湖濱散記部落格的樹心幽徑[login][主頁]
543:20191204在WINDOWS裝檔案傳輸伺服器ftpd (FileZilla Server)

(1) 下載FileZilla Server(FileZilla_Server-0_9_60_2.exe 約2MB) :

下載點:https://filezilla-project.org/download.php?type=server

 

(2)執行FileZilla_Server-0_9_60_2.exe安裝程式:

alt

(2-1)接受預設安裝資料夾:C:\Program Files (x86)\FileZilla Server

alt

(2-2)接受預設啟動服務方式及管理埠號並於安裝完即刻啟動FileZilla Server

alt

(2-3)接受用戶登入即啟動伺服程式

alt

(2-4)安裝拷備中…    (2-5)完成。

alt

(2-6)接受預設的輸入 (HOST:localhost ,PORT:14147,PASSWORD:)來登入管理者介面

alt

(2-7)管理介面登入成功但有警告訊息:FTP over TLS 沒有啟用,用戶無法安全登入。

警告訊息:You appear to be behind a NAT router. Please configure the passive mode settings and forward a range of ports in your router. 

 

傳輸層安全性協定(英語:Transport Layer Security,縮寫:TLS)及其前身安全通訊協定(英語:Secure Sockets Layer,縮寫:SSL)是一種安全協定,目的是為網際網路通訊提供安全及資料完整性保障。


alt

(3)點選用戶鈕新增並設定用戶名稱 bear及可任意讀寫的家目錄D:\FARMER

alt

(4-1)用win7命令列登入本機的伺服程式失敗。

C:\Users\user>ftp localhost
已連線到 TEACHER。
220-FileZilla Server 0.9.60 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/
使用者 (TEACHER:(none)): bear
530 TLS required
登入失敗。
ftp> quit
221 Goodbye

(4-1b)伺服端的對應訊息:

(000001)2019/12/4 下午 15:46:35 - (not logged in) (::1)> Connected on port 21, sending welcome message...
(000001)2019/12/4 下午 15:46:35 - (not logged in) (::1)> 220-FileZilla Server 0.9.60 beta
(000001)2019/12/4 下午 15:46:35 - (not logged in) (::1)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
(000001)2019/12/4 下午 15:46:35 - (not logged in) (::1)> 220 Please visit https://filezilla-project.org/
(000001)2019/12/4 下午 15:46:39 - (not logged in) (::1)> USER bear
(000001)2019/12/4 下午 15:46:39 - (not logged in) (::1)> 530 TLS required
(000001)2019/12/4 下午 15:46:50 - (not logged in) (::1)> QUIT
(000001)2019/12/4 下午 15:46:50 - (not logged in) (::1)> 221 Goodbye
(000001)2019/12/4 下午 15:46:50 - (not logged in) (::1)> disconnected.

 

(4-2a)不要勾force TLS for user login

alt

(4-2b)用win7命令列登入本機的伺服程式成功。
C:\Users\user>ftp localhost
已連線到 TEACHER。
220-FileZilla Server 0.9.60 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/
使用者 (TEACHER:(none)): bear
331 Password required for bear
密碼:
230 Logged on
ftp> quit
221 Goodbye

(4-2c)伺服端的對應訊息:

(000002)2019/12/4 下午 15:56:26 - (not logged in) (::1)> Connected on port 21, sending welcome message...
(000002)2019/12/4 下午 15:56:26 - (not logged in) (::1)> 220-FileZilla Server 0.9.60 beta
(000002)2019/12/4 下午 15:56:26 - (not logged in) (::1)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
(000002)2019/12/4 下午 15:56:26 - (not logged in) (::1)> 220 Please visit https://filezilla-project.org/
(000002)2019/12/4 下午 15:56:33 - (not logged in) (::1)> USER bear
(000002)2019/12/4 下午 15:56:33 - (not logged in) (::1)> 331 Password required for bear
(000002)2019/12/4 下午 15:56:38 - (not logged in) (::1)> PASS *********
(000002)2019/12/4 下午 15:56:38 - bear (::1)> 230 Logged on
(000002)2019/12/4 下午 15:56:56 - bear (::1)> QUIT
(000002)2019/12/4 下午 15:56:56 - bear (::1)> 221 Goodbye
(000002)2019/12/4 下午 15:56:56 - bear (::1)> disconnected.

(5)傳檔成功:

D:\>ftp localhost
已連線到 DESKTOP-6GAEL2F。
220-FileZilla Server 0.9.60 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/
202 UTF8 mode is always enabled. No need to send this command.
使用者 (DESKTOP-6GAEL2F:(none)): bear
331 Password required for bear
密碼:
230 Logged on
ftp> mput *.cpp
mput array2.cpp? y
200 Port command successful
150 Opening data channel for file upload to server of "/array2.cpp"
226 Successfully transferred "/array2.cpp"
ftp: 365 位元組已傳送,時間: 0.00秒數 365000.00KB/sec。
ftp> ls *.cpp
200 Port command successful
150 Opening data channel for directory listing of "/*.cpp"
array2.cpp
226 Successfully transferred "/*.cpp"
ftp: 15 位元組已接收,時間: 0.00秒數 15000.00KB/sec。
ftp> quit
221 Goodbye

D:\>

 

(6)下載用戶端程式:FileZilla Client for Windows(下載點FileZilla_3.46.0_win64_sponsored-setup.EXE約8.6MB )並安裝之

(7)啟動FileZilla Client來登入本機的FileZilla server成功

alt

(8)參考如下文章來建立TLS安全連線(Ref 1:FileZilla Server建立SSL與TLS安全連線)

(8-1)於伺服器管理介面/設定選項/FTP OVER TLS SETTINGS/勾選Enable FTP over TLS support(FTPS)/按
Generate new certificate鈕/

alt

(8-2)Key size選1280/並依序輸入Country code,State,city,organization,unit,email,server addr/

並給定keyfile位置/按最下端的Generate certificate鈕

alt

(8-3)選OK

alt

(9-1)首次用filezilla-client連線會有如下未知憑證確認對話盒,勾選確認即可。

alt

(9-2)D:\ITpython>type certificate.crt
-----BEGIN RSA PRIVATE KEY-----
MIIC7AIBAAKBoQCvvY+DC+UXw9rCQ2Yjw+l/A1OkIU0gd00dGhsbv5V+oVtq+RAE
sYuNCQACEm4RH9qHHBa3ay+YkjX7dKVPALYiH/md0vjhYeOWmDSpWKTrkimBYSxI
MyelXwXlYKD90Y+tFT9u8jPqv91kgjzLrPBE4MujTeYdZS14aZ7P2+CtJyMNZplZ
s9vBokQj1bRbhN+DcXTPUf2c/LmM3B5JOShrAgMBAAECgaA1uNrgEojLxQFglT3p
/P+p5hhxegSbwhx+ovZaeyx181mAz/ZHmQax7GhmOcAP2A7zcnC3TTrVhwyde8D0
76C9ucySpGWUcFokNQ8UHZb8s8Xj03OeOBQyKVJgb0SG1aE/r3qjcAK/cFhaqjuT
GQpLkXiXYO0usTyEulIT0CKWSk018qzaqMeG8/r9SdvtUrxi1kMnpiC6ZTAdkYGQ
3GQRAlEA2nJJkD9dAy5SqjuxwAqC4Ez3GPu8N1uu/fjaYyieFFphqrVWx5fiJm7U
WAYUJJ3Ufp1Wb84Tn6gyBaXLKCljTs3Fm6CgUkW5LNA5uI5RRo0CUQDN885lp4Vg
4K3/ExU4bd/ldj2OGICb/NfIM8gS6vDWfYA5u+6Gae5S8Nv0pdHF8d7NBLOWESnh
Rlj9BprF9s5ORKBZGBXsP3I8LEUtmmyI1wJRAIbKVJgccRFAaSO/t9uO4Nj0xNf2
pVnnSeBOyLq82mYmqvNB9+0qzBH4+y/heFZryS3jee19VGCE0XDor6X1e+CpWhDA
mYyKl0uOpL87me0VAlEAiApV+bvwVI/VHzphuAaL8Kxr+KKiwWcAuhPKQwTB1UzN
GFXVNyBd9pd3E2E88b3U6CQE5EmuGko3mdt0/PMMT5LxQCiywn0eXjT39SmeK70C
T0VjQJ+utPRngkcrH/Tke6OnkMTpkHxVeuHq8ZuG/vvD6mr7nQ6i9LfBje2MBNaH
2q4i39d9Z6qr47Y9HlBiAYZkOJCuFidVNbfZjiGzvlw=
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICxzCCAhCgAwIBAgIECHDLOjANBgkqhkiG9w0BAQsFADCBhzEVMBMGA1UEAwwM
MTYzLjI1LjIwLjkwMQswCQYDVQQGEwJUVzEPMA0GA1UECAwGVGFpd2FuMQ8wDQYD
VQQHDAZraW5tZW4xDTALBgNVBAoMBGttdnMxDjAMBgNVBAsMBXRlYWNoMSAwHgYJ
KoZIhvcNAQkBFhF0cmVlaHJ0QGdtYWlsLmNvbTAeFw0xOTEyMDUwMzA3MjBaFw0y
MDEyMDQwMzA3MjBaMIGHMRUwEwYDVQQDDAwxNjMuMjUuMjAuOTAxCzAJBgNVBAYT
AlRXMQ8wDQYDVQQIDAZUYWl3YW4xDzANBgNVBAcMBmtpbm1lbjENMAsGA1UECgwE
a212czEOMAwGA1UECwwFdGVhY2gxIDAeBgkqhkiG9w0BCQEWEXRyZWVocnRAZ21h
aWwuY29tMIG/MA0GCSqGSIb3DQEBAQUAA4GtADCBqQKBoQCvvY+DC+UXw9rCQ2Yj
w+l/A1OkIU0gd00dGhsbv5V+oVtq+RAEsYuNCQACEm4RH9qHHBa3ay+YkjX7dKVP
ALYiH/md0vjhYeOWmDSpWKTrkimBYSxIMyelXwXlYKD90Y+tFT9u8jPqv91kgjzL
rPBE4MujTeYdZS14aZ7P2+CtJyMNZplZs9vBokQj1bRbhN+DcXTPUf2c/LmM3B5J
OShrAgMBAAEwDQYJKoZIhvcNAQELBQADgaEAfkoqM4n7daOgnM9O/Fqo+as8e/jo
6fScn5p5iZaDszo4BIUyrw5Z+uvTfJwuZQTCLtIQ9yDxI6HTO5h+RdxUKf4+ucqe
sXKU+HHju1yQzheRBO/sKPLrLbeEOL3Q0zo0retJXeUsQsF2Qtzh+/ob0X7D1ZhC
mIR4drh7gH6HYA3pBfuOYCwIzfUdo7sKXBRl+jmHM4PalGh7ltv9VwCEgw==
-----END CERTIFICATE-----

(9-3) RSA 是一種非對稱的加密演算法,也是第一個比較完善的公開密鑰算法,它既能用於加密,也能用於數字簽名。

非對稱是因為它利用了兩把不同的鑰匙,一把叫公開金鑰,另一把叫私密金鑰,詳如本連結。


 (10)SSL參考


select id,article_id,topic,text from lt_articles_text where article_id =543; ok. update lt_articles set num_reads=num_reads +1 where id=543; ok.