V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
Distributions
Ubuntu
Fedora
CentOS
中文资源站
网易开源镜像站
mathcoder23
V2EX  ›  Linux

linux vsftpd 用户验证慢

  •  
  •   mathcoder23 · 2015-11-26 17:37:31 +08:00 · 2848 次点击
    这是一个创建于 3304 天前的主题,其中的信息可能已经有所发展或是发生改变。

    输入正确的用户名和密码,这个响应确实比较快,
    但是为什么输入不正确的用户和密码,这个响应不是一般的慢,这是其一。
    其二:
    禁止了匿名用户登录,但是我任性的匿名登录一下(响应太慢了,过很久才返回 530 Login incorrect)这不是我想要的,我想它很快的返回 530 Login incorrect 。
    至于为什么要这样任性的登录是因为 win 资源管理器访问 ftp 服务器它就会先尝试匿名登录,但服务器验证了很久才返回错误消息,所以导致在 win 资源管理器输入 ftp 地址,过了很久才出现登录用户的提示框。
    vsftpd 快速认证,怎么破?

    kmahyyg
        1
    kmahyyg  
       2015-11-26 17:45:51 +08:00   ❤️ 1
    unix auth =yes
    permit root login 随意
    NOanonymous = on
    yov123456
        2
    yov123456  
       2015-11-26 19:52:48 +08:00 via iPhone   ❤️ 1
    mathcoder23
        3
    mathcoder23  
    OP
       2015-11-27 11:11:21 +08:00
    @yov123456 谢谢这个对我非常有帮助,问题和我上个问题很类似,
    I experienced a similar issue recently. When I was using Internet Explorer 11 to access an FTP URL, such as ftp://ftp.hostname.com, it would not prompt for a username and password. If I used Firefox it worked fine. I figured out the issue in my case. Since I set the vsftpd setting userlist_deny=NO, the file user_list (/etc/vsftpd/user_list) became a file containing a list of users that are allowed to connect to the server. An entry for user "anonymous" had to exist in there for some browsers to work properly, such as Internet Explorer 11. I had to do that even though I don't allow anonymous access by setting anonymous_enable=NO.
    The reason is the following. When you use a web browser to connect to an FTP URL, such as ftp://ftp.hostname.com, it will first try to automatically connect as user anonymous. If that user is not explicitly authorized to connect to the vsftpd, which is needed when using userlist_deny=NO, the browser will get a permission denied response. Some browsers don't handle this well, such as Internet Explorer 11. That browser stopped trying to connect immediately so it didn't ask me for a username and password. Once I added user anonymous to the authorized list, instead of the browser receiving a permission denied response it received a response asking for the password of user anonymous. Once the browser couldn't log on automatically as user anonymous it prompted me for a username and password.
    我按照这位大神的做法确实,在认证过程中,传输了用户名后,服务器就直接返回 530 permission denied ,不进行用户名和密码认证,这确实响应速度加快了,因为耗时操作是在提交了用户名和密码后嘛,但现在问题又来了,在浏览器可以比较快速的弹出登陆框了,但如果是资源管理器,它发现服务器响应的 permission denied 居然是认为访问路径的权限不够,直接弹出了一个错误的提示框,而不是登陆界面.现在问题的一步步解决了,还差一点点就成功了.
    mathcoder23
        4
    mathcoder23  
    OP
       2015-11-27 11:11:48 +08:00
    @kmahyyg 你好,我不是很懂你意思,可以更详细一点吗?
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2387 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 31ms · UTC 15:32 · PVG 23:32 · LAX 07:32 · JFK 10:32
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.