ftp服務器大家都不陌生,下面我就給大家演示下怎麼在樹莓派上安裝ftp服務器vsftpd。
工具/原料
樹莓派2
方法/步驟
在終端下輸入
sudo apt-get install vsftpd
然後再編輯一下配置文件,這樣就可以設置訪問限制了。
sudo vi /etc/vsftpd.conf
推薦以下配置
# 不允許匿名訪問
anonymous_enable=NO
# 設定可以進行寫操作
write_enable=YES
# 設定本地用戶可以訪問
local_enable=YES
ascii_upload_enable=YES
ascii_download_enable=YES
sudo service vsftpd restart
重啟服務
這樣就可以用ftp工具,上傳下載文件了。
附上我自己翻譯的配置文件說明
# Example config file /etc/vsftpd.conf#示例配置文件 /etc/vsftpd.conf# The default compiled in settings are fairly paranoid. This sample file# loosens things up a bit, to make the ftp daemon more usable.# Please see vsftpd.conf.5 for all compiled in defaults.#默認編譯的設置相當的繁瑣。這個示例文件稍微放鬆了些,好讓ftp服務更好用。請看vsftpd.conf.5的所有默認選項# READ THIS: This example file is NOT an exhaustive list of vsftpd options.# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's# capabilities.#必讀:這個示例文件並不是關於vsftpd選項的詳盡的展示。請看vsftpd.conf.5的用戶手冊來獲得vsftpd的所有功能。## Run standalone? vsftpd can run either from an inetd or as a standalone# daemon started from an initscript.listen=YES#獨立運行?vsftpd可以執行從inetd執行或者從啟動腳本開始作為一個單獨的服務。# Run standalone with IPv6?# Like the listen parameter, except vsftpd will listen on an IPv6 socket# instead of an IPv4 one. This parameter and the listen parameter are mutually# exclusive.#listen_ipv6=YES#用ipv6獨立運行?#就像監聽參數一樣,除了vsftpd將會監聽ipv6的socket而不是ipv4的。這個參數和監聽參數是相互獨立的。# Allow anonymous FTP? (Beware - allowed by default if you comment this out).anonymous_enable=YES#允許匿名FTP?注意-默認是開啟的# Uncomment this to allow local users to log in.#local_enable=YES#取消註釋這行將會允許用戶登錄# Uncomment this to enable any form of FTP write command.#write_enable=YES#取消註釋這行將會允許任何形式的ftp寫命令# Default umask for local users is 077. You may wish to change this to 022,# if your users expect that (022 is used by most other ftpd's)#local_umask=022#默認的本地用戶的掩碼是077。如果你的用戶期望022(其他ftp用022)的話,你可能希望改成022。# Uncomment this to allow the anonymous FTP user to upload files. This only# has an effect if the above global write enable is activated. Also, you will# obviously need to create a directory writable by the FTP user.#anon_upload_enable=YES#取消這條註釋將會允許匿名的ftp用戶上傳文件。這隻有在以上全局寫使能被激活時才生效。而且,你很顯然要創建一個#對於FTP用戶來說可寫的目錄。# Uncomment this if you want the anonymous FTP user to be able to create# new directories.#anon_mkdir_write_enable=YES#取消這條註釋如果你想讓匿名FTP用戶能夠創建新目錄的話# Activate directory messages - messages given to remote users when they# go into a certain directory.dirmessage_enable=YES#激活目錄消息-讓用戶在進入特定的目錄時收到消息# If enabled, vsftpd will display directory listings with the time# in your local time zone. The default is to display GMT. The# times returned by the MDTM FTP command are also affected by this# option.如果使能的話,vsftpd將會展示目錄列表用本地的時間區。默認是展示GMT。MDTM FTP命令也會被這條命令影響use_localtime=YES## Activate logging of uploads/downloads.xferlog_enable=YES#激活上傳下載的日誌# Make sure PORT transfer connections originate from port 20 (ftp-data).connect_from_port_20=YES#保證端口傳輸連接是來自於20號端口。# If you want, you can arrange for uploaded anonymous files to be owned by# a different user. Note! Using "root" for uploaded files is not# recommended!#chown_uploads=YES#chown_username=whoever#如果你有需要,你可以設置上傳的匿名文件被一個不同的用戶擁有。注意,用root作為文件的擁有者並不被推薦# You may override where the log file goes if you like. The default is shown# below.#xferlog_file=/var/log/vsftpd.log#如果你喜歡的話你可以改寫日誌文件的存放位置。默認的被設置在下面# If you want, you can have your log file in standard ftpd xferlog format.# Note that the default log file location is /var/log/xferlog in this case.#xferlog_std_format=YES#如果需要的話,你可以把你的日誌文件以標準的ftpd xferlog形式存放。注意著這種情況下默認的日誌文件位置是/var/log/xferlog# You may change the default value for timing out an idle session.#idle_session_timeout=600#你可以改變回話超時的默認值# You may change the default value for timing out a data connection.#data_connection_timeout=120#你可以改變數據連接的超時值# It is recommended that you define on your system a unique user which the# ftp server can use as a totally isolated and unprivileged user.#nopriv_user=ftpsecure#推薦你在你係統上定義一個特殊用戶,ftp服務器可以用來作為完全特殊孤立和無特權的用戶。# Enable this and the server will recognise asynchronous ABOR requests. Not# recommended for security (the code is non-trivial). Not enabling it,# however, may confuse older FTP clients.#async_abor_enable=YES#開啟這個服務器將會識別為異步ABOR請求,為安全考慮不推薦。不開啟的話有可能拒絕更老版本的FTP客戶端。# By default the server will pretend to allow ASCII mode but in fact ignore# the request. Turn on the below options to have the server actually do ASCII# mangling on files when in ASCII mode.# Beware that on some FTP servers, ASCII support allows a denial of service# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd# predicted this attack and has always been safe, reporting the size of the# raw file.# ASCII mangling is a horrible feature of the protocol.#ascii_upload_enable=YES#ascii_download_enable=YES#默認服務器將會允許ASCII模式但是實際上忽略請求。開啟以下選項實際上能夠讓服務器在ASCII模式下對文件做ASCII轉換#注意在一些ftp服務器上,ASCII支持允許在ASCII模式下通過命令 SIZE /big/file禁止服務攻擊。通過報告原始文件的大小vfstpd預測這次攻擊#讓服務變得安全# You may fully customise the login banner string:#ftpd_banner=Welcome to blah FTP service.#你可以完全自定製登錄時的歡迎標語。# You may specify a file of disallowed anonymous e-mail addresses. Apparently# useful for combatting certain DoS attacks.#deny_email_enable=YES# (default follows)#banned_email_file=/etc/vsftpd.banned_emails#你可以通過定製匿名的郵件地址的文件。很顯然對於有效的抵禦某些DoS攻擊很有效果。# You may restrict local users to their home directories. See the FAQ for# the possible risks in this before using chroot_local_user or# chroot_list_enable below.#chroot_local_user=YES#你可以限制本地用戶到他們的家目錄中。具體參見FAQ瞭解潛在的在用chroot_local_user或# chroot_list_enable之前。# You may specify an explicit list of local users to chroot() to their home# directory. If chroot_local_user is YES, then this list becomes a list of# users to NOT chroot().# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that# the user does not have write access to the top level directory within the# chroot)#chroot_local_user=YES#chroot_list_enable=YES# (default follows)#chroot_list_file=/etc/vsftpd.chroot_list#你可以制定一份明確的本地用戶來chroot到家目錄的列表。如果chroot_local_user是yes,那麼這份列表將會變成一份不允許chroot的列表#注意chrooting可能是非常危險的。如果使用chroot,注意保證用戶不能夠對頂層的目錄有寫權限。# You may activate the "-R" option to the builtin ls. This is disabled by# default to avoid remote users being able to cause excessive I/O on large# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume# the presence of the "-R" option, so there is a strong case for enabling it.#ls_recurse_enable=YES#你可以為ls命令激活-R選項。這是默認對遠端用戶禁止的來保證不對大站點造成額外的IO。然而許多破舊的FTP客戶端比如ncftp和mirror默認-R選項的存在,所以強烈建議使能這個選項# Customization## Some of vsftpd's settings don't fit the filesystem layout by# default.#默認有些的配置並不適合文件系統的佈局# This option should be the name of a directory which is empty. Also, the# directory should not be writable by the ftp user. This directory is used# as a secure chroot() jail at times vsftpd does not require filesystem# access.secure_chroot_dir=/var/run/vsftpd/empty#這個選項應該是空目錄的名字。而且,這一個目錄不應該被ftp用戶可寫。這個目錄在vftpd不需要文件系統存取時被用作安全的chroot區域# This string is the name of the PAM service vsftpd will use.pam_service_name=vsftpd#這個字符串是要用的PAM服務的名字# This option specifies the location of the RSA certificate to use for SSL# encrypted connections.rsa_cert_file=/etc/ssl/private/vsftpd.pem這個選項是用來規定用來進行SSL加密傳輸的RSA證書的地址。