当前位置: 首页 > news >正文

LINUX 66 FTP 2 ;FTP被动模式;FTP客户服务系统

news 来源:原创 2025/6/7 7:22:12

19. 在vim中将所有 abc 替换为 def,在底行模式下执行©?D

A、s/abc/def
B、s/abc/def/g
C、%s/abc/def
D、%s/abc/def/g
在这里插入图片描述

FTP连接

在这里插入图片描述
在这里插入图片描述
用户名应该填什么

[root@code ~]# grep -v ^# /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
local_root=/date/kefu
chroot_local_user=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YESpam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@code ~]# man 5 /etc/vsftpd/vsftpd.conf

怎么理解匿名访问FTP anonymous_enable=YES在这里插入图片描述

怎么理解匿名访问FTP anonymous_enable=NO

如果不支持匿名访问,用户名和密码是什么
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

  chroot_local_userIf set to YES, local users will be (by default) placed in a chroot() jail in their home directory after login.  Warning:This option has security implications, especially if the users have upload permission, or shell access. Only  enable  ifyou  know what you are doing.  Note that these security implications are not vsftpd specific. They apply to all FTP dae‐mons which offer to put local users in chroot() jails.

chroot_local_user
若设置为YES,本地用户在登录后将被默认禁锢在其主目录的chroot()环境中。

  connect_from_port_20This controls whether PORT style data connections use port 20 (ftp-data) on the server machine.  For  security  reasons,some  clients  may  insist  that this is the case. Conversely, disabling this option enables vsftpd to run with slightlyless privilege.

connect_from_port_20 该选项控制PORT模式数据连接是否使用服务器机器的端口20(ftp-data)。
主动模式

listen If  enabled,  vsftpd  will  run  in  standalone mode. This means that vsftpd must not be run from an inetd of some kind.Instead, the vsftpd executable is run once directly. vsftpd itself will then take care of  listening  for  and  handlingincoming connections.

如果启用,vsftpd将以独立模式运行。这意味着vsftpd不应从任何类型的inetd启动运行。
相反,vsftpd可执行文件将直接运行一次。之后vsftpd会自行负责监听和处理传入的连接。

怎么理解 vsftpd将以独立模式运行。这意味着vsftpd不应从任何类型的inetd启动运行。在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

local_rootThis  option represents a directory which vsftpd will try to change into after a local (i.e. non-anonymous) login. Fail‐ure is silently ignored.Default: (none)

local_root
该选项表示 vsftpd 在本地(即非匿名)登录后尝试切换进入的目录。若切换失败将静默忽略。
默认值:(无)

userlist_enableIf  enabled,  vsftpd will load a list of usernames, from the filename given by userlist_file.  If a user tries to log inusing a name in this file, they will be denied before they are asked for a password. This may be  useful  in  preventingcleartext passwords being transmitted. See also userlist_deny.Default: NO

如果启用,vsftpd将从userlist_file指定的文件名加载用户名列表。如果用户尝试使用该文件中的用户名登录,系统会在要求输入密码前拒绝其访问。这有助于防止明文密码传输。另请参阅userlist_deny。
黑名单

[root@code vsftpd]# cd /date/kefu
[root@code kefu]# ls
[root@code kefu]# mkdir 1.txt
[root@code kefu]#

在这里插入图片描述

为什么kefu能登录FTP,code不可以

[root@code ~]# grep -v ^# /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
local_root=/date/kefu
chroot_local_user=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YESpam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@code ~]# man 5 /etc/vsftpd/vsftpd.conf

推测没有code 用户
使用tom可以登录

使用浏览器为什么无法登录ftp

在这里插入图片描述

ftp被动模式下,客户端比服务器端有利,如何理解

在这里插入图片描述
服务器更好调整
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

FTP任务解决方案:客户服务系统

kefu 123 登录系统
不允许匿名访问
文档保存在/data/kefu
kefu 只能在/data/kefu中活动
在这里插入图片描述
在这里插入图片描述

21. 当需要将很多个文件压缩成一个文件时,可以选择以下哪些压缩工具(ACB)?

A、gzip
B、zip
C、tar
D、unzip
在这里插入图片描述

源码

root@192.168.235.20's password:┌────────────────────────────────────────────────────────────────────┐│                        • MobaXterm 20.0 •                          ││            (SSH client, X-server and networking tools)             ││                                                                    ││ ➤ SSH session to root@192.168.235.20                               ││   • SSH compression : ✘                                            ││   • SSH-browser     : ✔                                            ││   • X11-forwarding  : ✔  (remote display is forwarded through SSH) ││   • DISPLAY         : ✔  (automatically set on remote server)      ││                                                                    ││ ➤ For more info, ctrl+click on help or visit our website           │└────────────────────────────────────────────────────────────────────┘Last login: Thu Jun  5 19:31:29 2025 from 192.168.235.1
[root@code ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500inet 192.168.235.20  netmask 255.255.255.0  broadcast 192.168.235.255inet6 fe80::20c:29ff:fe97:845e  prefixlen 64  scopeid 0x20<link>ether 00:0c:29:97:84:5e  txqueuelen 1000  (Ethernet)RX packets 1100712  bytes 444103092 (423.5 MiB)RX errors 0  dropped 0  overruns 0  frame 0TX packets 964272  bytes 498686849 (475.5 MiB)TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0您在 /var/spool/mail/root 中有新邮件
[root@code ~]# systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemonLoaded: loaded (/usr/lib/systemd/system/vsftpd.service; enabled; vendor preset: disabled)Active: active (running) since 三 2025-06-04 20:54:02 CST; 1 day 23h agoProcess: 51486 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)Main PID: 51488 (vsftpd)Tasks: 1CGroup: /system.slice/vsftpd.service└─51488 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf6月 04 20:54:02 code systemd[1]: Stopped Vsftpd ftp daemon.
6月 04 20:54:02 code systemd[1]: Starting Vsftpd ftp daemon...
6月 04 20:54:02 code systemd[1]: Started Vsftpd ftp daemon.
您在 /var/spool/mail/root 中有邮件
[root@code ~]# grep ^# /etc/vsftpd/vsftpd.conf
# Example config file /etc/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
#
# Uncomment this to allow local users to log in.
# When SELinux is enforcing check for SE bool ftp_home_dir
# Uncomment this to enable any form of FTP write command.
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
# When SELinux is enforcing check for SE bool allow_ftpd_anon_write, allow_ftpd_full_access
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
#
# Activate logging of uploads/downloads.
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/xferlog
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains
# the behaviour when these options are disabled.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
#chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
#
# This directive enables listening on IPv6 sockets. By default, listening
# on the IPv6 "any" address (::) will accept connections from both IPv6
# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6
# sockets. If you want that (perhaps because you want to listen on specific
# addresses) then you must run two copies of vsftpd with two configuration
# files.
# Make sure, that one of the listen options is commented !!
您在 /var/spool/mail/root 中有邮件
[root@code ~]# grep -v ^# /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
local_root=/date/kefu
chroot_local_user=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YESpam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@code ~]# man 5 /etc/vsftpd/vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code ~]# cd /etc/vsftpd
[root@code vsftpd]# man 5 vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# man 5 /etc/vsftpd/vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# man 5 vsftpd.conf
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# ls /kefu
ls: 无法访问/kefu: 没有那个文件或目录
[root@code vsftpd]# cd /kefu
-bash: cd: /kefu: 没有那个文件或目录
[root@code vsftpd]# cd /date/kefu
[root@code kefu]# ls
[root@code kefu]# mkdir 1.txt
[root@code kefu]# cd -
/etc/vsftpd
您在 /var/spool/mail/root 中有邮件
[root@code vsftpd]# ls
ftpusers  user_list  vsftpd.conf  vsftpd_conf_migrate.sh
[root@code vsftpd]# cd ~
[root@code ~]# ls
2-1.java  alll1            app       axel-2.4.tar.gz  cc.conf  initial-setup-ks.cfg       ok   readme7
2.java    anaconda-ks.cfg  axel-2.4  bb.conf          code     inotify-tools-3.13.tar.gz  okl  readme.txt
[root@code ~]# tail -5 /etc/passwd
netasha:x:1018:1018::/home/netasha:/bin/bash
sarsh:x:1019:1228::/home/sarsh:/bin/bash
OOO:x:1020:1020::/home/OOO:/bin/bash
jerry:x:1021:1229::/home/jerry:/bin/bash
kefu:x:1022:1022::/home/kefu:/bin/bash
您在 /var/spool/mail/root 中有邮件
[root@code ~]# tail -10 /etc/passwd
boss01:x:1013:1004::/home/boss01:/bin/bash
cw02:x:1014:1224::/home/cw02:/bin/bash
sc02:x:1015:1226::/home/sc02:/bin/bash
rs02:x:1016:1225::/home/rs02:/bin/bash
harry:x:1017:1017::/home/mahei/redhat/harry:/bin/bash
netasha:x:1018:1018::/home/netasha:/bin/bash
sarsh:x:1019:1228::/home/sarsh:/bin/bash
OOO:x:1020:1020::/home/OOO:/bin/bash
jerry:x:1021:1229::/home/jerry:/bin/bash
kefu:x:1022:1022::/home/kefu:/bin/bash
[root@code ~]# tail -15 /etc/passwd
tom:x:1008:1008::/home/tom:/bin/bash
jack:x:1009:1009::/home/jack:/bin/bash
cw01:x:1010:1224::/home/cw01:/bin/bash
sc01:x:1011:1226::/home/sc01:/bin/bash
rs01:x:1012:1225::/home/rs01:/bin/bash
boss01:x:1013:1004::/home/boss01:/bin/bash
cw02:x:1014:1224::/home/cw02:/bin/bash
sc02:x:1015:1226::/home/sc02:/bin/bash
rs02:x:1016:1225::/home/rs02:/bin/bash
harry:x:1017:1017::/home/mahei/redhat/harry:/bin/bash
netasha:x:1018:1018::/home/netasha:/bin/bash
sarsh:x:1019:1228::/home/sarsh:/bin/bash
OOO:x:1020:1020::/home/OOO:/bin/bash
jerry:x:1021:1229::/home/jerry:/bin/bash
kefu:x:1022:1022::/home/kefu:/bin/bash
[root@code ~]#

相关文章:

  • Nestjs框架: nestjs-schedule模块注册流程,源码解析与定时备份数据库
  • Aspose.PDF 限制绕过方案:Java 字节码技术实战分享(仅供学习)
  • 飞云智能波段主图+多空短线决策副图指标,组合操盘技术图文解说
  • 预训练语言模型T5-11B的简要介绍
  • 【Dv3Admin】系统视图菜单字段管理API文件解析
  • 如何以 9 种方式将照片从手机传输到笔记本电脑
  • 智谱清言沉思智能体,天工智能体,agenticSeek等AI Agent测试记录
  • Linux缓冲区与glibc封装:入门指南
  • 2025年全国青少年信息素养大赛 scratch图形化编程挑战赛 小高组初赛 真题详细解析
  • 【更新至2024年】2000-2024年上市公司财务困境MertonDD模型数据(含原始数据+结果)
  • Shopify 主题开发:店铺品牌色在主题中的巧妙运用
  • Oracle 用户名大小写控制
  • 12.5Swing控件3Jpanel JOptionPane
  • 设计模式——模板方法
  • Qt生成日志与以及报错文件(mingw64位,winDbg)————附带详细解说
  • 《深度体验 Egg.js:打造企业级 Node.js 应用的全景指南》
  • AI生成的基于html+marked.js实现的Markdown转html工具,离线使用,可实时预览 [
  • 如何使用Webhook触发器,在 ONLYOFFICE 协作空间构建智能工作流
  • 自建 dnslog 回显平台:渗透测试场景下的隐蔽回显利器
  • stm32_DMA
  • wordpress 强密码 弱/英文关键词seo
  • php网站做分享到朋友圈/爱站网络挖掘词
  • 乐清网站建设服务/游戏推广渠道有哪些
  • 做网站市场大不大/免费做网站
  • 网站标题间隔符/seo营销名词解释
  • 广州做一个网站多少钱/安卓优化大师手机版