CentOS安装FTP 以及FTP、TELNET、VNC服务开启方法
1、安装FTP# rpm –qa | grep vsftpd ##检查是否已安装FTP
# yum install vsftpd
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package vsftpd.i386 0:2.0.5-24.el5 set to be updated
base/filelists | 3.0 MB 00:18
extras/filelists_db | 212 kB 00:01
updates/filelists_db | 497 kB 00:02
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
vsftpd i386 2.0.5-24.el5 base 143 k
Transaction Summary
================================================================================
Install 1 Package(s)
Upgrade 0 Package(s)
Total download size: 143 k
Is this ok : y
Downloading Packages:
vsftpd-2.0.5-24.el5.i386.rpm | 143 kB 00:00
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID e8562897
base/gpgkey | 1.5 kB 00:00
Importing GPG key 0xE8562897 "CentOS-5 Key (CentOS 5 Official Signing Key) " from /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
Is this ok : y
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : vsftpd 1/1
Installed:
vsftpd.i386 0:2.0.5-24.el5
Complete!
2、开启FTP方法:
1)、用ntsysv命令查看vsftp服务是否被选?未选空格选中后确定。
2)、注释掉/etc/vsftpd/ftpusers中的root或删除此行;
3)、注释掉/etc/vsftpd/user_list中的root或删除此行;
4)、执行命令 setsebool ftpd_disable_trans 1
5)、重启FTP服务#service vsftpd restart。
3、安装telnet
1、查看有没有安装telnet服务
rpm –qa|grep telnet #没有则找安装包进行安装
2、通过yum install安装Telnet程序
# yumlist telnet-server
Loading "installonlyn" plugin
Setting up repositories
Reading repository metadata in from local files
Available Packages
telnet-server.i386 1:0.17-39.el5 base
# yum install telnet-server
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for telnet-server to pack into transaction set.
telnet-server-0.17-39.el5 100% |=========================| 8.4 kB 00:01
---> Package telnet-server.i386 1:0.17-39.el5 set to be updated
--> Running transaction check
Dependencies Resolved
=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
telnet-server i386 1:0.17-39.el5 base 35 k
Transaction Summary
=============================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 35 k
Is this ok : y选程Yes
Downloading Packages:
(1/1): telnet-server-0.17 100% |=========================|24 kB 00:31
http://ftp.stu.edu.tw/Linux/CentOS/5.2/os/i386/CentOS/telnet-server-0.17-39.el5.i386.rpm: Socket Error: timed out
Trying other mirror.
http://centos.cs.nctu.edu.tw/5.2/os/i386/CentOS/telnet-server-0.17-39.el5.i386.rpm: IOError:
Trying other mirror.
(1/1): telnet-server-0.17 100% |=========================|35 kB 00:00
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: telnet-server #########################
Installed: telnet-server.i386 1:0.17-39.el5
Complete!
3、修改配置文件more /etc/xinetd.d/telnet
# more telnet
# default: on
# description: The telnet server serves telnet sessions; it uses \
# unencrypted username/password pairs for authentication.
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = yes
}
将disable项由yes改成no。
4、重启服务生效
# service xinetd restart
或者# /etc/rc.d/init.d/xinetd restart #这个是比较正规的方法
Telnet root用户的登入
root 不能直接以 telnet 连接上主机。 telnet 不是很安全,默认的情况之下就是无法允许 root 以 telnet 登入 Linux 主机的 。若要允许root用户登入,可用下列方法
# vi /etc/pam.d/login
#auth required pam_securetty.so #将这一行加上注释!
或
# mv /etc/securetty /etc/securetty.bak
这样一来, root 将可以直接进入 Linux 主机。不过,建议不要这样做。还可以在普通用户进入后,切换到root用户,拥有root的权限
CentOS Linux防火墙配置及关闭
查看防火墙信息:
#/etc/init.d/iptables status
关闭防火墙服务:
#/etc/init.d/iptables stop
在开了root用户上传权限,也关了系统的防火墙,但ftp连接的时候依然还会出现 "500 OOPS:cannot change directory:/root" 错误,如何解决呢?
解决:
1、 查看 SELinux 的状态:sestatus -b | grep ftp 确切地说,只是查看了ftp的状态。
2、 在出现的结果中可以看到ftp_home_dir off
tftpd_disable_trans off
之类。我们现在只要把其中之一设置为on就可以啦。
3、 setsebool -P ftpd_disable_trans on 或者 setsebool -Pftp_home_diron
4、 重启vsftpd:service vsftpd restart
在/目录下新建一个文件cutemp,作为ftp上传临时文件,没法上传。解决方式如下:
修改:/etc/vsftpd/vsftpd.conf
anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=YES
anon_mkdir_write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chown_uploads=YES
chown_username=samftp
#chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd/user_list
tcp_wrappers=YES
再设置:setsebool allow_ftpd_full_access on
service vsftpd restart
如果出现“550 create directory operation failed”
是SELinux(Security-Enhanced Linux----是美国国家安全局对于强制访问控制的实现, 是Linux 上最杰出的新安全子系统.)安装机制搞的鬼.只要disable SELinux就可以了.
关闭SELinux方法
# vi /etc/selinux/config
将 SELINUX=XXX -->XXX 代表级别
改为
SELINUX=disabled
页:
[1]