当前位置: 首页 > web >正文

LINUX 66 FTP 2 ;FTP被动模式;FTP客户服务系统

web 2025/6/26 11:55:50

19. 在vim中将所有 abc 替换为 def,在底行模式下执行©?D

A、s/abc/def
B、s/abc/def/g
C、%s/abc/def
D、%s/abc/def/g
在这里插入图片描述

FTP连接

在这里插入图片描述
在这里插入图片描述
用户名应该填什么

[root@code ~]# grep -v ^# /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
local_root=/date/kefu
chroot_local_user=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YESpam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@code ~]# man 5 /etc/vsftpd/vsftpd.conf

怎么理解匿名访问FTP anonymous_enable=YES在这里插入图片描述

怎么理解匿名访问FTP anonymous_enable=NO

如果不支持匿名访问,用户名和密码是什么
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

  chroot_local_userIf set to YES, local users will be (by default) placed in a chroot() jail in their home directory after login.  Warning:This option has security implications, especially if the users have upload permission, or shell access. Only  enable  ifyou  know what you are doing.  Note that these security implications are not vsftpd specific. They apply to all FTP dae‐mons which offer to put local users in chroot() jails.

chroot_local_user
若设置为YES,本地用户在登录后将被默认禁锢在其主目录的chroot()环境中。

  connect_from_port_20This controls whether PORT style data connections use port 20 (ftp-data) on the server machine.  For  security  reasons,some  clients  may  insist  that this is the case. Conversely, disabling this option enables vsftpd to run with slightlyless privilege.

connect_from_port_20 该选项控制PORT模式数据连接是否使用服务器机器的端口20(ftp-data)。
主动模式

listen If  enabled,  vsftpd  will  run  in  standalone mode. This means that vsftpd must not be run from an inetd of some kind.Instead, the vsftpd executable is run once directly. vsftpd itself will then take care of  listening  for  and  handlingincoming connections.

如果启用,vsftpd将以独立模式运行。这意味着vsftpd不应从任何类型的inetd启动运行。
相反,vsftpd可执行文件将直接运行一次。之后vsftpd会自行负责监听和处理传入的连接。

怎么理解 vsftpd将以独立模式运行。这意味着vsftpd不应从任何类型的inetd启动运行。在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

local_rootThis  option represents a directory which vsftpd will try to change into after a local (i.e. non-anonymous) login. Fail‐ure is silently ignored.Default: (none)

local_root
该选项表示 vsftpd 在本地(即非匿名)登录后尝试切换进入的目录。若切换失败将静默忽略。
默认值:(无)

userlist_enableIf  enabled,  vsftpd will load a list of usernames, from the filename given by userlist_file.  If a user tries to log inusing a name in this file, they will be denied before they are asked for a password. This may be  useful  in  preventingcleartext passwords being transmitted. See also userlist_deny.Default: NO

如果启用,vsftpd将从userlist_file指定的文件名加载用户名列表。如果用户尝试使用该文件中的用户名登录,系统会在要求输入密码前拒绝其访问。这有助于防止明文密码传输。另请参阅userlist_deny。
黑名单

[root@code vsftpd]# cd /date/kefu
[root@code kefu]# ls
[root@code kefu]# mkdir 1.txt
[root@code kefu]#

在这里插入图片描述

为什么kefu能登录FTP,code不可以

[root@code ~]# grep -v ^# /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
local_root=/date/kefu
chroot_local_user=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YESpam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@code ~]# man 5 /etc/vsftpd/vsftpd.conf

推测没有code 用户
使用tom可以登录

使用浏览器为什么无法登录ftp

在这里插入图片描述

ftp被动模式下,客户端比服务器端有利,如何理解

在这里插入图片描述
服务器更好调整
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

FTP任务解决方案:客户服务系统

kefu 123 登录系统
不允许匿名访问
文档保存在/data/kefu
kefu 只能在/data/kefu中活动
在这里插入图片描述
在这里插入图片描述

21. 当需要将很多个文件压缩成一个文件时,可以选择以下哪些压缩工具(ACB)?

A、gzip
B、zip
C、tar
D、unzip
在这里插入图片描述

源码

root@192.168.235.20's password:┌────────────────────────────────────────────────────────────────────┐│                        • MobaXterm 20.0 •                          ││            (SSH client, X-server and networking tools)             ││                                                                    ││ ➤ SSH session to root@192.168.235.20                               ││   • SSH compression : ✘                                            ││   • SSH-browser     : ✔                                            ││   • X11-forwarding  : ✔  (remote display is forwarded through SSH) ││   • DISPLAY         : ✔  (automatically set on remote server)      ││                                                                    ││ ➤ For more info, ctrl+click on help or visit our website           │└────────────────────────────────────────────────────────────────────┘Last login: Thu Jun  5 19:31:29 2025 from 192.168.235.1
[root@code ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500inet 192.168.235.20  netmask 255.255.255.0  broadcast 192.168.235.255inet6 fe80::20c:29ff:fe97:845e  prefixlen 64  scopeid 0x20<link>ether 00:0c:29:97:84:5e  txqueuelen 1000  (Ethernet)RX packets 1100712  bytes 444103092 (423.5 MiB)RX errors 0  dropped 0  overruns 0  frame 0TX packets 964272  bytes 498686849 (475.5 MiB)TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0您在 /var/spool/mail/root 中有新邮件
[root@code ~]# systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemonLoaded: loaded (/usr/lib/systemd/system/vsftpd.service; enabled; vendor preset: disabled)Active: active (running) since 三 2025-06-04 20:54:02 CST; 1 day 23h agoProcess: 51486 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)Main PID: 51488 (vsftpd)Tasks: 1CGroup: /system.slice/vsftpd.service└─51488 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf6月 04 20:54:02 code systemd[1]: Stopped Vsftpd ftp daemon.
6月 04 20:54:02 code systemd[1]: Starting Vsftpd ftp daemon...
6月 04 20:54:02 code systemd[1]: Started Vsftpd ftp daemon.
您在 /var/spool/mail/root 中有邮件
[root@code ~]# grep ^# /etc/vsftpd/vsftpd.conf
# Example config file /etc/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
#
# Uncomment this to allow local users to log in.
# When SELinux is enforcing check for SE bool ftp_home_dir
# Uncomment this to enable any form of FTP write command.
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
# When SELinux is enforcing check for SE bool allow_ftpd_anon_write, allow_ftpd_full_access
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
#
# Activate logging of uploads/downloads.
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/xferlog
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains
# the behaviour when these options are disabled.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
#chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
#
# This directive enables listening on IPv6 sockets. By default, listening
# on the IPv6 "any" address (::) will accept connections from both IPv6
# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6
# sockets. If you want that (perhaps because you want to listen on specific
# addresses) then you must run two copies of vsftpd with two configuration
# files.
# Make sure, that one of the listen options is commented !!
您在 /var/spool/mail/root 中有邮件
[root@code ~]# grep -v ^# /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
local_root=/date/kefu
chroot_local_user=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YESpam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@code ~]# man 5 /etc/vsftpd/vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code ~]# cd /etc/vsftpd
[root@code vsftpd]# man 5 vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# man 5 /etc/vsftpd/vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# man 5 vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# ls /kefu
ls: 无法访问/kefu: 没有那个文件或目录
[root@code vsftpd]# cd /kefu
-bash: cd: /kefu: 没有那个文件或目录
[root@code vsftpd]# cd /date/kefu
[root@code kefu]# ls
[root@code kefu]# mkdir 1.txt
[root@code kefu]# cd -
/etc/vsftpd
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# ls
ftpusers  user_list  vsftpd.conf  vsftpd_conf_migrate.sh
[root@code vsftpd]# cd ~
[root@code ~]# ls
2-1.java  alll1            app       axel-2.4.tar.gz  cc.conf  initial-setup-ks.cfg       ok   readme7
2.java    anaconda-ks.cfg  axel-2.4  bb.conf          code     inotify-tools-3.13.tar.gz  okl  readme.txt
[root@code ~]# tail -5 /etc/passwd
netasha:x:1018:1018::/home/netasha:/bin/bash
sarsh:x:1019:1228::/home/sarsh:/bin/bash
OOO:x:1020:1020::/home/OOO:/bin/bash
jerry:x:1021:1229::/home/jerry:/bin/bash
kefu:x:1022:1022::/home/kefu:/bin/bash
您在 /var/spool/mail/root 中有邮件
[root@code ~]# tail -10 /etc/passwd
boss01:x:1013:1004::/home/boss01:/bin/bash
cw02:x:1014:1224::/home/cw02:/bin/bash
sc02:x:1015:1226::/home/sc02:/bin/bash
rs02:x:1016:1225::/home/rs02:/bin/bash
harry:x:1017:1017::/home/mahei/redhat/harry:/bin/bash
netasha:x:1018:1018::/home/netasha:/bin/bash
sarsh:x:1019:1228::/home/sarsh:/bin/bash
OOO:x:1020:1020::/home/OOO:/bin/bash
jerry:x:1021:1229::/home/jerry:/bin/bash
kefu:x:1022:1022::/home/kefu:/bin/bash
[root@code ~]# tail -15 /etc/passwd
tom:x:1008:1008::/home/tom:/bin/bash
jack:x:1009:1009::/home/jack:/bin/bash
cw01:x:1010:1224::/home/cw01:/bin/bash
sc01:x:1011:1226::/home/sc01:/bin/bash
rs01:x:1012:1225::/home/rs01:/bin/bash
boss01:x:1013:1004::/home/boss01:/bin/bash
cw02:x:1014:1224::/home/cw02:/bin/bash
sc02:x:1015:1226::/home/sc02:/bin/bash
rs02:x:1016:1225::/home/rs02:/bin/bash
harry:x:1017:1017::/home/mahei/redhat/harry:/bin/bash
netasha:x:1018:1018::/home/netasha:/bin/bash
sarsh:x:1019:1228::/home/sarsh:/bin/bash
OOO:x:1020:1020::/home/OOO:/bin/bash
jerry:x:1021:1229::/home/jerry:/bin/bash
kefu:x:1022:1022::/home/kefu:/bin/bash
[root@code ~]#
http://www.xdnf.cn/news/12574.html

相关文章:

  • Python训练营---Day46
  • R²ec: 构建具有推理能力的大型推荐模型,显著提示推荐系统性能!!
  • python中的逻辑运算
  • 什么是强化学习:设置奖励函数最为loss, 监督学习:标签准确率作为loss
  • 三维GIS开发cesium智慧地铁教程(4)城市白模加载与样式控制
  • 【正念365】助你好“眠”
  • python实战:如何对word文档的格式进行定制化排版
  • C++ const 修饰符深入浅出详解
  • leetcode1609. 奇偶树-meidum
  • untiy 模拟人物在街道走路和跑步
  • Shell编程核心符号与格式化操作详解
  • [electron]预脚本不显示内联script
  • 使用docker安装vLLM、并安装modelscope本地模型
  • 三格电子——EtherCAT分支器的应用场景
  • 2025年硬盘坏道修复工具指南:让您的硬盘焕发新生
  • 【Zephyr 系列 11】使用 NVS 实现 BLE 参数持久化:掉电不丢配置,开机自动加载
  • 【k8s】k8s集群搭建
  • 洞悉 MySQL 查询性能:EXPLAIN 命令 type 字段详解
  • 基于本地LLM与MCP架构构建AI智能体全指南
  • Nest框架: 日志功能之收集,筛选,存储,维护
  • c语言 头文件封装跨平台线程
  • SATA3.0接口PCB布局走线注意事项
  • 【Redis】Cluster集群
  • C++11 右值引用:从入门到精通
  • Vue3 卡片绑定滚动条 随着滚动条展开效果 GSAP动画库 ScrollTrigger滚动条插件
  • 2025/6/4—halcon算子及知识点总结
  • windows11右键取消二次加载
  • 网络编程之服务器模型与UDP编程
  • CVPR 2025 | 港中文 MMLab 提出文生图模型 T2I-R1,文生图进入R1时刻!
  • 让敏感数据在流转与存储中始终守护在安全范围