如题

安装 yum -y install vsftpd

1
2
3
4
5
6
7
[root@AndyCentOS7Basic sql.data]#  yum -y install vsftpd
...
Installed:
  vsftpd.x86_64 0:3.0.2-22.el7

Complete!
[root@AndyCentOS7Basic sql.data]#

添加用户并设置密码

1
2
3
4
5
6
7
[root@AndyCentOS7Basic ~]# useradd -d /home/uftp -s /sbin/nologin uftp
[root@AndyCentOS7Basic ~]# passwd uftp
Changing password for user uftp.
New password: 
BAD PASSWORD: The password is shorter than 8 characters
Retype new password: 
passwd: all authentication tokens updated successfully.

开发环境,设置密码与用户名一致,方便管理。

常用命令/设置

rpm -qa|grep vsftpd //查看是否安装了vsftpd

1
2
[root@AndyCentOS7Basic ~]# rpm -qa|grep vsftpd 
vsftpd-3.0.2-22.el7.x86_64

systemctl status vsftpd //查看状态,默认是关闭的
systemctl start vsftpd //开启vsftpd服务
systemctl enable vsftpd //设置为开机启动
netstat -tulnp | grep 21 //查看是否启动了vsftpd服务
systemctl restart vsftpd //重启 vsftpd

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
[root@AndyCentOS7Basic ~]# systemctl status vsftpd 
● vsftpd.service - Vsftpd ftp daemon
   Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
   Active: inactive (dead)
[root@AndyCentOS7Basic ~]# systemctl start vsftpd
[root@AndyCentOS7Basic ~]# systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemon
   Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2017-11-08 15:59:48 CST; 4s ago
  Process: 1718 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
 Main PID: 1719 (vsftpd)
   CGroup: /system.slice/vsftpd.service
           └─1719 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf

Nov 08 15:59:48 AndyCentOS7Basic systemd[1]: Starting Vsftpd ftp daemon...
Nov 08 15:59:48 AndyCentOS7Basic systemd[1]: Started Vsftpd ftp daemon.
[root@AndyCentOS7Basic ~]# systemctl enable vsftpd 
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
[root@AndyCentOS7Basic ~]# netstat -tulnp| grep 21
tcp6       0      0 :::21                   :::*                    LISTEN      1719/vsftpd

修改配置

vi /etc/vsftpd/vsftpd.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
listen=YES
listen_port=21
tcp_wrappers=YES
write_enable=YES
xferlog_enable=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
idle_session_timeout=600
data_connection_timeout=120
chown_uploads=YES
chown_username=daemon
ftpd_banner=Welcome to andy.vbox.centos6.6 FTP service
anonymous_enable=NO
local_enable=yes
chroot_local_user=yes
pam_service_name=vsftpd
userlist_enable=YES
allow_writeable_chroot=YES # 不添加该项,登录时会出错,见下面的描述

改好之后重启 vsftpd :systemctl restart vsftpd

禁用 SELinux

vim /etc/selinux/config
设置 SELINUX 为:SELINUX=disabled

1
2
3
[root@AndyCentOS7Basic ~]# setenforce 0
[root@AndyCentOS7Basic ~]# getenforce  
Permissive

重启服务器之后,再检查,将会提示 Disabled

1
2
[root@AndyCentOS7Basic ~]# getenforce
Disabled

Response: 500 OOPS: vsftpd: refusing to run with writable root inside chroot()

原因:从2.3.5之后,vsftpd增强了安全检查,如果用户被限定在了其主目录下,则该用户的主目录不能再具有写权限了!如果检查发现还有写权限,就会报该错误。
解决:
要修复这个错误,可以用命令chmod a-w /home/user 去除用户主目录的写权限,注意把目录替换成你自己的。
但是,一般都需要有写权限,所以,寻求别的解决办法。
修改配置文件,添加这一项:allow_writeable_chroot=YES
重启 vsftpd(systemctl restart vsftpd)之后,再次登录,ok!