 |
|
|
| ◆ | vsftpd のインストール |
| バージョン:vsftpd: version 3.0.2 | |
|
[root@centos]# dnf -y install vsftpd |
|
| ◆ | vsftpd の設定 |
|
[root@centos]# vi /etc/vsftpd/vsftpd.conf # Example config file /etc/vsftpd/vsftpd.conf # # The default compiled in settings are fairly paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # Please see vsftpd.conf.5 for all compiled in defaults. # # READ THIS: This example file is NOT an exhaustive list of vsftpd options. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=YES <--- 書き換え(匿名ユーザー)のログインを許可しない ↓ anonymous_enable=NO 途中略 # By default the server will pretend to allow ASCII mode but in fact ignore # the request. Turn on the below options to have the server actually do ASCII # mangling on files when in ASCII mode. # Beware that on some FTP servers, ASCII support allows a denial of service # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd # predicted this attack and has always been safe, reporting the size of the # raw file. # ASCII mangling is a horrible feature of the protocol. #ascii_upload_enable=YES <--- コメント解除(ascil アップロードを許可) ↓ ascii_upload_enable=YES #ascii_download_enable=YES <--- コメント解除(ascil ダウンロードを許可) ↓ ascii_download_enable=YES # # You may fully customise the login banner string: #ftpd_banner=Welcome to blah FTP service. # # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd/banned_emails # # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of# users to NOT chroot(). # (Warning! chroot'ing can be very dangerous. If using chroot, make sure that # the user does not have write access to the top level directory within the # chroot) #chroot_local_user=YES <--- コメント解除(ホームディレクトリ以外へのアクセスを許可しない) ↓ chroot_local_user=YES #chroot_list_enable=YES <--- コメント解除(FTP接続ユーザーを指定する) ↓ chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd/chroot_list <--- コメント解除(FTP接続ユーザーのリストの場所) ↓ chroot_list_file=/etc/vsftpd/chroot_list # # You may activate the "-R" option to the builtin ls. This is disabled by # default to avoid remote users being able to cause excessive I/O on large # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. #ls_recurse_enable=YES <--- コメント解除(ディレクトリの作成・削除できるようにする) ↓ ls_recurse_enable=YES 以下略 use_localtime=YES <--- 最終行に追記(ローカル時間で表示する) |
|
| ホームディレクトリより上層へのアクセスを許可するユーザリストの作成 | |
|
[root@centos]# vi /etc/vsftpd/chroot_list 以下新規記述 root <--- root xxxx <--- ユーザー |
|
| ◆ | FTPサーバの開始 |
|
[root@centos]# systemctl start vsftpd |
|
| vsftpd の自動起動設定 | |
|
[root@centos]# systemctl enable vsftpd |
|
| 自動起動設定の確認 | |
|
[root@centos]# systemctl is-enabled vsftpd enabled <--- enabled になっていればOK |
|