更改vsftpd匿名登录目录
openSUSE    2016-07-29 23:12:01    321    0    0
tianwaifeixian   openSUSE

源里面有 直接安装就行

搞好之后一直都没改动过这个登录的目录

默认登录的是root目录下面 /srv/ftp 有点不方便也不喜欢匿名登录到root目录 

网上搜了一下 看到了个方法 原文在linuxquestions.org

下面是我改好的

xxx@suse:~> cd /etc
xxx@suse:/etc> ls -l vsftpd.conf
-rw------- 1 root root 7481 7月 29 23:03 vsftpd.conf
xxx@suse:/etc> sudo cat -n vsftpd.conf
xxx's password:
1 # Example config file /etc/vsftpd.conf
2 #
3 # The default compiled in settings are fairly paranoid. This sample file
4 # loosens things up a bit, to make the ftp daemon more usable.
5 # Please see vsftpd.conf.5 for all compiled in defaults.
6 #
7 # If you do not change anything here you will have a minimum setup for an
8 # anonymus FTP server.
9 #
10 # READ THIS: This example file is NOT an exhaustive list of vsftpd options.
11 # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
12 # capabilities.
13 #
14 # ################
15 # General Settings
16 # ################
17 #
18 # Uncomment this to enable any form of FTP write command.
19 write_enable=NO
20 #
21 # Activate directory messages - messages given to remote users when they
22 # go into a certain directory.
23 dirmessage_enable=YES
24 #
25 # It is recommended that you define on your system a unique user which the
26 # ftp server can use as a totally isolated and unprivileged user.
27 nopriv_user=ftpsecure
28 #
29 # You may fully customise the login banner string:
30 #ftpd_banner=Welcome to blah FTP service.
31 #
32 # You may activate the "-R" option to the builtin ls. This is disabled by
33 # default to avoid remote users being able to cause excessive I/O on large
34 # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
35 # the presence of the "-R" option, so there is a strong case for enabling it.
36 #ls_recurse_enable=YES
37 #
38 # You may specify a file of disallowed anonymous e-mail addresses. Apparently
39 # useful for combatting certain DoS attacks.
40 #deny_email_enable=YES
41 # (default follows)
42 #banned_email_file=/etc/vsftpd.banned_emails
43 #
44 # If enabled, all user and group information in
45 # directory listings will be displayed as "ftp".
46 #hide_ids=YES
47 #
48 # #######################
49 # Local FTP user Settings
50 # #######################
51 #
52 # Uncomment this to allow local users to log in.
53 local_enable=YES
54 #
55 # Default umask for local users is 077. You may wish to change this to 022,
56 # if your users expect that (022 is used by most other ftpd's)
57 #local_umask=022
58 #
59 # You may specify an explicit list of local users to chroot() to their home
60 # directory. If chroot_local_user is YES, then this list becomes a list of
61 # users to NOT chroot().
62 #chroot_local_user=YES
63 chroot_list_enable=YES
64 # (default follows)
65 chroot_list_file=/etc/vsftpd.chroot_list
66 #
67 # Performs chroot with original (non-root) credentials. This is usefull on nfs with squash_root,
68 # where root becomes nobody and would need -x access.
69 #allow_root_squashed_chroot=YES
70 #
71 # The maximum data transfer rate permitted, in bytes per second, for
72 # local authenticated users. The default is 0 (unlimited).
73 #local_max_rate=7200
74 #
75 # ##########################
76 # Anonymus FTP user Settings
77 # ##########################
78 #
79 # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
80 anonymous_enable=YES
81 #
82 # The maximum data transfer rate permitted, in bytes per second, for anonymous
83 # authenticated users. The default is 0 (unlimited).
84 #anon_max_rate=7200
85 #
86 # Anonymous users will only be allowed to download files which are
87 # world readable.
88 anon_world_readable_only=YES
89 #
90 # Uncomment this to allow the anonymous FTP user to upload files. This only
91 # has an effect if the above global write enable is activated. Also, you will
92 # obviously need to create a directory writable by the FTP user.
93 #anon_upload_enable=YES
94 #
95 # Uncomment this if you want the anonymous FTP user to be able to create
96 # new directories.
97 #anon_mkdir_write_enable=YES
98 #
99 # Uncomment this to enable anonymus FTP users to perform other write operations
100 # like deletion and renaming.
101 #anon_other_write_enable=YES
102 #
103 # If you want, you can arrange for uploaded anonymous files to be owned by
104 # a different user. Note! Using "root" for uploaded files is not
105 # recommended!
106 #chown_uploads=YES
107 #chown_username=whoever
108 #
109 # ############
110 # Log Settings
111 # ############
112 #
113 # Log to the syslog daemon instead of using an logfile.
114 syslog_enable=YES
115 #
116 # Uncomment this to log all FTP requests and responses.
117 #log_ftp_protocol=YES
118 #
119 # Activate logging of uploads/downloads.
120 #xferlog_enable=YES
121 #
122 # You may override where the log file goes if you like. The default is shown
123 # below.
124 #
125 #vsftpd_log_file=/var/log/vsftpd.log
126 #
127 # If you want, you can have your log file in standard ftpd xferlog format.
128 # Note that the default log file location is /var/log/xferlog in this case.
129 #xferlog_std_format=YES
130 #
131 # You may override where the log file goes if you like. The default is shown
132 # below.
133 #xferlog_file=/var/log/vsftpd.log
134 #
135 # Enable this to have booth logfiles. Standard xferlog and vsftpd's own style log.
136 #dual_log_enable=YES
137 #
138 # Uncomment this to enable session status information in the system process listing.
139 #setproctitle_enable=YES
140 #
141 # #################
142 # Transfer Settings
143 # #################
144 #
145 # Make sure PORT transfer connections originate from port 20 (ftp-data).
146 connect_from_port_20=YES
147 #
148 # You may change the default value for timing out an idle session.
149 #idle_session_timeout=600
150 #
151 # You may change the default value for timing out a data connection.
152 #data_connection_timeout=120
153 #
154 # Enable this and the server will recognise asynchronous ABOR requests. Not
155 # recommended for security (the code is non-trivial). Not enabling it,
156 # however, may confuse older FTP clients.
157 #async_abor_enable=YES
158 #
159 # By default the server will pretend to allow ASCII mode but in fact ignore
160 # the request. Turn on the below options to have the server actually do ASCII
161 # mangling on files when in ASCII mode.
162 # Beware that on some FTP servers, ASCII support allows a denial of service
163 # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
164 # predicted this attack and has always been safe, reporting the size of the
165 # raw file.
166 # ASCII mangling is a horrible feature of the protocol.
167 ascii_upload_enable=YES
168 #ascii_download_enable=YES
169 #
170 # Set to NO if you want to disallow the PASV method of obtaining a data
171 # connection.
172 #pasv_enable=NO
173 #
174 # PAM setting. Do NOT change this unless you know what you do!
175 pam_service_name=vsftpd
176 #
177 # When "listen" directive is enabled, vsftpd runs in standalone mode and
178 # listens on IPv4 sockets. This directive cannot be used in conjunction
179 # with the listen_ipv6 directive.
180 listen=YES
181 #
182 # Set to ssl_enable=YES if you want to enable SSL
183 ssl_enable=NO
184 #
185 # Limit passive ports to this range to assis firewalling
186 pasv_min_port=30000
187 pasv_max_port=30100
188 anon_mkdir_write_enable=NO
189 #anon_root=/srv/ftp    这个是原来系统默认的
190 anon_root=/home/xxx    这个是改好的
191 anon_umask=022
192 anon_upload_enable=NO
193 chroot_local_user=YES
194 ftpd_banner=openSUSE_xxx
195 idle_session_timeout=900
196 local_umask=022
197 log_ftp_protocol=YES
198 max_clients=10
199 max_per_ip=30
200 pasv_enable=YES
201 ssl_sslv2=NO
202 ssl_sslv3=NO
203 ssl_tlsv1=YES
204 xferlog_enable=YES
205
206 ### security features that are incompatible with some other settings. ###
207
208 # isolate_network ensures the vsftpd subprocess is started in own network
209 # namespace (see CLONE_NEWNET in clone(2)). It however disables the
210 # authentication methods needs the network access (LDAP, NIS, ...).
211 #isolate_network=NO
212
213 # seccomp_sanbox add an aditional security layer limiting the number of a
214 # syscalls can be performed via vsftpd. However it might happen that a
215 # whitelist don't allow a legitimate call (usually indirectly triggered by
216 # third-party library like pam, or openssl) and the process is being killed by kernel.
217 #
218 # Therefor if your server dies on common situations (file download, upload),
219 # uncomment following line and don't forget to open bug at
220 # https://bugzilla.novell.com
221 #seccomp_sandbox=NO
xxx@suse:/etc>











上一篇:

下一篇: BlackBerry Project

321 人读过
立即登录, 发表评论.
没有帐号? 立即注册
0 条评论
文档导航