Ubuntu Server 第九章 文件服务

释放双眼,带上耳机,听听看~!

在文件服务之前,先提下网络。网络是一个意外的产物,最早在美国国防部提出,出于战争的需要,担心军事指挥中心被摧毁,设计了一套去中心化的系统(APPAnet)。NSF利用APPanet发展出来的TCP/IP通讯协议,建立的NTFnet广域网,后来越来越多的组织接入使NSfnet成为Internet的骨干网之一。总结一下

  • 网络诞生的最初的是去中心化和资源共享

  • 文件共享是初期最主要的资源共享形式

文件共享从发展至今出现了很多共享服务,很多已经被逐渐不用,有些我们现在还能见到应用场景。

下面逐一介绍这些共享服务

FTP与vsftp

FTP是早起互联网的重要服务,在安全这个概念产生之前,被广泛的使用。原因在于,FTP的传输是明文的,对中间人攻击没有抵抗力。后面也出现了很多安全的传输服务,比如第七章中的SFTP,利用SSH隧道和FTP结合;或者是FTPS,利用FTP和SSL来增强其安全性。那么FTP是不是完全没用了呢?不是的,比如开源镜像站、产品文档,这种场景下,它不需要加密,它的目的就是为了让更多人看到,而且部署方便、快捷。或者在企业内网环境下,我们认为内网是可信网络,使用FTP共享资源仍然是一个很好的选择。针对不同平台,FTP的服务端也有不同的实现。

  • FTP的服务端软件:SERVER U (win ) ,vsftpd(llinux),Proftpd(linux)

这里主要介绍vsftpd。FTP服务端一般不仅有下载功能,同时还能上传客户端的文件,出于安全考虑,一般部署在企业防火墙之外。直接暴露在公网下,禁止上传文件。同时读取文件采用只读的方式进行挂载。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install vsftpd </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#安装vsftpd</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#有使用过FTP的朋友知道可以匿名查看FTP(Anonymous),实际上安装过程中生成了一个名为"FTP"的账号,匿名登录使用的是名为FTP账号。</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo cat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">passwd </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">grep ftp </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看到名为FTP的shell为nologin,意为不允许登录,主目录在"/srv/ftp"</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo cat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">shadow </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">grep ftp </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#它的密码也为*,代表没有密码</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">netstat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pantu </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">grep </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">21</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看端口是否开启,默认使用21,可修改</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl start vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#开启服务</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo service vsftpd status </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看服务运行状态</span></code></span></span></p></li>
   </ol>

vsftpd使用系统用户账号来作为FTP用户账户的,如果状态正常(active),可以使用同一网络下的ftp客户端访问,命令行下使用 ftp ip(所有发行版都自带这个命令,ip为开启FTP服务的主机IP地址)输入用户名和密码;使用浏览器(任意浏览器)输入 ftp://ip,按照提示输入用户名和密码(默认禁止匿名登录),即可进入FTP客户端页面。笔者使用的宿主机是win 7,打开文件夹地址栏,输入 ftp://username:password@ip,默认的页面的登录用户的主目录。

vsftpd已经安装完成,接下来进行配置,vsftpd有两种配置模式.

  • 匿名模式(anonymous)

  • 认证模式(Standard)

配置文件处于 /etc/vsftpd.conf

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">anonymous_enable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#默认为NO,更改为YES。启用匿名模式</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">local_enable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">NO </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#默认YES,更改为NO,关闭认证模式</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl restart vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl status vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#惯例,重启服务,查看状态有无异常</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#再次使用FTP客户端访问测试,输入用户名为"anonymous","anonymous"对应操作系统的"FTP"账号,密码为空。浏览器、win文件浏览器等客户端会自动尝试使用匿名账号登录。</span></code></span></span></p></li>
   </ol>

登上去你会发现没有文件,为什么会这样呢?因为”FTP”账号的主目录 /srv/ftp下没有文件,当你在该目录下生成文件时,客户端便能访问到该文件。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#继续配置</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">write_enable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#将前面的#号去掉,全局配置,启用允许写入</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">anon_upload_enable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES</span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#允许匿名用户上传</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">anon_mkdir_write_enable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#允许匿名用户建立目录</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl restart vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl status vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#重启,访问测试</span></code></span></span></p></li>
   </ol>

虽然设置了匿名用户上传,如何你真的测试了,就会发现,任然无法在FTP根目录下匿名上传、创建文件,这是因为vsftpd默认对用户做了限制,不允许匿名用户在根目录下上传、创建文件(包括文件夹)。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ls </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ld </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看ftp用户主目录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">drwxr</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xr</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">x </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">2</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> root ftp </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">4096</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Jun</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">7</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">07</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">23</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#主目录的所有者是root,所有组是FTP组,而FTP组没有写入权限</span></code></span></span></p></li>
   </ol>

FTP是一个共享服务,是否能上传文件,还是受到文件系统权限的限制。没有权限?手动给它权限不就好了吗!

sudo chmod g+w/srv/ftp,再次测试发现匿名用户验证失败(笔者使用xftp客户端,推荐使用),赶紧恢复。

如何上传文件呢?

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo mkdir </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">upload </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#创建upload目录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo chown ftp</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp upload</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#更改目录所有者和所有组</span></code></span></span></p></li>
   </ol>

使用FTP客户端测试,在upload目录下可以创建目录与上传文件。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ls </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">l </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">upload </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看上传文件的权限</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#可以看到权限是755,</span></code></span></span></p></li>
   </ol>

还记得为什么会是”755“吗?和系统设置的umask有关。root用户的umask值默认是022,普通用户的umask值是002,目录最大的权限是”777″,所以使用 sudo新建的”upload”权限为”drwxr-xr-x”,在vsftpdp配置中,也有umask的值。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">local_umask</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">022</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#对本地用户生效</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">anon_umask</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">022</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#默认没有此项配置,添加即可,对虚拟用户生效,匿名用户包括在内</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl restart vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl status vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
   </ol>

再次测试,可以看到掩码已经生效。对“upload”目录下的文件进行删除,发现无法进行删除,重命名也无法进行。我们说,目录其实是个索引,删除文件的过程,本质是是对其索引的操作,是否是权限导致的呢?

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ls </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ld </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">upload </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看FTP组对其没有写入权限</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo chmod </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">707</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">upload </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#注意,如果对目录没有执行权限,无法进入目录。没有读权限,无法浏览目录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl restart vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl status vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
   </ol>

测试无法删除,事实上vsftpd做了限制,也有参数对此功能进行限制。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo chmod </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">704</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">upload </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#恢复权限</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">anon_other_write_enable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#增加该行配置,允许删除和重命名文件</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo mkdir </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">upload</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo chown root</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">upload</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo usermod </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">d </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">upload ftp </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#修改ftp用户的主目录</span></code></span></span></p></li>
   </ol>

这里笔者使用xftp客户端测试时发现修改后导致无法认证,使用命令行下的”lftp“具连接测试成功。

上面是匿名用户的一些上传、下载、修改的参数配置,除此之外,比较重要的就是日志。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xferlog_file</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">var</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">log</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">log </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#默认注释了,但是是被开启的,可修改路径。</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">idle_session_timeout</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">600</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#会话超时时长</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">no_anon_password</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#匿名用户禁用密码提示</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">hide_ids</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#显示属主/属组名称(默认UID)</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#后两个参数我本地测试没有测试成功</span></code></span></span></p></li>
   </ol>

我们说FTP工作在TCP 21端口下,但其实这个说法并不准确。TCP 21端口只是作为会话指令通信端口,传输数据时使用的是哪个端口呢?这就涉及到传输模式的问题,FTP构建了两种数据传输模式

  • 主动模式(PORT):FTP Server主动连接客户端

  • 被动模式(PASV):服务端被动,客户端链接服务端建立连接

首先FTP协议是在TCP协议基础上的,在FTP开始前,TCP的三次握手是必须的。

Port模式FTP 客户端首先和FTP服务器的TCP 21端口建立连接,通过这个通道发送命令,客户端需要接收数据的时候在这个通道上发送PORT命令。PORT命令包含了客户端用什么端口接收数据。在传送数据的时候,服务器端通过自己的TCP 20端口连接至客户端的指定端口发送数据。FTP server必须和客户端建立一个新的连接用来传送数据。

  Passive模式在建立控制通道的时候和Standard模式类似,但建立连接后发送的不是Port命令,而是Pasv命令。FTP服务器收到Pasv命令后,随机打开一个临时端口(也叫自由端口,端口号大于1023小于65535)并且通知客户端在这个端口上传送数据的请求,客户端连接FTP服务器此端口,然后FTP服务器将通过这个端口进行数据的传送,这个时候FTP server不再需要建立一个新的和客户端之间的连接。

——FTP文件传输协议两种模式-主动模式和被动模式

两种模式的区别在哪里?谁给数据传输的端口。为什么这点很重要?在IPv4地址枯竭的今天,NAT横行。作为FTP客户端,每次给的数据端口是随机的,到达FTP server时的端口是边界网关NAT后的端口,此时主动模式就会失效。被动模式就好的吗?FTP server服务端对随机的端口指定范围,防火墙指定端口范围开放,就能解决链接问题。(笔者这里其实还有点模糊,建立抓包理解其过程)

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pasv_min_port</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">40001</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pasv_max_port</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">40100</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#指定端口范围</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl restart vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl status vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
   </ol>

以上就是匿名模式下经常用到的一些配置,接下来介绍认证模式的一些常用配置

FTP 安全

vsftpd安装之后默认为认证模式,使用系统用户账户作为FTP用户账户,默认配置下,只有下载权限,没有上传权限,并且可回溯到根目录,存在安全隐患。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">local_enable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES</span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#开启本地用户的认证</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">chroot_local_user</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#默认注释,chroot将登录用户锁定在自己的主目录中,默认vsftpd禁止主目录可写的用户登录</span></code></span></span></p></li>
   </ol>

再次使用客户端登录,提示禁止主目录可写用户登录,默认情况下禁止vsftpd禁止FTP用户登录可写目录,如果在配置里指不可写的目录是否能解决呢?答案是当然的。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo mkdir ftp </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">&&</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> sudo chmoe </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">w ftp</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">chroot_local_user</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#注意,这是一个全局配置,登录的FTP用户绑定其主目录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">local_root</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">home</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xiaowu</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#与上一条命令一同生效,指定认证用户到该目录</span></code></span></span></p></li>
   </ol>

如果我们确实需要上传文件,如何配置呢?

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">write_enable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">chroot_local_user</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">local_root</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">home</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xiaowu </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#注意,设置可写,FTP用户必须拥有文件系统的可写权限</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">allow_writeable_chroot</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES</span></code></span></span></p></li>
   </ol>

事实上,FTP用户根目录可写是一件非常不安全的事,vsftpd官方推荐第一种方法。

chroot_local_user是对所有用户生效的,某些应用场景下只需要对部分用户生效,一部分用户可以回溯根目录,一部分无法回溯到根目录。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#chroot_local_user=YES #注释掉</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">local_root</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">home</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xiaowu</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ftp </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#用户主目录不可写的限制任然在</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">chroot_list_enable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">chroot_list_file</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">chroot_list </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#去掉这两行的注释,list中包含的用户将绑定到主目录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#注意,如果"chroot_local_user=YES"未被注释,那么效果将是list中的用户不绑定</span></code></span></span></p></li>
   </ol>

安装vsftpd之后,vsftpd在”/etc/ftpuers”生成了禁止登陆FTP的账号列表,并且已经存在了一些账号。可以手动添加,达到禁止登陆的效果。

顺便提一下,在企业坏境下,经常有这样一类备份应用,提前设置好参数,能够自动备份到FTP Server。

前面提到FTP是明文传输的协议,为了更安全的使用FTP,FTPS(FTP+SSL)是使用标准FTP协议和指令的增强型FTP协议,为FTP协议和数据通道之间增加了SSL安全功能。前面提到过SFTP,SFTP使用的是SSH隧道加密,FTPS基于SSL证书加密;SFTP通常使用的账号均有shell权限的账号,而FTPS的账号都不需要shell权限。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">rsa_cert_file</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssl</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">certs</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssl</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cert</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">snakeoil</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pem </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#证书位置</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">rsa_private_key_file</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssl</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssl</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cert</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">snakeoil</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">key </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#私钥位置</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssl_enable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">YES </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#默认为NO</span></code></span></span></p></li>
   </ol>

这里多说一下,笔者使用的xftp居然不支持FTPS,推荐使用Filezilla,开源、免费好用。简单介绍下FTPS通信过程。

这里涉及加解密的一些过程,vsftpd安装过程中会生成一证书以及私钥。有机会的话,笔者向大家介绍加解密。建议手动生成证书

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">openssl genrsa </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">des3 </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">out rsa_private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">key </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">2048</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#生成加密的私钥,输入两次密码</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">openssl rsa </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="kwd" style="box-sizing: border-box;color: rgb(204, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">in</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> rsa_private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">key </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">out rsa_private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">key</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">insecure </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#转换成不加密的私钥</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">openssl req </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">new </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">key rsa_private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">key </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">out cert</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">crt</span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#生成证书请求文件</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">openssl x509 </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">req </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">days </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">365</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="kwd" style="box-sizing: border-box;color: rgb(204, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">in</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> cert</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">crt </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">signkey rsa_private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">key </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">out ca</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cert</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pem </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#自签名证书</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo cp ca</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cert</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pem </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssl</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">certs</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cp rsa_private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">key</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">insecure </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssl</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">rsa_private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">key</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vsftpd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">rsa_cert_file</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssl</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">certs</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ca</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cert</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pem </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#证书位置</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">rsa_private_key_file</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssl</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">rsa_private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">key </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#私钥位置</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#重启服务略过</span></code></span></span></p></li>
   </ol>

FTP客户端重新连接,即发现新的证书。

NFS

NFS就是Network File System的缩写,它最大的功能是通过网络是跨平台共享彼此文件。最早由SUN公司开发。可能你已经熟悉了windows下的文件共享方式,NFS是类unix下最主要的文件共享方法。基于RPC(Remote Procedure Call)协议的应用层协议实现,NFS发展至今天,已经逐渐淡化对RPC的依赖。NFS默认使用TCP 2049端口,协议本身不加密,可结合SSH隧道实现加密,还可以结合Kerberos协议实现认证。NFS采用隐式身份认证系统,正是隐藏式的身份认证方式是很多人对NFS有很多疑惑,在下文中,请务必理解其身份认证和权限配置。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install nfs</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">kernel</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">server </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#服务端</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install nfs</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">common </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#客户端</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ps </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ef </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">grep rpc </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看RPC相关的进程</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#其中rpcbind是RPC的服务进程,</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#rpc.mountd负责客户端来源认证,认证成功后接受客户端的挂载请求,工作在随机端口,即时向RPC注册。</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#rpc.idmapd负责用户ID映射</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#还有这里没出现的lockd(锁定,需C/S同时启用),statd(一致性,需C/S同时启用)</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ps </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ef </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">grep nfs </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看NFS相关的进程</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#nsfd是NFS的主进程</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">netstat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pantu </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看RPC启用的TCP 111 端口和NFS 2049端口是否开启</span></code></span></span></p></li>
   </ol>

还记得FTP的权限配置吗?NFS和FTP的配置有点类似。NFS本身的配置是一套共享权限,写入读取还要受到文件系统权限的限制,最后的效果是两套权限的交集。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">exports </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#NFS的配置文件</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">export </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.10</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.0</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">24</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">(</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">rw</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">,</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sync</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">,</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">no_subtree_check</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">)#</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ro</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">rw </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">只读/只写</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> sync</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">、</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">async </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">同步写入/暂存于内存</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo mkdir </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">export</span></code></span></span></p></li>
   </ol>

配置文件中的选项参数说明:

  • all_squash:将远程访问的所有普通用户及所属组都映射为匿名用户或用户组(nfsnobody);

  • noallsquash:与all_squash取反(默认设置);

  • root_squash:将root用户及所属组都映射为匿名用户或用户组(默认设置);

  • norootsquash:与rootsquash取反;

  • anonuid=xxx:将远程访问的所有用户都映射为匿名用户,并指定该用户为本地用户(UID=xxx);

  • anongid=xxx:将远程访问的所有用户组都映射为匿名用户组账户,并指定该匿名用户组账户为本地用户组账户(GID=xxx);——Linux NFS服务器的安装与配置

关于权限的分析

  • 客户端连接时候,对普通用户的检查

    • 如果指定了用户映射的身份,身份为指定用户

    • 如果NFS server上有同名用户,身份即同名用户

    • 没有指定,也没有同名,身份被映射为nobody用户。

  • 对root用户的检查

    • 如果指定了anonuid、anonid,root用户将被映射为指定用户

    • 如果设置norootsquash,root用户的身份被压缩为NFS server上面的root

    • 如果设置了all_squash,root用户将被映射为nobody

    • 如果同时设置了,norootsquash失效

在真正挂载之前,先明确身份认证这件事。Linux是UID、GID来区分不同用户的。

NTS服务不具备身份验证的功能,NFS提供了一种身份验证机制来对用户身份进行管理。当客户端访问NFS服务时,NFS Server 会根据情况将用户的身份映射成NFS匿名用户,nobody(UID为65534),nobody是NFS服务在安装过程创建的账号。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> sudo cat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">passwd </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">grep nobody</span></code></span></span></p></li>
   </ol>

因此共享目录,建议将文件的所有者和所有组更改为nobydy、nogroup。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo chown nobody</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">nogroup </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">export</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl restart nfs</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">server</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo exportfs </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看共享目录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">var</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">lib</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">nfs</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etab </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#记录nfs共享信息,可以查看到没有声明的权限参数都进行了默认配置</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">var</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">lib</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">nfs</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xtab </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#链接NFS的客户端信息</span></code></span></span></p></li>
   </ol>

这个时候已经可以在另一台机器上进行挂载

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install nfs</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">common </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#NFS的客户端</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo mkdir nfs</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo mount </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.10</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.131</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">export nfs </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#挂载到目录下</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">fstab </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#写入此文件,将开启自动挂载</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.10</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.131</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">export </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">nfs nfs nfs auto </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#规则错误或通信故障都会导致启动错误</span></code></span></span></p></li>
   </ol>

其余的一些命令

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">rpcinfo </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">p </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.10</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.131</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看RPC服务的注册状态</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">tail </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">var</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">log</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">kern</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">log </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看服务器日志</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">showmount </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">e localhost </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看共享目录,和sudo exportfs效果相同</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">df </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">h </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#客户端查看挂载</span></code></span></span></p></li>
   </ol>

通常企业坏境下还部署其他的身份认证系统,不依靠NSF自身的身份管理。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">idpamd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#在该文件中配置</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Domain</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=域</span></code></span></span></p></li>
   </ol>

具体的用途在后面的章节进行介绍。注意,前面虽然说NFS是在类UNIX系统上进行文件共享,但windows下也进行了支持,在高版本的win系统上,可使用添加组件功能手动开启(笔者使用的win7可开启)。

SAMBA服务

Samba是什么?

  • samba是基于SMB(ServerMessage Block)的开源软件,用于连接Unix服务器和windows的客户机,执行打印和文件共享等任务。

怎么出现的呢?

  • 天才的Tridgell基于微软和英特尔开发的SMB协议,为了解决UNIX和windows系统之间的共享问题,开发出了SMB Server服务程序。

上一小节介绍的FTP足以让主机之间共享的文件资源,FTP的文件共享本质上是文件传输,不具备文件系统挂载,SMB在设计之初是工作在局域网下,工作在TCP 139端口下,随着网络的不断发展,后有增加了TCP 445,同时NetBios实现名称解析。使用UDP 137 和UDP 138实现数据指令传输。SAMBA还有很多其他的功能、应用场景,本小节主要介绍文件服务。

SMB(Server Message Block)协议实现文件共享,也称为CIFS(Common Internet File System)。

SAMBA的开发者在开发之初为兼容微软的SMB协议,SMB的源码并不开源。采用的是构造数据包方式,这什么意思呢?SMB发出了数据包是什么样,构造能发相同的数据包的源码即实现其功能。

SAMBA实现了CIFS服务的四个基本功能:

  • 文件和打印共享

  • 认证和授权

  • 名称解析

  • 服务宣告

微软的CIFS协议基于SMB协议,SMB协议基于NetBIOS实现名称解析的。设计NetBIOS 之初,TCP/IP还没出现,局域网主机之间通信是使用主机名称+共享资源+服务类型来进行通信。TCP/IP出现之后,对NetBIos进行了更新,使用NetBIOS over TCP/IP实现跨网段的共享,有学过网络的朋友,比较容易理解。原本不能路由的数据包能够路由了,自然能够跨网段。后面每个功能都对应着一些进程,主要是这几个进程:

  • Smbd:文件共享主进程TCP 139/445

  • Nmbd : WINS通信、名称解析UDP 137/138

  • Winbindd:同步系统账号

  • 其他10多个进程

开始配置

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install samba libpam</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">winbind </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#安装</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">samba</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">dhcp</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#指定WINS服务器,默认配置指向的是本机网卡</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">samba</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Smb</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#主配置文件</span></code></span></span></p></li>
   </ol>

SAMBA服务有两种应用场景

  • 一:对私,需要身份认证才能进行资源共享

  • 二:对公,不需要身份认证,所有人都可以访问到文件

并且这两种场景可以同时部署,即部分文件配置为需要认证才能看到,部分文件不经认证也可以看到。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">samba</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">smb</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#主配置文件</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">workgroup </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> WORKGROUP </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#Windows下默认的是WORKGROUP,根据windows具体情况来配置</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">[</span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Private</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">]</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#共享名称</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> comment</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">private share </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#共享描述</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> path</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">private </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#共享目录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> browseable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">yes </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#设置共享是否浏览,“no"表示隐藏</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> guesk</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ok</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">no </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#是否windows下的来宾账号访问</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> writable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">yes </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#共享是否具有可写权限</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#read only=yes 可配置为只读</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> create mask</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">0755</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#创建文件的权限为755</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> valid users</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">@samba</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#可访问共享的用户组</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#注意缩进</span></code></span></span></p></li>
   </ol>

使命cmd输入命令也可以看到

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo adduser smb </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#新建一个用户,设置相关信息</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo groupadd samba </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#创建组</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo gpasswd </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">a smb samba </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#"smb"用户加入"samba"组</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo smbpasswd </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">a smb </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#设置"smb"用户使用SAMBA服务的密码</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo mkdir </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">private </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#创建共享目录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ls </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ld </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">private </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#可以看到目录的所有者和所有组都是root,可以将所有组更改为samba,这样一来samba组内的用户拥有全部权限了,不推荐</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo setfacl </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">R </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">m </span><span class="str" style="box-sizing: border-box;color: rgb(153, 204, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">"g:samba:rwx"</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">private </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#推荐使用acl添加权限,这里演示给了全部权限擦头</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ls </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ld </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">private </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#再次查看,权限多了一个"+"号</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">getfacl </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">private </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#可查看完整权限</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">testparm </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#samba服务提供的配置检查工具</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl restart smbd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service nmbd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#sambd服务的smbd和nmbd进程</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl status smbd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service nmbd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
   </ol>

如果配置没有出错,局域网下的win虚拟机文件浏览器中输入 \\host(host为共享的主机IP),即可看到共享目录,点击目录,输入’smb’和密码(不是用户密码)即可进入目录。

使用windows下的cmd命令 net uset可以查看共享会话,使用 netuse\\host\Private/delete删除会话。Linux下有挂载命令,windows下也类似。使用 netusex:\\host\Private可将共享会话映射为一个盘符。

Linux下的文件浏览器能够看到一个以’$’结尾的文件夹,这是前面配置中定义的设备,windows下被隐藏。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">smbclient </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">L </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">//</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">hsot </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看目标服务器信息</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">smbclient </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">L </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">//</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">host </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">U user</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">mount </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">t cifs </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">o username</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">smb </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">//</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">host</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Private</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">mnt </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#挂载,指定用户smb,默认以当前用户账号</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">fstab </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#开机自动挂载</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">//</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">host</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Private</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">mnt cifs user</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">smb</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">,</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pass</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">smb </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">0</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">0</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span></code></span></span></p></li>
   </ol>

开放共享文件夹

Windows下将不提供登录账号的用户映射为guest,无须输入密码。具体配置方式和私有略有差异,大体是相同的。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">samba</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">smb</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">[</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">global</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">]</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">workgroup</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">WORKGROUP</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">security</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">user</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">map to guest</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">bad user</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">guest ok</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">yes</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">[</span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Public</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">]</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> comment</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">public share</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> path</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">public</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> browseable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">yes</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> writable</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">yes</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> guest ok</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">yes</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo mkdir </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">public</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo setfacl </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">R </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">m </span><span class="str" style="box-sizing: border-box;color: rgb(153, 204, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">"u:nobody:rwx"</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">srv</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">public</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl restart smbd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service nmbd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service</span></code></span></span></p></li>
   </ol>

点击Public即可不经过认证创建可删除文件。创建文件右键属性安全可查看到相关的用户与组权限,Private任然是需要认证的。

最后是两条命令

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">smbd </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">--</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">version </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看samba的版本信息</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo smbstayus </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看samba的链接信息</span></code></span></span></p></li>
   </ol>

总结

这一章主要介绍FTP、NFS、SAMBA。具体应用的软件包有VSFTP、SAMBA。涉及的协议点有FTP、SMB、NFS共享协议,建议抓包理解其过程。其中提及了FTP与SSH隧道的结合,FTP与Kerberos协议的结合,有机会我也想完整的了解其过程。

后话

这几周连续写,手腕有点撑不住,上周去了医院,后面章节内容过多。更新的速度会放缓。

同时买了一些书,手撑不住的时候就看书,做做笔记。

本文源自微信公众号:渗透云笔记

人已赞赏
安全工具

实录对话菲律宾BC HR

2019-10-16 17:21:59

安全工具

Ubuntu Server 第三章 包管理

2019-10-16 17:22:07

0 条回复 A文章作者 M管理员
    暂无讨论,说说你的看法吧
个人中心
购物车
优惠劵
今日签到
有新私信 私信列表
搜索