由 ruochen 在 05-18-2003 12:26 发表:

我的rh9.0的vsftp怎么就是跑不起来!~~

以下是我的vsftp.conf文件!~

Example config file /etc/vsftpd.conf

The default compiled in settings are very paranoid. This sample file

loosens things up a bit, to make the ftp daemon more usable.

Allow anonymous FTP?

anonymous_enable=YES

Uncomment this to allow local users to log in.

local_enable=YES

Uncomment this to enable any form of FTP write command.

write_enable=YES

Default umask for local users is 077. You may wish to change this to 022,

if your users expect that (022 is used by most other ftpd's)

local_umask=022

Uncomment this to allow the anonymous FTP user to upload files. This only

has an effect if the above global write enable is activated. Also, you will

obviously need to create a directory writable by the FTP user.

#anon_upload_enable=YES

Uncomment this if you want the anonymous FTP user to be able to create

new directories.

#anon_mkdir_write_enable=YES

Activate directory messages - messages given to remote users when they

go into a certain directory.

dirmessage_enable=YES

Activate logging of uploads/downloads.

xferlog_enable=YES

Make sure PORT transfer connections originate from port 20 (ftp-data).

connect_from_port_20=YES

If you want, you can arrange for uploaded anonymous files to be owned by

a different user. Note! Using "root" for uploaded files is not

recommended!

#chown_uploads=YES

#chown_username=whoever

You may override where the log file goes if you like. The default is shown

below.

xferlog_file=/var/log/vsftpd.log

If you want, you can have your log file in standard ftpd xferlog format

xferlog_std_format=YES

You may change the default value for timing out an idle session.

idle_session_timeout=600

You may change the default value for timing out a data connection.

data_connection_timeout=120

It is recommended that you define on your system a unique user which the

ftp server can use as a totally isolated and unprivileged user.

#nopriv_user=ftpsecure

Enable this and the server will recognise asynchronous ABOR requests. Not

recommended for security (the code is non-trivial). Not enabling it,

however, may confuse older FTP clients.

#async_abor_enable=YES

By default the server will pretend to allow ASCII mode but in fact ignore

the request. Turn on the below options to have the server actually do ASCII

mangling on files when in ASCII mode.

Beware that turning on ascii_download_enable enables malicious remote parties

to consume your I/O resources, by issuing the command "SIZE /big/file" in

ASCII mode.

These ASCII options are split into upload and download because you may wish

to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),

without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be

on the client anyway..

#ascii_upload_enable=YES

#ascii_download_enable=YES

You may fully customise the login banner string:

ftpd_banner=Welcome to blah FTP service.

You may specify a file of disallowed anonymous e-mail addresses. Apparently

useful for combatting certain DoS attacks.

#deny_email_enable=YES

(default follows)

#banned_email_file=/etc/vsftpd.banned_emails

You may specify an explicit list of local users to chroot() to their home

directory. If chroot_local_user is YES, then this list becomes a list of

users to NOT chroot().

chroot_list_enable=YES

(default follows)

chroot_list_file=/etc/vsftpd.chroot_list

You may activate the "-R" option to the builtin ls. This is disabled by

default to avoid remote users being able to cause excessive I/O on large

sites. However, some broken FTP clients such as "ncftp" and "mirror" assume

the presence of the "-R" option, so there is a strong case for enabling it.

#ls_recurse_enable=YES

pam_service_name=vsftpd

userlist_enable=YES

#enable for standalone mode

listen=YES

tcp_wrappers=YES

anon_root=/var/ftp/pub

由 ruochen 在 05-18-2003 12:31 发表:

以下是我执行的一些命令的 显示!!~~望高手指点!~

[root@ruochen root]# /sbin/service vsftpd restart

关闭 vsftpd： [失败]

为 vsftpd 启动 vsftpd： [ 确定 ]

[root@ruochen root]# /etc/rc.d/init.d/vsftpd restart

关闭 vsftpd： [失败]

为 vsftpd 启动 vsftpd： [ 确定 ]

[root@ruochen root]# /sbin/service vsftpd status

vsftpd 已死，但是 subsys 被锁

[root@ruochen root]# killall vsftpd

vsftpd: no process killed

[root@ruochen root]# nmap ruochen

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )

Interesting ports on ruochen (127.0.0.1):

(The 1587 ports scanned but not shown below are in state: closed)

Port State Service

21/tcp open ftp

22/tcp open ssh

53/tcp open domain

80/tcp open http

111/tcp open sunrpc

139/tcp open netbios-ssn

443/tcp open https

631/tcp open ipp

783/tcp open hp-alarm-mgr

953/tcp open rndc

1024/tcp open kdm

1025/tcp open NFS-or-IIS

3306/tcp open mysql

6000/tcp open X11

Nmap run completed -- 1 IP address (1 host up) scanned in 2 seconds

samaung753dfx+msikt333+duron1.2+128ram+GF2 400+st60G+ecom+samsung52cdrom

+rt8139

winxp+2000server+freebsd5.1+fedora1.0+debian3.0

由 ruochen 在 05-18-2003 12:52 发表:

我在本机用gftp的结果!!

查找 210.43.133.45

尝试 210.43.133.45:21

连接到 210.43.133.45:21

220 ruochen FTP server (Version 5.60) ready.

USER anonymous

331 Guest login ok, send ident as password.

PASS xxxx

230 Guest login ok, access restrictions apply.

TYPE I

200 Type set to I.

PWD

257 "/" is current directory.

PASV

227 Entering Passive Mode (210,43,133,45,13,98)

LIST -aL

150 Opening BINARY mode data connection for /bin/ls.

226 Transfer complete.

230 Guest login ok, access restrictions apply.

他说能访问亚!!~

samaung753dfx+msikt333+duron1.2+128ram+GF2 400+st60G+ecom+samsung52cdrom

+rt8139

winxp+2000server+freebsd5.1+fedora1.0+debian3.0

由 ruochen 在 05-18-2003 13:17 发表:

我的gssftp文件!~

default: off

description: The kerberized FTP server accepts FTP connections \

that can be authenticated with Kerberos 5.

service ftp

{

disable = yes

flags = REUSE

socket_type = stream

wait = no

user = root

server = /usr/kerberos/sbin/ftpd

server_args = -l -a

log_on_failure += USERID

}

我只将disable = no改成了 yes

samaung753dfx+msikt333+duron1.2+128ram+GF2 400+st60G+ecom+samsung52cdrom

+rt8139

winxp+2000server+freebsd5.1+fedora1.0+debian3.0

由 ruochen 在 05-18-2003 13:21 发表:

xinetd.conf

RH 9.0的这个文件到哪里找??

!!!!

samaung753dfx+msikt333+duron1.2+128ram+GF2 400+st60G+ecom+samsung52cdrom

+rt8139

winxp+2000server+freebsd5.1+fedora1.0+debian3.0

由 ruochen 在 05-18-2003 14:23 发表:

[root@ruochen root]# ftp 210.43.133.45

Connected to 210.43.133.45.

220 ruochen FTP server (Version 5.60) ready.

334 Using authentication type GSSAPI; ADAT must follow

GSSAPI accepted as authentication type

GSSAPI error major: Miscellaneous failure

GSSAPI error minor: No credentials cache found

GSSAPI error: initializing context

GSSAPI authentication failed

334 Using authentication type KERBEROS_V4; ADAT must follow

KERBEROS_V4 accepted as authentication type

Kerberos V4 krb_mk_req failed: You have no tickets cached

Name (210.43.133.45:root):

530 Must perform authentication before identifying USER.

Login failed.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp>

samaung753dfx+msikt333+duron1.2+128ram+GF2 400+st60G+ecom+samsung52cdrom

+rt8139

winxp+2000server+freebsd5.1+fedora1.0+debian3.0

由 ruochen 在 05-18-2003 15:03 发表:

standalone

谁可以具体解说一下这个马??

samaung753dfx+msikt333+duron1.2+128ram+GF2 400+st60G+ecom+samsung52cdrom

+rt8139

winxp+2000server+freebsd5.1+fedora1.0+debian3.0

由 ruochen 在 05-18-2003 15:22 发表:

怎么进入了我的ftp,什么东西也看不见亚 !~~

samaung753dfx+msikt333+duron1.2+128ram+GF2 400+st60G+ecom+samsung52cdrom

+rt8139

winxp+2000server+freebsd5.1+fedora1.0+debian3.0

由 ruochen 在 05-19-2003 14:25 发表:

就没有人来看吗?

管理员呢???

samaung753dfx+msikt333+duron1.2+128ram+GF2 400+st60G+ecom+samsung52cdrom

+rt8139

winxp+2000server+freebsd5.1+fedora1.0+debian3.0

由 ruochen 在 05-19-2003 15:36 发表:

发信人:?WindowsNT?(不要用我@不再上网聊天!),?信区:?Linux???????

标??题:?[DOC]安装vsftpd

发信站:?BBS?水木清华站?(Wed?May??7?11:57:13?2003),?转信

安装vsftpd

=======

本文件介绍如何用vsftpd源代码包.tar.gz文件，编译、安装并运行vsftpd。

第1步：编译vsftpd。

切换到解压缩vsftpd?.tar.gz文件时创建的目录。

例如：

cd?vsftpd-1.1.2

编译?"builddefs.h"，以进行编译时设置（例如tcp?wrappers安装）。

然后只需要输入?"make"?（如果编译不成功，请给我发电子邮件以修正它:-））。

然后将会产生一个vsftpd二进制文件。可以使用命令来验证它，例如：

[chris@localhost?vsftpd]$?ls?-l?vsftpd

-rwxrwxr-x????1?chris????chris???????61748?Sep?27?00:26?vsftpd

第2步：检查vsftpd必需条件

2a)?在默认配置中，vsftpd需要用户"nobody"。如果没有这个用户，则添加该用户。

例如：

[root@localhost?root]#?useradd?nobody

useradd:?user?nobody?exists

2b)?在默认配置中，vsftpd需要空目录/usr/share/empty。如果这个目录不存在，则

添加该目录。例如：

[root@localhost?root]#?mkdir?/usr/share/empty/

mkdir:?cannot?create?directory?`/usr/share/empty':?File?exists

2c)?对于匿名FTP，需要有一个用户"ftp"存在，并且需要有一个有效的宿主目录（用

户"ftp"不具有该目录的所有权和写入权）。如果不存在用户"ftp"，下面的命令可以

设置该用户：

[root@localhost?root]#?mkdir?/var/ftp/

[root@localhost?root]#?useradd?-d?/var/ftp?ftp

(如果用户"ftp"已经存在，则可以使用下述二个命令)。

[root@localhost?root]#?chown?root.root?/var/ftp

[root@localhost?root]#?chmod?og-w?/var/ftp

第3步：安装vsftpd配置文件，可执行文件，帮助手册页，等。

运行"make?install"命令，将试图自动复制二进制文件、手册页等到适当位置。

另外，你也可以手工复制这些文件。例如：

cp?vsftpd?/usr/local/sbin/vsftpd

cp?vsftpd.conf.5?/usr/local/man/man5

cp?vsftpd.8?/usr/local/man/man8

"make?install"?不会复制范例配置文件。推荐手工复制范例配置文件：

cp?vsftpd.conf?/etc

第4步：进行测试（不使用inetd方式）。

vsftpd?可以按独立方式运行，也可以作为inetd（例如inetd或xinetd）的服务运行。

通常把它作为inetd的服务运行时，可以进行更多的控制。但是现在我们将不以这种

方式运行，以便我们可以检查到目录为止它是能正常工作。

编辑?/etc/vsftpd.conf?文件，并在最后添加如下内容：

listen=YES

这一行内容将告诉vsftpd，它不会作为inetd的服务运行。

现在让我们来尝试运行它！

作为root用户登录。

确认当前没有运行其他FTP服务器程序（否则vsftpd将不能使用FTP端口，21）。

从vsftpd可执行文件的位置处运行该文件，例如：

[root@localhost?root]#?/usr/local/sbin/vsftpd?&

[1]?2104

如果一切正常，则现在应该可以连接了！例如：

[chris@localhost?chris]$?ftp?localhost

Connected?to?localhost?(127.0.0.1).

220?(vsFTPd?1.1.1)

Name?(localhost:chris):?ftp

331?Please?specify?the?password.

Password:

230?Login?successful.?Have?fun.

Remote?s