锢在其主目录的chroot()环境中。

  connect_from_port_20This controls whether PORT style data connections use port 20 (ftp-data) on the server machine.  For  security  reasons,some  clients  may  insist  that this is the case. Conversely, disabling this option enables vsftpd to run with slightlyless privilege.

connect_from_port_20 该选项控制PORT模式数据连接是否使用服务器机器的端口20(ftp-data)。
主动模式

listen If  enabled,  vsftpd  will  run  in  standalone mode. This means that vsftpd must not be run from an inetd of some kind.Instead, the vsftpd executable is run once directly. vsftpd itself will then take care of  listening  for  and  handlingincoming connections.

如果启用,vsftpd将以独立模式运行。这意味着vsftpd不应从任何类型的inetd启动运行。
相反,vsftpd可执行文件将直接运行一次。之后vsftpd会自行负责监听和处理传入的连接。

怎么理解 vsftpd将以独立模式运行。这意味着vsftpd不应从任何类型的inetd启动运行。在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

local_rootThis  option represents a directory which vsftpd will try to change into after a local (i.e. non-anonymous) login. Fail‐ure is silently ignored.Default: (none)

local_root
该选项表示 vsftpd 在本地(即非匿名)登录后尝试切换进入的目录。若切换失败将静默忽略。
默认值:(无)

userlist_enableIf  enabled,  vsftpd will load a list of usernames, from the filename given by userlist_file.  If a user tries to log inusing a name in this file, they will be denied before they are asked for a password. This may be  useful  in  preventingcleartext passwords being transmitted. See also userlist_deny.Default: NO

如果启用,vsftpd将从userlist_file指定的文件名加载用户名列表。如果用户尝试使用该文件中的用户名登录,系统会在要求输入密码前拒绝其访问。这有助于防止明文密码传输。另请参阅userlist_deny。
黑名单

[root@code vsftpd]# cd /date/kefu
[root@code kefu]# ls
[root@code kefu]# mkdir 1.txt
[root@code kefu]#

在这里插入图片描述

为什么kefu能登录FTP,code不可以

[root@code ~]# grep -v ^# /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
local_root=/date/kefu
chroot_local_user=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YESpam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@code ~]# man 5 /etc/vsftpd/vsftpd.conf

推测没有code 用户
使用tom可以登录

使用浏览器为什么无法登录ftp

在这里插入图片描述

ftp被动模式下,客户端比服务器端有利,如何理解

在这里插入图片描述
服务器更好调整
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

FTP任务解决方案:客户服务系统

kefu 123 登录系统
不允许匿名访问
文档保存在/data/kefu
kefu 只能在/data/kefu中活动
在这里插入图片描述
在这里插入图片描述

21. 当需要将很多个文件压缩成一个文件时,可以选择以下哪些压缩工具(ACB)?

A、gzip
B、zip
C、tar
D、unzip
在这里插入图片描述

源码

root@192.168.235.20's password:┌────────────────────────────────────────────────────────────────────┐│                        • MobaXterm 20.0 •                          ││            (SSH client, X-server and networking tools)             ││                                                                    ││ ➤ SSH session to root@192.168.235.20                               ││   • SSH compression : ✘                                            ││   • SSH-browser     : ✔                                            ││   • X11-forwarding  : ✔  (remote display is forwarded through SSH) ││   • DISPLAY         : ✔  (automatically set on remote server)      ││                                                                    ││ ➤ For more info, ctrl+click on help or visit our website           │└────────────────────────────────────────────────────────────────────┘Last login: Thu Jun  5 19:31:29 2025 from 192.168.235.1
[root@code ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500inet 192.168.235.20  netmask 255.255.255.0  broadcast 192.168.235.255inet6 fe80::20c:29ff:fe97:845e  prefixlen 64  scopeid 0x20<link>ether 00:0c:29:97:84:5e  txqueuelen 1000  (Ethernet)RX packets 1100712  bytes 444103092 (423.5 MiB)RX errors 0  dropped 0  overruns 0  frame 0TX packets 964272  bytes 498686849 (475.5 MiB)TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0您在 /var/spool/mail/root 中有新邮件
[root@code ~]# systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemonLoaded: loaded (/usr/lib/systemd/system/vsftpd.service; enabled; vendor preset: disabled)Active: active (running) since 三 2025-06-04 20:54:02 CST; 1 day 23h agoProcess: 51486 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)Main PID: 51488 (vsftpd)Tasks: 1CGroup: /system.slice/vsftpd.service└─51488 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf6月 04 20:54:02 code systemd[1]: Stopped Vsftpd ftp daemon.
6月 04 20:54:02 code systemd[1]: Starting Vsftpd ftp daemon...
6月 04 20:54:02 code systemd[1]: Started Vsftpd ftp daemon.
您在 /var/spool/mail/root 中有邮件
[root@code ~]# grep ^# /etc/vsftpd/vsftpd.conf
# Example config file /etc/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
#
# Uncomment this to allow local users to log in.
# When SELinux is enforcing check for SE bool ftp_home_dir
# Uncomment this to enable any form of FTP write command.
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
# When SELinux is enforcing check for SE bool allow_ftpd_anon_write, allow_ftpd_full_access
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
#
# Activate logging of uploads/downloads.
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/xferlog
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains
# the behaviour when these options are disabled.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
#chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
#
# This directive enables listening on IPv6 sockets. By default, listening
# on the IPv6 "any" address (::) will accept connections from both IPv6
# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6
# sockets. If you want that (perhaps because you want to listen on specific
# addresses) then you must run two copies of vsftpd with two configuration
# files.
# Make sure, that one of the listen options is commented !!
您在 /var/spool/mail/root 中有邮件
[root@code ~]# grep -v ^# /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
local_root=/date/kefu
chroot_local_user=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YESpam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@code ~]# man 5 /etc/vsftpd/vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code ~]# cd /etc/vsftpd
[root@code vsftpd]# man 5 vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# man 5 /etc/vsftpd/vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# man 5 vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# ls /kefu
ls: 无法访问/kefu: 没有那个文件或目录
[root@code vsftpd]# cd /kefu
-bash: cd: /kefu: 没有那个文件或目录
[root@code vsftpd]# cd /date/kefu
[root@code kefu]# ls
[root@code kefu]# mkdir 1.txt
[root@code kefu]# cd -
/etc/vsftpd
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# ls
ftpusers  user_list  vsftpd.conf  vsftpd_conf_migrate.sh
[root@code vsftpd]# cd ~
[root@code ~]# ls
2-1.java  alll1            app       axel-2.4.tar.gz  cc.conf  initial-setup-ks.cfg       ok   readme7
2.java    anaconda-ks.cfg  axel-2.4  bb.conf          code     inotify-tools-3.13.tar.gz  okl  readme.txt
[root@code ~]# tail -5 /etc/passwd
netasha:x:1018:1018::/home/netasha:/bin/bash
sarsh:x:1019:1228::/home/sarsh:/bin/bash
OOO:x:1020:1020::/home/OOO:/bin/bash
jerry:x:1021:1229::/home/jerry:/bin/bash
kefu:x:1022:1022::/home/kefu:/bin/bash
您在 /var/spool/mail/root 中有邮件
[root@code ~]# tail -10 /etc/passwd
boss01:x:1013:1004::/home/boss01:/bin/bash
cw02:x:1014:1224::/home/cw02:/bin/bash
sc02:x:1015:1226::/home/sc02:/bin/bash
rs02:x:1016:1225::/home/rs02:/bin/bash
harry:x:1017:1017::/home/mahei/redhat/harry:/bin/bash
netasha:x:1018:1018::/home/netasha:/bin/bash
sarsh:x:1019:1228::/home/sarsh:/bin/bash
OOO:x:1020:1020::/home/OOO:/bin/bash
jerry:x:1021:1229::/home/jerry:/bin/bash
kefu:x:1022:1022::/home/kefu:/bin/bash
[root@code ~]# tail -15 /etc/passwd
tom:x:1008:1008::/home/tom:/bin/bash
jack:x:1009:1009::/home/jack:/bin/bash
cw01:x:1010:1224::/home/cw01:/bin/bash
sc01:x:1011:1226::/home/sc01:/bin/bash
rs01:x:1012:1225::/home/rs01:/bin/bash
boss01:x:1013:1004::/home/boss01:/bin/bash
cw02:x:1014:1224::/home/cw02:/bin/bash
sc02:x:1015:1226::/home/sc02:/bin/bash
rs02:x:1016:1225::/home/rs02:/bin/bash
harry:x:1017:1017::/home/mahei/redhat/harry:/bin/bash
netasha:x:1018:1018::/home/netasha:/bin/bash
sarsh:x:1019:1228::/home/sarsh:/bin/bash
OOO:x:1020:1020::/home/OOO:/bin/bash
jerry:x:1021:1229::/home/jerry:/bin/bash
kefu:x:1022:1022::/home/kefu:/bin/bash
[root@code ~]#
http://www.lryc.cn/news/2402809.html

相关文章:

  • 网心云 OEC/OECT 笔记(2) 运行RKNN程序
  • vue-21 (使用 Vuex 模块和异步操作构建复杂应用)
  • #开发环境篇:postMan可以正常调通,但是浏览器里面一直报403
  • 将word文件转为kindle可识别的azw3文件的方法
  • 动态规划之01背包
  • Lua和JS的继承原理
  • 灵活控制,modbus tcp转ethernetip的 多功能水处理方案
  • boost::qvm 使用示例
  • go语言学习 第6章:错误处理
  • VMware 安装 CentOS8详细教程 (附步骤截图)附连接公网、虚拟机yum源等系统配置
  • Editing Language Model-based Knowledge Graph Embeddings
  • 深入了解linux系统—— 进程池
  • JavaScript 原型与原型链:深入理解 __proto__ 和 prototype 的由来与关系
  • 逻辑回归与Softmax
  • vscode .husky/pre-commit: line 4: npx: command not found
  • 光电耦合器:数字时代的隐形守护者
  • FPGA没有使用的IO悬空对漏电流有没有影响
  • 11. vue pinia 和react redux、jotai对比
  • 手机如何防止ip关联?3种低成本方案
  • Pandas和Django的示例Demo
  • 护网行动面试试题(1)
  • 【p2p、分布式,区块链笔记 MESH】Bluetooth蓝牙通信拓扑与操作 BR/EDR(经典蓝牙)和 BLE
  • 航道无人机巡检系统
  • 【JVM】Java虚拟机(一)——内存结构
  • 从微积分到集合论(1630-1910)(历史简介)——第4章——现代积分理论的起源(Thomas Hawkins)
  • 《Linux运维总结:宝德服务器RAID开启(方式一)》
  • NY118NY120美光固态闪存NY124NY129
  • Odoo 19 路线图(新功能)
  • 基于NXP例程学习CAN UDS刷写流程
  • RNN循环网络:给AI装上“记忆“(superior哥AI系列第5期)