Bii o ṣe le Fi sii, Tunto ati aabo FTP Server ni RHEL 8
FTP (o duro fun\"Ilana Gbigbe Faili") jẹ boṣewa ati ilana nẹtiwọki atijọ ti a lo fun gbigbe awọn faili laarin alabara ati olupin lori nẹtiwọọki kọnputa kan. O ti kọ lori ilana awoṣe awoṣe olupin-onibara, eyiti o funni ni iraye si awọn faili ati awọn ilana nipasẹ alabara FTP kan, lati gbe awọn faili si olupin bii igbasilẹ awọn faili lati inu rẹ.
Ninu nkan ti tẹlẹ wa, a ti ṣalaye bi a ṣe le fi sori ẹrọ, tunto ati aabo FTP Server ni CentOS/RHEL 7 fun gbigbe awọn faili kọnputa laarin alabara ati olupin lori nẹtiwọọki kọnputa kan.
Ninu àpilẹkọ yii, a yoo ṣe apejuwe bi o ṣe le fi sori ẹrọ, tunto ati aabo olupin FTP lori RHEL 8 fun pinpin faili ipilẹ laarin awọn kọnputa.
Fi olupin FTP sori RHEL 8
1. Lati fi sori ẹrọ package FTP to ni aabo, lo aṣẹ dnf atẹle.
# dnf install vsftpd
2. Nigbati fifi sori ba pari, o nilo lati bẹrẹ iṣẹ vsftpd fun akoko yii, jẹ ki o bẹrẹ laifọwọyi ni bata eto ati lẹhinna ṣayẹwo ipo naa nipa lilo awọn ilana systemctl atẹle.
# systemctl start vsftpd # systemctl enable vsftpd # systemctl status vsftpd
3. Itele, o nilo lati ṣii ibudo FTP 21 lori ogiriina eto lati gba aaye si awọn iṣẹ FTP lati awọn ọna itagbangba.
# firewall-cmd --zone=public --permanent --add-port=21/tcp # firewall-cmd --zone=public --permanent --add-port=45073/tcp # firewall-cmd --reload
Ṣe atunto Olupin FTP lori RHEL 8
4. Lati tunto olupin FTP kan, o nilo lati mu afẹyinti ti faili iṣeto FTP akọkọ /etc/vsftpd/vsftpd.conf
lilo pipaṣẹ ẹda atẹle.
# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.orig
5. Lẹhinna ṣii faili iṣeto ni lilo olootu laini aṣẹ ayanfẹ rẹ.
# vi /etc/vsftpd/vsftpd.conf
Ṣeto awọn ipele atẹle pẹlu awọn iye to baamu wọnyi (wo eniyan vsftpd.conf fun awọn itumọ ti awọn iwọn iṣeto):
anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_std_format=YES listen=NO listen_ipv6=YES pam_service_name=vsftpd
6. Itele, o nilo lati tunto FTP lati gba/sẹ awọn olumulo ni iraye si awọn iṣẹ FTP da lori faili atokọ olumulo /etc/vsftpd.userlist.
Nipa aiyipada, awọn olumulo ti a ṣe akojọ ninu /etc/vsftpd.userlist
faili ni a ko ni iwọle pẹlu aṣayan userlist_deny
ti a ṣeto si BẸẸNI
, ti olumulolist_enable = BẸẸNI
, o jẹ ki iraye si.
Ṣugbọn, ṣiṣeto paramita userlist_deny = KO SI
yi eto pada, tumọ si pe awọn olumulo nikan ni a ṣe akojọ ni kedere ni userlist_file =/etc/vsftpd.userlist
yoo gba laaye lati wọle.
Nitorinaa, ṣafikun awọn ila wọnyi ninu faili iṣeto rẹ vsftpd.conf
(tabi ti o ba ti wa tẹlẹ, sọ wọn di mimọ ki o ṣeto awọn iye wọn bi o ti han):
userlist_enable=YES # allow access to list of usernames from the userlist_file userlist_file=/etc/vsftpd.userlist # stores usernames. userlist_deny=NO
7. Bayi ṣafikun awọn ila wọnyi ni vsftpd.conf
faili iṣeto rẹ lati ni ihamọ awọn olumulo FTP si awọn ilana Ile wọn.
chroot_local_user=YES #means local users will be placed in a chroot jail, their home directory after login by default settings. user_sub_token=$USER local_root=/home/$USER/ftp
Fipamọ awọn ayipada ninu faili ki o pa a.
8. Ṣeto ofin SELle boolean wọnyi lati jẹ ki FTP lati ka/kọ awọn faili ti itọsọna ile olumulo.
# semanage boolean -m ftpd_full_access --on
9. Lakotan tun bẹrẹ iṣẹ vsftpd lati ni ipa lori gbogbo awọn ayipada ti a ṣe bẹ loke loke:
# systemctl restart vsftpd
Idanwo Olupin FTP lori RHEL 8
10. Lati ṣe idanwo ti iṣeto FTP ti o wa loke n ṣiṣẹ daradara, bẹrẹ nipa ṣiṣẹda olumulo FTP pẹlu aṣẹ usedd ati ṣẹda ọrọ igbaniwọle fun olumulo yẹn.
# useradd -m -c "Tecmint HowTos" -s /bin/bash tecmint # passwd tecmint
11. Lẹhinna ṣafikun tecmint olumulo si faili /etc/vsftpd.userlist nipa lilo iwoyi iwoyi bi atẹle.
# echo "tecmint" | tee -a /etc/vsftpd.userlist # cat /etc/vsftpd.userlist
12. Lẹhinna ṣẹda itọsọna gbongbo agbegbe miiran fun olumulo (tecmint, tirẹ ṣee ṣe yatọ) ati ṣeto awọn igbanilaaye ti o yẹ lori itọsọna yii.
# mkdir -p /home/tecmint/ftp # chown nobody:nobody /home/tecmint/ftp # chmod a-w /home/tecmint/ftp
13. Nigbamii, ṣẹda itọsọna inu ipo gbongbo agbegbe, nibiti olumulo yoo tọju awọn faili rẹ.
# mkdir /home/tecmint/ftp/files # chown tecmint:tecmint /home/tecmint/ftp/files # chmod 0700 /home/tecmint/ftp/files/
14. Bayi sopọ si olupin FTP nipa lilo eyikeyi alabara FTP bi atẹle.
# ftp [email
Connected to 192.168.56.100 220 Welcome to TecMint.com FTP service. 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls
O n niyen! Ninu àpilẹkọ yii, a ṣe apejuwe bi o ṣe le fi sori ẹrọ, tunto bi daradara bi aabo olupin FTP ni RHEL 8. Ninu nkan wa ti n bọ, a yoo fihan bi a ṣe le rii olupin FTP ni aabo nipa lilo awọn isopọ SSL/TLS. Titi di igba naa, duro pẹlu wa.