2019-01-16 Ubuntu 18.04安装NTP服务
安装NTP服务可以说很容易,几个要点搞定就成。下面是我装NTP服务器的记录。
一、首先当然是惯例更新
然后修改下配置文件。
这里我们建议去找最近的ntp公共服务器,访问站点 https://wwwntppoolorg/
查找你的区域,比如我需要找 Europe/United Kingdom,可以发现有这么几个,记下来要在配置文件里改的。
这里是中国常用的NTP服务器,以供参考:
二、修改配置文件 /etc/ntpconf
三、重启服务,查看服务状态
四、开放防火墙端口,我们看到ntp使用udp 123端口
现在,服务器端就配置完了。 查看与上层ntp服务器的状态
其中这些状态的意思是:
五、linux客户端配置ntp
51先安装ntpdate,测试NTP工具
测试NTP服务器是否好用(如有提示“ntpdate[XXX]: the ntp socket is in use, exiting”, 可加参数 -u )
52 很好,那么我们先停止ubuntu自带的时间同步服务
53 安装ntp服务并添加主NTP服务器,可以修改/etc/ntpcfg,或者直接使用下面语句添加:
看一下同步状态:
可以看到,已经和主服务器同步成功了。
一、安装
复制代码
代码如下:
sudo apt-get install proftpd
安装过程中会让选择运行模式:Standalone和Inetd,前者是单一服务器模式,后者是超级服务器模式,
我选的Standalone。
二、配置
复制代码
代码如下:
sudo vim /etc/shells
加入如下代码
复制代码
代码如下:
/bin/false
新建用户ftpuser1和用户组ftp并设置密码,此用户不需要有效的shell(更安全),所以选择/bin/false
给fptuser1
复制代码
代码如下:
sudo groupadd ftp
sudo useradd ftpuser1 -p pass -g ftp -d /home/ftp -s /bin/false
在/home/ftp目录下新建upload和download目录并修改权限
复制代码
代码如下:
cd /home/ftp
sudo mkdir download
sudo mkdir upload
cd /home
sudo chmod 755 ftp
cd /home/ftp
sudo chmod 755 download
sudo chmod 777 upload
三、修改proftpd核心配置文件proftpdconf
复制代码
代码如下:
sudo vim /etc/proftpd/proftpdconf
#
# /etc/proftpd/proftpdconf -- This is a basic ProFTPD configuration file
# To really apply changes reload proftpd after modifications
#
# Includes DSO modules
Include /etc/proftpd/modulesconf
# Set off to disable IPv6 support which is annoying on IPv4 only boxes
UseIPv6 off # 我们不需要IPv6,所以off
ServerName "xiaoyigeng's FTP Server" # 修改服务器名
ServerType standalone # 服务器运行模式,这里填standalone,也可以选
inetd
DeferWelcome on # 用户登陆时是否显示欢迎信息
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600 # 可以降到100
TimeoutIdle 1200 # 发呆超时
DisplayLogin welcomemsg # 如果上边DeferWelcom设置成on,则显示
welcomemsg中的内容
DisplayFirstChdir message # 更改目录时显示的内容
ListOptions "-l"
DenyFilter //
# Use this to jail all users in their homes
DefaultRoot /home/ftp # ftp用户被限制在这个目录中
# Users require a valid shell listed in /etc/shells to login
# Use this directive to release that constrain
# RequireValidShell off # 匿名用户要选on
# Port 21 is the standard FTP port
Port 21 # 服务运行的端口
# In some cases you have to specify passive ports range to by-pass
# firewall limitations Ephemeral ports can be used for that, but
# feel free to use a more narrow range
# PassivePorts 49152 65534 # PASV模式下用到的端口
# If your host was NATted, this option is useful in order to
# allow passive tranfers to work You have to use your public
# address and opening the passive ports used on your firewall as well
# MasqueradeAddress 1234
# To prevent DoS attacks, set the maximum number of child processes
# to 30 If you need to allow more than 30 concurrent connections
# at once, simply increase this value Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at
User nobody # 服务器运行在nobody用户下
Group nobody # 服务器运行在nobody组下
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable
Umask 022 022 # 默认新建文件的权限
# Normally, we want files to be overwriteable
AllowOverwrite on # 文件可以被覆盖
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd off
# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads That is not needed for uploads rates
#
# UseSendFile off
# Choose a SQL backend among MySQL or PostgreSQL
# Both modules are loaded in default configuration, so you have to specify the backend
# or comment out the unused module in /etc/proftpd/modulesconf
# Use 'mysql' or 'postgres' as possible values
#
#IfModule mod_sqlc
# SQLBackend mysql
#/IfModule
TransferLog /var/log/proftpd/xferlog # 传送文件日志
SystemLog /var/log/proftpd/proftpdlog # 系统运行日志
IfModule mod_tlsc
TLSEngine off
/IfModule
IfModule mod_quotac
QuotaEngine on
/IfModule
IfModule mod_ratioc
Ratios on
/IfModule/pp# Delay engine reduces impact of the so-called Timing Attack described in
# a href="http://securitylsshr/indexphppage=detailsID=LSS-2004-10-02"http://securitylsshr/indexphppage=detailsID=LSS-2004-10-02/a
# It is on by default
IfModule mod_delayc
DelayEngine on
/IfModule
IfModule mod_ctrlsc
ControlsEngine on
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controlslog
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpdsock
/IfModule
IfModule mod_ctrls_adminc
AdminControlsEngine on
/IfModule
# A basic anonymous configuration, no upload directories
# Anonymous ~ftp
# User ftp
# Group nogroup
# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# RequireValidShell off
#
# # Limit the maximum number of anonymous logins
# MaxClients 10
#
# # We want 'welcomemsg' displayed at login, and 'message' displayed
# # in each newly chdired directory
# DisplayLogin welcomemsg
# DisplayFirstChdir message
#
# # Limit WRITE everywhere in the anonymous chroot
# Directory
# Limit WRITE
# DenyAll
# /Limit
# /Directory
#
# # Uncomment this if you're brave
# # Directory incoming
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable
# # Umask 022 022
# # Limit READ WRITE
# # DenyAll
# # /Limit
# # Limit STOR
# # AllowAll
# # /Limit
# # /Directory
#
# /Anonymous
# Valid Logins # 以下部分为设置用户权限部分
Limit LOGIN
AllowUser ftpuser1
DenyAll
/Limit
Directory /home/ftp
Umask 022 022
AllowOverwrite off
Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD
DenyAll
/Limit
/Directory
Directory /home/ftp/download/
Umask 022 022
AllowOverwrite off
Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD
DenyAll
/Limit
/Directory
Directory /home/ftp/upload/
Umask 022 022
AllowOverwrite on
Limit READ RMD DELE
DenyAll
/Limit
Limit STOR CWD MKD
AllowAll
/Limit
/Directory
四、启动、停止、重启服务器
复制代码
代码如下:
sudo /etc/initd/proftpd start
sudo /etc/initd/proftpd stop
sudo /etc/initd/proftpd restart
五、维护
可以到/var/log/proftpd目录查看日志
查看ftp服务器负载命令 ftptop
查看什么认登陆服务器 ftpwho
PS:proftpd中Limit的使用介绍
我们用到的比较多的可能是Limit的使用,Limit大致有以下动作,基本能覆盖全部的权限了。
CMD:Change Working Directory 改变目录
MKD:MaKe Directory 建立目录的权限
RNFR: ReName FRom 更改目录名的权限
DELE:DELEte 删除文件的权限
RMD:ReMove Directory 删除目录的权限
RETR:RETRieve 从服务端下载到客户端的权限
STOR:STORe 从客户端上传到服务端的权限
READ:可读的权限,不包括列目录的权限,相当于RETR,STAT等
WRITE:写文件或者目录的权限,包括MKD和RMD
DIRS:是否允许列目录,相当于LIST,NLST等权限,还是比较实用的
ALL:所有权限
LOGIN:是否允许登陆的权限
针对上面这个Limit所应用的对象,又包括以下范围
AllowUser 针对某个用户允许的Limit
DenyUser 针对某个用户禁止的Limit
AllowGroup 针对某个用户组允许的Limit
DenyGroup 针对某个用户组禁止的Limit
AllowAll 针对所有用户组允许的Limit
DenyAll 针对所有用户禁止的Limit
关于限制速率的参数为:
TransferRate STOR|RETR 速度(Kbytes/s) user 使用者
首先Ubuntu安装失败主要有以下几个原因 bios版本问题 镜像问题 安装载体问题 主要安装方法 一个一个排除就好 这是我自己总结的一个安装双系统的方法 1从磁盘中分离一个NTFS约为35GB的分区将镜像放进去然后解压 2easybcdIso条目引导到新建分区里的镜像,设置模式为从内存运行 在新建分区里用easybcd建立一个Linux的grub 3压缩30个G的空白分区出来(没有文件格式直接替是啥都没有的空白空间 4重启安装在安装的时候吧Linux安装在空白空间
0条评论