本教程向我们展示了如何在CentOS 6.5中安装和配置FTP服务器。
虽然此处提供的步骤在CentOS 6.5中测试，但它应该在RHEL 6.x(x代表版)上工作，也是科学的Linux 6.x。
在本教程中，我的FTP服务器IP和主机名为192.168.1.200和MAINERVER.theitroad.COM。
我已经配置了一个本地存储库，我将从本地存储库安装FTP。
有关更多信息，导航以在CentOS 6/Rhel 6/Scientific Linux中设置本地存储库。

首先停止防火墙。

[Hyman@theitroad ~]# service iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[Hyman@theitroad ~]# service ip6tables stop
ip6tables: Flushing firewall rules:                        [  OK  ]
ip6tables: Setting chains to policy ACCEPT: filter         [  OK  ]
ip6tables: Unloading modules:                              [  OK  ]
[Hyman@theitroad ~]# chkconfig iptables off
[Hyman@theitroad ~]# chkconfig ip6tables off
[Hyman@theitroad ~]#

现在让我们安装FTP服务。

[Hyman@theitroad ~]# yum install -y vsftpd
[Hyman@theitroad ~]# Start vsftpd service.
[Hyman@theitroad ~]# service vsftpd start
Starting vsftpd for vsftpd:                                [  OK  ]
[Hyman@theitroad ~]#

在多用户级别启用VSFTPD。

[Hyman@theitroad ~]# chkconfig vsftpd on

现在编辑/etc/vsftpd/vsftpd.conf文件。
取消注释并编辑vsftpd.conf文件中的行，这些文件以粗体显示。

[Hyman@theitroad ~]# cat /etc/vsftpd/vsftpd.conf 
# Example config file /etc/vsftpd/vsftpd.conf
## The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
## READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
## Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
## Uncomment this to allow local users to log in.
local_enable=YES
## Uncomment this to enable any form of FTP write command.
write_enable=YES
## Default umask for local users is 077. You Jan wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
## Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
## Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
## Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
## The target log file can be vsftpd_log_file or xferlog_file.
# This depends on setting xferlog_std_format parameter
xferlog_enable=YES
## Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
## If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
## The name of log file when xferlog_enable=YES and xferlog_std_format=YES
# WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log
#xferlog_file=/var/log/xferlog
## Switches between logging into vsftpd_log_file and xferlog_file files.
# NO writes to vsftpd_log_file, YES to xferlog_file
xferlog_std_format=YES
## You Jan change the default value for timing out an idle session.
#idle_session_timeout=600
## You Jan change the default value for timing out a data connection.
#data_connection_timeout=120
## It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
## Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, Jan confuse older FTP clients.
#async_abor_enable=YES
## By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
ascii_upload_enable=YES
ascii_download_enable=YES
## You Jan fully customise the login banner string:
ftpd_banner=Welcome to theitroad FTP service.
## You Jan specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
## You Jan specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
## You Jan activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
ls_recurse_enable=YES
## When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
## This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd with two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
use_localtime=YES

现在让我们重新启动VSFTPD服务并尝试连接到FTP服务器。

[Hyman@theitroad ~]# service vsftpd restart
Shutting down vsftpd:                                      [  OK  ]
Starting vsftpd for vsftpd:                                [  OK  ]

连接到FTP服务器。

注意：默认情况下，不允许root连接到FTP服务器以供安全用途。
所以让我们创建一个名为OniTor的新用户。

[Hyman@theitroad ~]# useradd theitroad
[Hyman@theitroad ~]# passwd theitroad
Changing password for user theitroad.
New password: 
BAD PASSWORD: it is based on a dictionary word
Retype new password: 
passwd: all authentication tokens updated successfully.

使用新用户onatroad到FTP服务器的Connet。

[Hyman@theitroad ~]# ftp 192.168.1.200
-bash: ftp: command not found
[Hyman@theitroad ~]#

哎呀！未安装FTP包。
因此，让我们首先安装FTP包。

[Hyman@theitroad ~]# yum install -y ftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package ftp.i686 0:0.17-51.1.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
 Package       Arch           Version                 Repository           Size
================================================================================
Installing:
 ftp           i686           0.17-51.1.el6           localrepo            55 k
Transaction Summary
================================================================================
Install       1 Package(s)
Total download size: 55 k
Installed size: 91 k
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
  Installing : ftp-0.17-51.1.el6.i686                                       1/1 
  Verifying  : ftp-0.17-51.1.el6.i686                                       1/1 
Installed:
  ftp.i686 0:0.17-51.1.el6                                                      
Complete!
[Hyman@theitroad ~]#

再次连接到FTP服务器。

[Hyman@theitroad ~]# ftp 192.168.1.200
Connected to 192.168.1.200 (192.168.1.200).
220 Welcome to theitroad FTP service.
Name (192.168.1.200:root): theitroad
331 Please specify the password.
Password:
500 OOPS: cannot change directory:/home/theitroad
Login failed.
ftp>

它显示了用户无法更改为$Home目录的错误。
类型退出以从FTP控制台返回，并允许VSFTPD守护程序将用户更改为$Home目录。
要执行此操作，请使用下面的命令更新SELinux配置。

[Hyman@theitroad ~]# setsebool -P ftp_home_dir on

最后连接到FTP服务器。

[Hyman@theitroad ~]# ftp 192.168.1.200
Connected to 192.168.1.200 (192.168.1.200).
220 Welcome to theitroad FTP service.
Name (192.168.1.200:root): theitroad
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/home/theitroad"
ftp>

它现在的工作。
我们可以使用FTP服务器。

使用FileZilla从客户端连接到FTP服务器：

下载并将FileZilla客户端软件安装到任何一个客户端系统。

打开FileZilla客户端，然后输入我们之前创建的用户名和密码，然后单击"连接"。

通过客户端通过浏览器连接到FTP服务器：

打开浏览器并导航到FTP://192.1168.1.200。
输入我们之前批准的用户名和密码。

如果要使用域名浏览FTP服务器(i.e ftp://theitroad.com)而不是IP地址，请在DNS服务器记录中添加FTP服务器IP。
有关配置DNS服务器的更多信息，请参阅CentOS 6.3/Rhel 6.3/Scientific Linux 6.3中的设置DNS服务器。

我们可以从现在使用FileZilla的任何客户端访问FTP服务器，并从客户端Web浏览器中访问FTP服务器。