manjaro install ftp server

安装过程

install vsftpd

FTP and FTPS require that an FTP server be installed. The FTP server of choice is vsftpd (Very Secure FTP Daemon). This is available direct from Arch’s official repositories, so you can just pacman -sync it (no building required) through the command line of your SSH terminal:

sudo pacman -S vsftpd

Configure vsftpd as a Plain FTP server

An example vsftpd configuration file called vsftpd.conf can now be found in Arch’s /etc directory (why?). Open it using vim:

sudo vim /etc/vsftpd.conf

Edit the following lines as below, uncommenting them by removing any preceding hashes # as required:

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022

anonymous_enable=NO: don’t allow anyone to access FTP on your VPS.

local_enable=YES: allow local users to use FTP. (A local user is one whose username, password, etc. reside on your VPS.)

write_enable=YES: allow users to write (upload, update, etc.) files.

local_umask

When a file or directory is created under Linux, it is created with a default set of permissions that allow an end user to read, write and/or execute the file.

local_umask=077 is the default setting in vsftpd. No other end user can read or write your data if umask remains set to 077. In other words, if you upload a webpage file under umask 077, no-one will be able to see that webpage.

local_umask=022 allows only you to write data, but anyone can read it.

Save (CTRL+o then ENTER), quit (CTRL+x) Nano back to the command line and start the FTP server:

sudo systemctl restart vsftpd

Create a unique FTP user

vsftpd recommends that you define on your system a unique user which the ftp server can use as a totally isolated and unprivileged user.

So, create a user just for FTPing, who can’t do anything else such as login via SSH to your VPS. In this way, should the user be compromised, your VPS is not left wide open. This user should have his or her own unique password.

useradd -g ftp -d /srv/http -s /sbin/nologin userftp

In the above command, the user is named userftp.

-s puts userftp into the no-login shell list.

-d is the home directory where the user logging in as userftp will automatically start the FTP session in. In this case, the /srv/http directory. If this directory seems familiar to you, it’s because it’s the default directory where Apache serves up webpages from.

The -g option adds userftp to the ftp group of users.

Set the password for userftp using:

passwd userftp

Using Nano, enable the nopriv_user option in vsftpd.conf:

nopriv_user=userftp

Save, quit Nano, then restart vsftpd.

我遇到的问题

vsftpd 530 Login incorrect

解决方案:
1、查看/etc/ftpusers ,确保账号没有在这个文件内。
2、修改/etc/pam.d/vsftpd
将auth required pam_shells.so修改为->auth required pam_nologin.so 即可
3、重启vsftpd

500 OOPS: cannot change directory:/srv/http

ftp 127.0.0.1
Connected to 127.0.0.1.
220 (vsFTPd 3.0.3)
Name (127.0.0.1:george): userftp
331 Please specify the password.
Password: 
500 OOPS: cannot change directory:/srv/http
ftp: Login failed.
421 Service not available, remote server has closed connection

解决方案:
1、chmod 777 /srv/http/
2、chown -R root.root /var/http

参考

How to set up SFTP on your Arch Linux VPS
ubuntu vsftpd 530 Login incorrect 根本原因和解决方案

你可能感兴趣的:(运维之美)