Bii o ṣe le Fi sii, Tunto ati aabo FTP Server ni RHEL 8

FTP (o duro fun\"Ilana Gbigbe Faili") jẹ boṣewa ati ilana nẹtiwọki atijọ ti a lo fun gbigbe awọn faili laarin alabara ati olupin lori nẹtiwọọki kọnputa kan. O ti kọ lori ilana awoṣe awoṣe olupin-onibara, eyiti o funni ni iraye si awọn faili ati awọn ilana nipasẹ alabara FTP kan, lati gbe awọn faili si olupin bii igbasilẹ awọn faili lati inu rẹ.

Ninu nkan ti tẹlẹ wa, a ti ṣalaye bi a ṣe le fi sori ẹrọ, tunto ati aabo FTP Server ni CentOS/RHEL 7 fun gbigbe awọn faili kọnputa laarin alabara ati olupin lori nẹtiwọọki kọnputa kan.

Ninu àpilẹkọ yii, a yoo ṣe apejuwe bi o ṣe le fi sori ẹrọ, tunto ati aabo olupin FTP lori RHEL 8 fun pinpin faili ipilẹ laarin awọn kọnputa.

Fi olupin FTP sori RHEL 8

1. Lati fi sori ẹrọ package FTP to ni aabo, lo aṣẹ dnf atẹle.

# dnf install vsftpd

2. Nigbati fifi sori ba pari, o nilo lati bẹrẹ iṣẹ vsftpd fun akoko yii, jẹ ki o bẹrẹ laifọwọyi ni bata eto ati lẹhinna ṣayẹwo ipo naa nipa lilo awọn ilana systemctl atẹle.

# systemctl start vsftpd
# systemctl enable vsftpd
# systemctl status vsftpd

3. Itele, o nilo lati ṣii ibudo FTP 21 lori ogiriina eto lati gba aaye si awọn iṣẹ FTP lati awọn ọna itagbangba.

# firewall-cmd --zone=public --permanent --add-port=21/tcp
# firewall-cmd --zone=public --permanent --add-port=45073/tcp
# firewall-cmd --reload

Ṣe atunto Olupin FTP lori RHEL 8

4. Lati tunto olupin FTP kan, o nilo lati mu afẹyinti ti faili iṣeto FTP akọkọ /etc/vsftpd/vsftpd.conf lilo pipaṣẹ ẹda atẹle.

# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.orig

5. Lẹhinna ṣii faili iṣeto ni lilo olootu laini aṣẹ ayanfẹ rẹ.

# vi /etc/vsftpd/vsftpd.conf

Ṣeto awọn ipele atẹle pẹlu awọn iye to baamu wọnyi (wo eniyan vsftpd.conf fun awọn itumọ ti awọn iwọn iṣeto):

anonymous_enable=NO             
local_enable=YES		
write_enable=YES		
local_umask=022		        
dirmessage_enable=YES	        
xferlog_enable=YES		
connect_from_port_20=YES        
xferlog_std_format=YES          
listen=NO   			
listen_ipv6=YES		        
pam_service_name=vsftpd        

6. Itele, o nilo lati tunto FTP lati gba/sẹ awọn olumulo ni iraye si awọn iṣẹ FTP da lori faili atokọ olumulo /etc/vsftpd.userlist.

Nipa aiyipada, awọn olumulo ti a ṣe akojọ ninu /etc/vsftpd.userlist faili ni a ko ni iwọle pẹlu aṣayan userlist_deny ti a ṣeto si BẸẸNI , ti olumulolist_enable = BẸẸNI , o jẹ ki iraye si.

Ṣugbọn, ṣiṣeto paramita userlist_deny = KO SI yi eto pada, tumọ si pe awọn olumulo nikan ni a ṣe akojọ ni kedere ni userlist_file =/etc/vsftpd.userlist yoo gba laaye lati wọle.

Nitorinaa, ṣafikun awọn ila wọnyi ninu faili iṣeto rẹ vsftpd.conf (tabi ti o ba ti wa tẹlẹ, sọ wọn di mimọ ki o ṣeto awọn iye wọn bi o ti han):

userlist_enable=YES                   # allow access to list of usernames from the userlist_file
userlist_file=/etc/vsftpd.userlist    # stores usernames.
userlist_deny=NO   

7. Bayi ṣafikun awọn ila wọnyi ni vsftpd.conf faili iṣeto rẹ lati ni ihamọ awọn olumulo FTP si awọn ilana Ile wọn.

chroot_local_user=YES		#means local users will be placed in a chroot jail, their home directory after login by default settings.
user_sub_token=$USER         	
local_root=/home/$USER/ftp   	

Fipamọ awọn ayipada ninu faili ki o pa a.

8. Ṣeto ofin SELle boolean wọnyi lati jẹ ki FTP lati ka/kọ awọn faili ti itọsọna ile olumulo.

# semanage boolean -m ftpd_full_access --on

9. Lakotan tun bẹrẹ iṣẹ vsftpd lati ni ipa lori gbogbo awọn ayipada ti a ṣe bẹ loke loke:

# systemctl restart vsftpd

Idanwo Olupin FTP lori RHEL 8

10. Lati ṣe idanwo ti iṣeto FTP ti o wa loke n ṣiṣẹ daradara, bẹrẹ nipa ṣiṣẹda olumulo FTP pẹlu aṣẹ usedd ati ṣẹda ọrọ igbaniwọle fun olumulo yẹn.

# useradd -m -c "Tecmint HowTos" -s /bin/bash tecmint
# passwd tecmint

11. Lẹhinna ṣafikun tecmint olumulo si faili /etc/vsftpd.userlist nipa lilo iwoyi iwoyi bi atẹle.

# echo "tecmint" | tee -a /etc/vsftpd.userlist
# cat /etc/vsftpd.userlist

12. Lẹhinna ṣẹda itọsọna gbongbo agbegbe miiran fun olumulo (tecmint, tirẹ ṣee ṣe yatọ) ati ṣeto awọn igbanilaaye ti o yẹ lori itọsọna yii.

# mkdir -p /home/tecmint/ftp
# chown nobody:nobody /home/tecmint/ftp
# chmod a-w /home/tecmint/ftp

13. Nigbamii, ṣẹda itọsọna inu ipo gbongbo agbegbe, nibiti olumulo yoo tọju awọn faili rẹ.

# mkdir /home/tecmint/ftp/files
# chown tecmint:tecmint /home/tecmint/ftp/files
# chmod 0700 /home/tecmint/ftp/files/

14. Bayi sopọ si olupin FTP nipa lilo eyikeyi alabara FTP bi atẹle.

# ftp [email 

Connected to 192.168.56.100
220 Welcome to TecMint.com FTP service.
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls

O n niyen! Ninu àpilẹkọ yii, a ṣe apejuwe bi o ṣe le fi sori ẹrọ, tunto bi daradara bi aabo olupin FTP ni RHEL 8. Ninu nkan wa ti n bọ, a yoo fihan bi a ṣe le rii olupin FTP ni aabo nipa lilo awọn isopọ SSL/TLS. Titi di igba naa, duro pẹlu wa.