Kwinqaku elilandelayo siza kujonga indlela yokufaka i-vsftpd kwi-Ubuntu. Nokuba ufuna ukwenza iseva yasekhaya, iseva yewebhu, iserver yomdlalo okanye nayiphi na iseva efanele iprojekthi yakho, i-FTP yeyona ndlela ilula yokuhambisa idatha ukusuka kwenye inkqubo iye kwenye. Kungenxa yoko le nto siza kubona indlela yokwenza ufakelo kunye noqwalaselo olusisiseko lweseva ye-FTP ku-Ubuntu.
FTPt Inkqubo yokudlulisa ifayile, yinkqubo esetyenziselwa ukulayisha (indawookanye ukhuphele (fumana) ezivela kwiserver. Ukhe wayisebenzisa ngaxa lithile ngaphandle kokuyiqonda, xa uthatha iifayile okanye ulayisha imifanekiso kwiwebhu.
Faka iseva ye-FTP ku-Ubuntu
Faka i-vsftpd
Kulo mzekelo, ndiza kufaka i-FPT iseva kwinethiwekhi yendawo yase-Ubuntu 20.04. Ukuba awunayo ifakwe kwikhompyuter yakho, unokufakwa ngomyalelo (Ctrl + Alt + T):
sudo apt install vsftpd
Nje ukuba ifakiwe, siza kuqala ngayo yenza ikopi yefayile yoqwalaselo yoqobo. Ukuba kukho into ehamba gwenxa, useto olungagqibekanga lunokubuyiselwa.
sudo cp /etc/vsftpd.conf /etc/vsftpd.conf_default
Ngoku masenze qalisa inkonzo ngomyalelo:
sudo systemctl start vsftpd
Siqinisekisa ukuba isebenza ne:
sudo systemctl enable vsftpd
Iakhawunti yomsebenzisi we-FTP
Ngale nto Sinokusebenzisa nawuphi na umthengi we-FTP ukufikelela kwiifayile ezibanjwe kwiseva nge-vsftpd. Kwisiphelo (Ctrl + Alt + T) kuya kufuneka sisebenzise umyalelo:
sudo useradd –m nombre-usuario
Buyisela 'lomsebenzisi'ngegama lakho lomsebenzisi. Ngoku siza kuya setha iphasiwedi:
sudo passwd nombre-usuario
Después Siza kuhamba kwifolda yomsebenzisi esandula ukwenziwa:
cd /home/nombre-usuario
Ngokufanelekileyo, i-FTP kufuneka ithintelwe kulawulo oluthile ngezizathu zokhuseleko. IVsftpd isebenzisa iikheji ze-chroot ukufezekisa oku. Nge-chroot enikwe amandla, umsebenzisi wasekhaya ukhawulelwe kulawulo lwasekhaya (ngokungagqibekanga). Kulo mzekelo, siza kwenza umkhombandlela we-ftp oza kusebenza njenge-chroot, kunye nolawulo lweefayile ezinokutshintsha.
Ukuqala senza ifolda ye-FTP:
sudo mkdir ftp
Siza kubeka ipropathi kwifolda ngalo myalelo:
sudo chown nobody:nogroup /home/nombre-usuario/ftp
Ngoku Sisusa iimvume zokubhala zale folda:
sudo chmod a-w /home/nombre-usuario/ftp
Siyaqhubeka nokwenza isikhombisi sefayili kwaye siya kunika ipropathi:
sudo mkdir /home/nombre-usuario/ftp/files sudo chown nombre-usuario:nombre-usuario /home/nombre-usuario/ftp/files
Okwangoku, siya kuthi yenza ifayile yovavanyo kwifolda eneefayile:
echo "vsftpd archivo de ejemplo" | sudo tee /home/nombre-usuario/ftp/files/ejemplo.txt
Ukukhusela iseva ye-FTP
Kweli nqanaba masivule amazibuko angama-20 nangama-21 e-FTP. Izibuko elingu-40000-50000 liya kugcinelwa uluhlu lwamazibuko anokuhamba aya kuthi kamva abekwe kwifayile yoqwalaselo kwaye izibuko le-990 liya kusetyenziswa xa i-TLS yenziwe. Sebenzisa oku kulandelayo ukuze uyenze:
sudo ufw allow 20/tcp; sudo ufw allow 21/tcp; sudo ufw allow 990/tcp; sudo ufw allow 40000:50000/tcp
Ukuba usebenzisa i-firewall eyahlukileyo, jonga amaxwebhu ayo ukuvula izibuko.
Qwalasela i-vsftpd
Kuba sifuna ukuba abasebenzisi bakwazi ukulayisha iifayile, siza kuya hlela vsftpd ifayile yoqwalaselo:
sudo vim /etc/vsftpd.conf
Ngaphakathi kwifayile esiya kuyenza fumana la amangenelo alandelayo kwaye uncomment kuwo:
anonymous_enable=NO write_enable=YES local_enable=YES
Chroot_local_user ngekhe kuphawulwe, Ngale nto siqinisekisa ukuba umsebenzisi oxhunyiwe ufikelela kuphela kwiifayile ngaphakathi kwincwadi evunyelweyo:
chroot_local_user=YES
Siza kongeza ngesandla amaxabiso amatsha esiphelweni sefayile. Oku izakuvumela ubumbeko ukuba lusebenze nomsebenzisi wangoku kunye naye nawuphi na omnye umsebenzisi ongezwe kamva:
user_sub_token=$USER local_root=/home/$USER/ftp
Qala kabusha idemon ukulayisha utshintsho:
sudo systemctl restart vsftpd
Unxibelelwano olubhaliweyo
Siza kusebenzisa i-TTL / SSL ukuqinisekisa ukhuseleko. Kuya kufuneka senze isatifikethi se-SSL kwaye sisisebenzise ukukhusela iseva ye-FTP. Siza kwenza oku ngomyalelo:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem
Iflegi -iintsuku isenza isiqinisekiso sisebenze unyaka omnye kwaye sibandakanyile Isitshixo sangasese sama-2048-RSA sangasese ngomyalelo ofanayo. Xa ugqibile ukwenza isatifikethi, vula ifayile yoqwalaselo kwakhona:
sudo vim /etc/vsftpd.conf
Ekupheleni kwefayile kufuneka sifumane imigca emibini eqala nge «rsa«. Gqabaza yomibini le migca kwaye ubhale oku kulandelayo:
rsa_cert_file=/etc/ssl/private/vsftpd.pem rsa_private_key_file=/etc/ssl/private/vsftpd.pem
Ngoku siza kwenza i-SSL ukuze abathengi kuphela abane-SSL abakwaziyo ukunxibelelana. Guqula ixabiso le-ssl_nokwenziwa libe ngu-YES:
ssl_enable=YES
ukuba Sukuvumela unxibelelwano olungaziwayo ngaphezulu kwe-SSLyongeza imigca:
allow_anon_ssl=NO force_local_data_ssl=YES force_local_logins_ssl=YES
Qwalasela iserver ukuba isebenzise i-TLSukongeza:
ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO
Siza kuyifumana loo nto Akukho sidingo sokuphinda usebenzise i-SSL, kuba inokubangela ukuba abathengi abaninzi be-FTP bangasebenzi. Yintoni egqithisile Siza kusebenzisa ii-encryption suites eziphezulu, ukongeza imigca:
require_ssl_reuse=NO ssl_ciphers=HIGH
Sigcina ifayile kwaye siqala inkonzo kwakhona:
sudo systemctl restart vsftpd
Ukufikelela kumthengi we-FTP
Ngoku sinokunxibelelana neseva yethu ye-FTP. Yale Singasebenzisa usetyenziso olusuka kwindawo yemizobo okanye i-ftp terminal command. Ukuba ukhetha imeko yemizobo, uya kudinga umxhasi we-FTP njengeFayileZilla. Ukuyifaka unako tyhila kwinqaku ukuba ugxa wakhe ubhale kule bhlogi kwithuba elidlulileyo.
Nje ukuba iFayilezilla ifakwe kwaye iqaliswe, yenza Cofa kwiFayile / kuMphathi weSiza. Into elandelayo iya kuba kukucofa ku "Indawo entsha".
Kwiphaneli elungileyo, khetha umthetho olandelwayo we-FTP. Ukuba usebenzisa i-FTPS, khetha i-TLS yokubethela. Ukulandela, bhala igama lenginginya okanye idilesi ye-IP kwiServer kwaye ungeze izibuko (21). Yenzelwe yena imo yofikelelo khetha Eqhelekileyo, kwaye ubhale iziqinisekiso zeakhawunti yakho Egama lomsebenzisi kunye negama lokugqitha. Cofa Qhagamshela.
Kuya kufuneka sisamkele isatifikethi esiyenzileyo ngaphambili.
Okwangoku siza kubona umzekelo wefayile esiyenzileyo ngaphakathi kwifolda yeefayile. Ngoku sinokuqala ukusebenzisa iseva yethu ye-FTP. Tsala nje kwaye ulahle iifayile ofuna ukuzihambisa.
Sisebenzisa i-FTP, sinokubamba idatha ngalo lonke ixesha siyifuna. Inga funda ngakumbi nge-vsftpd kunye noqwalaselo lwayo kwi Iphepha lamaxwebhu Ubuntu.
Isifundo esigqibeleleyo, indincedile ukumisela iseva ye-ftp kumcimbi wemizuzu embalwa.
Isifundo esihle, esiqondakalayo ukusuka ekuqaleni ukuya ekugqibeleni. Ndinombuzo, ndine-PC kunye ne-Debian 11 Plasma, kunye nebhokisi ebonakalayo ene-centos 7. Kwi-centos ndifake iseva ye-ftpy kwaye ndenze umsebenzisi. Ngoku ukusuka kwiDebian kunye nedolphin ndifikelela ngaphandle kweengxaki, ingxaki kukuba andinakwenza iifolda okanye iifayile, nangona kunjalo ukusuka kwezinye izinto ezibonakalayo (xp, ezisixhenxe, linuxmint), ukuba ndiyakwazi ukudala ngaphandle kweengxaki, kutheni kunjalo?