我的VSFTP配置文件讲解(附配置文件)
Example config file /etc/vsftpd.conf
listen=YES
#listen_ipv6=YES #
Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=YES #anon_root=/home/ftp#匿名用户登录时目录,默认为/home/ftp local_enable=YES #是否启用本地用户 #local_root=/home/ftp #本地用户登录时目录 #write_enable=YES #是否允许本地用户写 #local_umask=022 #anon_upload_enable=YES #是否允许匿名用户上传 #anon_mkdir_write_enable=YES #是否允许匿名用户新建目录 #dirmessage_enable=YES #是否允许改变目录时显示目录下.message中的内容 #
Activate logging of uploads/downloads.
xferlog_enable=YES #
Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
If you want, you can arrange for uploaded anonymous files to be owned by
a different user. Note! Using “root” for uploaded files is not
recommended!
#chown_uploads=YES #chown_username=whoever#改变上传文件的所有者为whoever xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES # 使用标准的ftpd xferlog日志格式 #
You may change the default value for timing out an idle session.
#idle_session_timeout=600 #将在用户会话空闲10分钟后被中断 #data_connection_timeout=120 #将在数据连接空闲2分钟后被中断
It is recommended that you define on your system a unique user which the
ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure #运行vsftpd需要的非特殊系统用户默认nobody #async_abor_enable=YES #是否允许运行特殊的FTP命令async #ascii_upload_enable=YES #启用上传的ascii传输方式 #ascii_download_enable=YES #启用下载的ascii传输方式 ftpd_banner=Welcome to blah FTP service. #deny_email_enable=YES #是否允许某些匿名用户使用邮件地址(默认的)
(default follows)
#banned_email_file=/etc/vsftpd.banned_emails #如果是输入禁止的邮件地址的路径和名
You may restrict local users to their home directories. See the FAQ for
the possible risks in this before using chroot_local_user or
chroot_list_enable below.
#a在 默认配置中,本地用户可以切换到自家目录以外的目录进行浏览,并在权限许可的范围内进行下载和上 #a传。这样的设置对于一个FTP服务器来说是不安全的。 #a如果希望用户登录后不能切换到自家目录以外的目 #a录,则需要设置chroot选项,涉及如下选项: #chroot_local_user=YES #如果为YES,则下面的设置可以免掉,表示将所有的本地用户限制在自家目录,如果为NO则启用下面的设置,仅使chroot_list_file中的用户限制在自家目录中 #chroot_list_enable=YES #chroot_list_file=/etc/vsftpd.chroot_list #a注意 :上面所提及的文件/etc/vsftpd.chroot_list和下面将要提及的文件 /etc/vsftpd.user_list的格式要#求均为每个 用户名占一行。 #ls_recurse_enable=YES #是否使用ls-R命令已防止浪费大量的服务器资源 secure_chroot_dir=/var/run/vsftpd #a这个选项必须指定一个空的数据夹且任何登入者都不能有写入的权限,当vsftpd 不需要file system 的权#限时,就会将使用者限制在此数据夹中。默认值为/var/run/vsftpd #
This string is the name of the PAM service vsftpd will use.
pam_service_name=vsftpd #定义PAM 所使用的名称,预设为vsftpd #
This option specifies the location of the RSA certificate to use for SSL
encrypted connections.
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #vsftpd用的rsa证书的位置 #
This option specifies the location of the RSA key to use for SSL
encrypted connections.
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key #算法钥匙地址!
########################encoding patch #setting######################## charset_filter_enable=YES charset_client=gbk charset_server=UTF8
附:
Example config file /etc/vsftpd.conf
listen=YES
#listen_ipv6=YES
anonymous_enable=YES
#local_enable=YES
#write_enable=YES
#local_umask=022
#anon_upload_enable=YES
#anon_mkdir_write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
#chown_uploads=YES #chown_username=whoever
#xferlog_file=/var/log/vsftpd.log
#xferlog_std_format=YES
#idle_session_timeout=600
#data_connection_timeout=120
#nopriv_user=ftpsecure
#async_abor_enable=YES
#ascii_upload_enable=YES #ascii_download_enable=YES # dirmessage_enable=YES
You may fully customise the login banner string:
ftpd_banner=Welcome to blah FTP service.
#deny_email_enable=YES
(default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#chroot_local_user=YES
#chroot_list_enable=YES
(default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
#ls_recurse_enable=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #
This option specifies the location of the RSA key to use for SSL
encrypted connections.
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
########################encoding patch #setting######################## charset_filter_enable=YES charset_client=gbk charset_server=UTF8