linux:vsftpd

差分

このページの2つのバージョン間の差分を表示します。

この比較画面へのリンク

linux:vsftpd [2025/02/27 13:39] – 作成 ともやんlinux:vsftpd [2025/02/27 17:58] (現在) – [インストール] ともやん
行 5: 行 5:
 <WRAP color_term> <WRAP color_term>
 <WRAP color_command><html><pre> <WRAP color_command><html><pre>
-<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:solid">sudo</u></font> <font color="#26A269">dnf</font> install <font color="#A347BA">-y</font> vsftpd+<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:solid">sudo</u></font> <font color="#26A269">dnf</font> install <font color="#A347BA">-y</font>
 </pre></html></WRAP> </pre></html></WRAP>
 <WRAP color_result><html><pre> <WRAP color_result><html><pre>
行 37: 行 37:
 </WRAP> </WRAP>
  
 +===== ftps 用の SSL 証明書の作成...🤔 =====
 <WRAP color_term> <WRAP color_term>
 <WRAP color_command><html><pre> <WRAP color_command><html><pre>
-<font color="#0087FF"><b>$</b></font> <font color="#26A269">openssl</font> req <font color="#A347BA">-x509</font> <font color="#A347BA">-newkey</font> rsa:4096 <font color="#A347BA">-nodes</font> <font color="#A347BA">-sha256</font> <font color="#A347BA">-days</font> 3650 <font color="#A347BA">-keyout</font> <u style="text-decoration-style:solid">vsftpd.pem</u> <font color="#A347BA">-out</font> <u style="text-decoration-style:solid">vsftpd.pem</u> +<font color="#0087FF"><b>$</b></font> <font color="#26A269">openssl</font> req <font color="#A347BA">-x509</font> <font color="#A347BA">-newkey</font> rsa:4096 <font color="#A347BA">-nodes</font> <font color="#A347BA">-sha256</font> <font color="#A347BA">-days</font> 3650 <font color="#A347BA">-keyout</font> vsftpd.pem <font color="#A347BA">-out</font> vsftpd.pem \ 
-<font color="#A347BA">-subj</font> <font color="#A2734C">&quot;/C=JP/ST=Hokkaido Pref./L=Sapporo City/O=Monsters Garage Co.,Ltd./OU=-/CN=highway-x,highway-x.fireball.local,localhost&quot;</font>+<font color="#A347BA">-subj</font> <font color="#A2734C">&quot;/C=JP/ST=Hokkaido Pref./L=Sapporo City/O=Monsters Garage Co.,Ltd./OU=-/CN=localhost,highway-x,highway-x.fireball.local&quot;</font>
 +<font color="#A347BA">-addext</font> <font color="#A2734C">&quot;subjectAltName=DNS:localhost,DNS:highway-x,DNS:highway-x.fireball.local&quot;</font>
 </pre></html></WRAP> </pre></html></WRAP>
 <WRAP color_result><html><pre> <WRAP color_result><html><pre>
-.+.........+.....+++++++++++++++++++++++++++++++++++++++++++++*...+.+...+.....+......+......+.........+.+......+..+...+..........+...+.........+..+.+............+............+........+...+...+.+...+++++++++++++++++++++++++++++++++++++++++++++*.+......+....+..+.........+..................+......+.+...+..+.+........+.+.....+.+............+...+..............+.........+....+.....+.+....................+.+......+...+.........+...+...+.....+..........+..+.........+.........+..........+.....+......+..................+.+......+...........+.......+..+...................+.....+.+..........................+.......+...+............+..+.........+.......+.....+...........................+.+..+...+.......+..+...+.......+...+..................+......+.....+......+..................+.+........+.+.....+......+...+.............+.........+.....................+............+........+...................+...+...+..+............+....+.........+...+..+..........+..+.........+.........+...+....+.....+...+......+.......+.........+.........+...........+.+.......................+...................+...............+........+...+.+...+......+..+....+.....+.+...............+...+......+.....+..........+.....+++++ +......+......+...+...+........+......+++++++++++++++++++++++++++++++++++++++++++++*........+...+..+......+.......+........+.......+..+.......+.....+....+.....+............+...+......+.+..+.+.....+.......+..+.+......+++++++++++++++++++++++++++++++++++++++++++++*.....+...............+.+......+............+..+.............+......+.........+......+............+....................+....+...+..+.+..+......+....+..+....+...............+....................+....+...+.....+.........+.+..+...............+.+..+.........+......+.........................+..+..........+........+...+.+..................+...........+..........+...........+...+..................+...+..........+................................+...+..........+.....+.........+...+.......+...............+...+.....+.......+........+....+.......................+..........+.....+.+.....+......+...............+.+..................+...........+.+..............+.........+....+.....+............+...+.............+...+......+.....+......+...+....+...+...+.....+......+...................+......+...+.....+.+.............................+...+...+......+..........+......+.....+.......+...+.....+....+++++ 
-....+++++++++++++++++++++++++++++++++++++++++++++*......+...+...+.+.....+.+.....+...+.+..................+......+......+.........+..+...+.......+...+.........+..+....+...........+.+........+.+...+..+......+...+.+++++++++++++++++++++++++++++++++++++++++++++*........+.........+...+...+....+..+..........+.........+.........+...+..+..........+..+......+...................+.....+.+.................+.......+.....+.........+.+......+............+......+.........+......+.........+............+.....+....+.....+......+...+......+...............+......................+.........+..............+.+......+...+.....+.......+..+...............+.+..+....+...+...+........+.+..................+.....+...+.........+.........+....+.....+...............+.............+...+...........+......+....+..........................+............+..........+...+..+.+..+.......+..+.........+.......+.................................+...........+.+.........+.....+....+.....................+...+..+...............+.............+...+..+...+....+.........+.....+......+.+.................+..........+...+...+...............+.....................+...+...........+......+......+.......+..++++++.+.+......+.....+....+.....+.............+.....+...+.......+.....+.+......+...........+..................+.........+.+++++++++++++++++++++++++++++++++++++++++++++*..+...+++++++++++++++++++++++++++++++++++++++++++++*........+...+......+......+...............+............+..+.+...+...........+...+......+..........+.....+.+........+.......+..................+........+...+....+........+.......+............+...........+...+....+.....+.+..+..........+.................+.+..+...+...........................+............+...+....+..................+.....+............+.+.........+.....+.............+...+..+......+.+...+...........+.......+............+..+...+.............+...+.....+......+...+.......+........+...............+.......+...+++++
 ----- -----
 </pre></html></WRAP> </pre></html></WRAP>
行 53: 行 55:
 <font color="#0087FF"><b>$</b></font> <font color="#26A269">openssl</font> x509 <font color="#A347BA">-in</font> <u style="text-decoration-style:solid">vsftpd.pem</u> <font color="#A347BA">-text</font> <font color="#A347BA">-noout</font> <font color="#0087FF"><b>$</b></font> <font color="#26A269">openssl</font> x509 <font color="#A347BA">-in</font> <u style="text-decoration-style:solid">vsftpd.pem</u> <font color="#A347BA">-text</font> <font color="#A347BA">-noout</font>
 </pre></html></WRAP> </pre></html></WRAP>
-<WRAP color_result_long><html><pre>Certificate:+<WRAP color_result_long><html><pre> 
 +Certificate:
     Data:     Data:
         Version: 3 (0x2)         Version: 3 (0x2)
         Serial Number:         Serial Number:
-            5d:c4:33:7e:80:25:85:6a:4f:8a:83:82:68:0b:50:ae:1e:ea:6f:97+            14:0d:6a:0f:ae:71:d4:0a:77:b0:c1:f9:f8:78:b6:4c:e8:65:f5:7d
         Signature Algorithm: sha256WithRSAEncryption         Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=JP, ST=Hokkaido Pref., L=Sapporo City, O=Monsters Garage Co.,Ltd., OU=-, CN=highway-x,highway-x.fireball.local,localhost+        Issuer: C=JP, ST=Hokkaido Pref., L=Sapporo City, O=Monsters Garage Co.,Ltd., OU=-, CN=localhost,highway-x,highway-x.fireball.local
         Validity         Validity
-            Not Before: Feb 27 04:20:32 2025 GMT +            Not Before: Feb 27 07:58:50 2025 GMT 
-            Not After : Feb 25 04:20:32 2035 GMT +            Not After : Feb 25 07:58:50 2035 GMT 
-        Subject: C=JP, ST=Hokkaido Pref., L=Sapporo City, O=Monsters Garage Co.,Ltd., OU=-, CN=highway-x,highway-x.fireball.local,localhost+        Subject: C=JP, ST=Hokkaido Pref., L=Sapporo City, O=Monsters Garage Co.,Ltd., OU=-, CN=localhost,highway-x,highway-x.fireball.local
         Subject Public Key Info:         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption             Public Key Algorithm: rsaEncryption
                 Public-Key: (4096 bit)                 Public-Key: (4096 bit)
                 Modulus:                 Modulus:
-                    00:9f:b9:cc:45:45:95:6f:e3:1d:21:6b:5a:7e:f1+                    00:ed:86:f3:c1:18:02:69:ac:8f:0c:e6:ab:9c:1a
-                    13:b0:a1:10:e2:4e:e5:20:e6:85:5b:64:ca:9b:20+                    a3:09:58:dd:64:13:28:60:68:12:6b:c6:00:c2:ce
-                    5b:d4:a2:5c:b0:97:c8:95:f9:8d:32:54:5e:fb:11+                    38:b3:a4:7c:94:aa:2f:0d:6d:17:d5:73:29:57:a4
-                    9e:8c:99:39:89:08:99:d3:d4:7c:76:e8:e9:ed:b8+                    db:0e:5e:f3:dc:d2:f2:ea:9a:c9:56:b3:ce:71:8d
-                    75:8d:1a:58:0a:ec:93:c4:c1:2c:61:ec:04:49:29+                    55:95:40:98:25:a2:db:d7:38:9a:58:32:4f:54:cc
-                    f5:86:55:66:c4:0c:8a:09:e0:4b:98:84:b6:9e:99+                    c4:b2:d2:09:47:d5:0b:46:ce:cc:23:04:7d:5b:da
-                    99:32:0a:75:62:68:29:52:78:61:09:bc:08:57:43+                    7c:95:20:14:d0:d8:f9:80:cd:97:1a:f5:65:35:de
-                    87:6b:a3:6b:74:bb:8b:8c:72:68:c9:fd:e0:a3:e8+                    86:ca:4e:76:b6:28:dc:a8:a1:41:fa:18:f3:7f:a5
-                    76:5f:e3:1b:cc:51:f1:97:7c:14:57:ce:c2:55:06+                    7e:3c:78:54:32:e7:15:f9:f6:22:c3:dc:27:3e:2b
-                    c0:90:70:a2:53:44:4d:05:f9:11:99:7a:6c:29:b6+                    e2:e0:84:3b:d0:98:ae:db:aa:86:03:f6:5e:2a:7f
-                    47:79:1e:3f:20:b8:85:42:be:28:30:9b:6b:e3:44+                    58:ea:9f:30:5c:e4:f0:24:35:8b:33:95:30:7c:35
-                    d5:e6:ad:50:3f:07:04:c2:94:a5:15:ef:2f:58:21+                    fc:8e:02:6e:76:37:2d:e2:92:4b:5b:d9:98:1b:5c
-                    31:33:24:e9:95:c9:82:8c:61:d5:59:70:7a:90:29+                    e8:d4:d9:43:da:ef:2f:0f:04:13:bd:e7:66:c8:8f
-                    df:0e:79:b1:84:63:f0:ed:ce:d3:1d:9a:71:91:f7+                    04:18:23:dd:8e:8e:6f:b0:73:d4:a3:00:12:ed:61
-                    88:ec:8b:87:db:84:65:44:3e:2c:b5:de:cc:cb:d2+                    48:b1:d8:56:2b:a9:3d:e5:87:43:68:ff:e0:cd:82
-                    de:33:bf:1f:3e:b7:68:bb:8c:98:17:57:5d:17:9b+                    62:a5:2c:cc:d8:e3:d0:44:94:1b:c9:40:71:f2:67
-                    fc:be:ea:79:23:f9:ff:cd:87:23:ba:84:3f:13:b6+                    88:87:cb:e1:b1:70:38:04:91:d7:a8:59:53:b8:76
-                    34:ca:da:d2:a9:e3:6b:c0:4f:d9:20:0c:78:58:1b+                    fd:83:0a:d6:c3:94:12:87:4b:5f:a8:b9:06:32:c7
-                    3d:fd:11:e7:43:28:b9:62:2d:09:fe:91:19:2c:23+                    9e:c2:bb:53:6c:8b:b1:16:8d:a7:a5:8d:ca:9e:cf
-                    79:03:99:98:6f:75:f4:32:2a:c1:bf:34:d6:8f:b2+                    8b:e1:79:4d:ff:43:fb:af:3f:4c:db:83:be:31:f7
-                    a1:76:c5:2c:79:b0:88:46:cd:7f:66:09:75:a9:95+                    10:af:1c:c1:dd:fd:61:8f:9d:fc:51:82:0f:13:1f
-                    af:37:b3:88:46:d5:08:b8:f6:30:63:e2:0d:56:55+                    c0:52:d2:04:38:2d:1b:3b:bb:2e:db:24:f7:7f:9a
-                    4e:8b:d4:57:22:dd:d9:7c:56:e5:f6:15:2a:a1:21+                    d9:69:b2:dc:68:00:e1:2e:cc:21:b8:9a:9f:29:0c
-                    ec:e5:bc:4c:42:ce:91:b3:43:e3:d1:f8:6d:4e:b5+                    88:79:d4:00:3b:46:21:b3:14:9d:1e:17:ec:97:0e
-                    fe:c1:02:f8:7f:3f:44:03:bd:a0:6d:1c:d8:6b:89+                    58:b2:ed:cd:6d:d1:ba:6e:2a:5b:28:fd:1a:e5:d7
-                    19:06:a6:d9:70:ef:c6:fe:96:a3:3d:6e:9d:cc:0c+                    3f:ed:e2:e3:eb:c5:c2:0a:20:b3:25:a6:bd:cd:fa
-                    71:59:38:b4:e7:b4:86:ff:54:ba:f9:ee:ac:f6:aa+                    16:dd:e0:0b:3d:74:8e:a4:05:28:b8:18:3c:52:56
-                    77:d4:20:04:f0:b1:f7:90:87:78:97:2a:f1:78:28+                    c4:7d:59:3a:d6:bb:4c:6f:9f:e5:c7:b2:82:8c:34
-                    cf:30:9d:58:d4:e8:2c:60:c5:79:45:ee:a3:15:e2+                    c2:3c:ad:dd:32:f6:cc:27:26:f8:2b:3d:c8:a6:36
-                    2a:1b:ba:76:3e:62:ab:d3:8c:ff:8b:64:97:9f:35+                    1b:8a:d0:1a:b3:09:9c:32:df:04:37:d4:b5:f5:05
-                    99:ab:55:c4:05:a1:61:9e:7b:e3:38:ba:34:6d:7e+                    61:bd:a0:2c:40:e1:ff:3b:ef:19:90:b1:dc:48:22
-                    d5:b4:71:19:69:b9:40:49:12:2a:41:ec:21:3b:72+                    c7:b7:59:9c:49:8a:e5:31:33:ac:14:46:7c:91:3b: 
-                    a0:0a:47:b6:86:85:0f:92:bc:a8:04:ea:7f:9d:a6+                    40:b3:3e:73:8a:08:37:8c:9f:bc:d6:26:1f:cc:49
-                    b6:d6:1b:c4:ab:1e:84:45:49:82:d0:0a:22:28:3e+                    5a:40:35:e0:78:68:c2:d6:02:fd:62:e5:84:87:26
-                    ac:5c:5f+                    1d:95:17
                 Exponent: 65537 (0x10001)                 Exponent: 65537 (0x10001)
         X509v3 extensions:         X509v3 extensions:
             X509v3 Subject Key Identifier:              X509v3 Subject Key Identifier: 
-                DB:AD:97:56:78:CD:0D:2D:21:F1:44:2D:BB:36:93:D8:E7:BB:48:CB+                E7:DB:0E:9C:68:C0:5A:B1:63:1C:53:88:8A:81:4C:52:96:BD:CA:6F
             X509v3 Authority Key Identifier:              X509v3 Authority Key Identifier: 
-                DB:AD:97:56:78:CD:0D:2D:21:F1:44:2D:BB:36:93:D8:E7:BB:48:CB+                E7:DB:0E:9C:68:C0:5A:B1:63:1C:53:88:8A:81:4C:52:96:BD:CA:6F
             X509v3 Basic Constraints: critical             X509v3 Basic Constraints: critical
                 CA:TRUE                 CA:TRUE
 +            X509v3 Subject Alternative Name: 
 +                DNS:localhost, DNS:highway-x, DNS:highway-x.fireball.local
     Signature Algorithm: sha256WithRSAEncryption     Signature Algorithm: sha256WithRSAEncryption
     Signature Value:     Signature Value:
-        5a:41:0c:04:89:58:1e:f6:dd:08:83:78:c0:84:3f:fa:57:13+        9c:ab:af:94:fd:03:e2:76:57:f1:cf:2b:99:a3:dc:13:5c:11
-        b0:38:fd:7e:91:98:33:0a:4e:9d:79:2f:22:77:dc:a5:73:8c+        94:aa:b6:f6:e0:0e:56:89:64:49:30:ab:f8:2f:09:6c:16:ce
-        9a:de:0c:05:49:85:26:54:fb:aa:df:25:14:76:05:98:b4:9c+        84:49:78:eb:16:d7:c4:0e:e3:20:a2:53:ed:2b:33:4d:fc:c2
-        49:51:00:f9:d7:da:50:1b:4c:81:14:f0:a8:ab:16:cf:29:17+        29:3b:cd:4b:53:0e:9f:3d:72:aa:5d:c9:d1:97:01:4f:88:46
-        66:37:f2:7b:4b:f5:7b:17:e1:db:de:7b:e6:25:53:43:23:ee+        51:9a:f5:f5:50:97:e6:bd:03:93:d2:cf:0d:bf:a7:8a:65:60
-        d2:6c:ff:2e:09:f0:95:48:4f:4b:73:0a:a8:28:77:6e:2e:f8+        ff:6d:fa:23:31:60:c1:b2:e4:e8:dd:8a:c2:c2:15:97:13:49
-        f1:67:17:17:da:52:0b:88:ff:b7:01:aa:b5:45:9c:9d:92:d8+        1b:3b:13:8d:96:10:c9:f0:e1:4c:04:ab:16:02:6e:c5:7f:71
-        36:37:5a:0f:04:1e:b5:c7:e9:ee:93:45:b0:8d:f3:9a:8b:19+        97:8a:e6:e1:fe:28:e8:af:5b:43:57:2a:37:7e:11:23:d1:c9
-        1a:fb:e2:d7:65:af:4b:13:5a:9c:32:e0:ef:b8:52:e9:ff:ad+        06:1f:2d:77:d2:3e:19:b1:a3:42:67:9d:5c:3b:5c:c1:3b:e3
-        6d:4c:98:59:fe:d7:c5:11:0d:a5:14:ff:a4:fa:7a:d4:dc:a3+        3b:df:5a:9e:c3:01:bb:69:2a:9a:b7:c7:a7:7c:e8:b5:4d:27
-        f4:e1:87:30:89:3c:ca:1e:24:b1:72:b4:cb:2b:f0:df:6a:33+        01:d1:74:69:ae:09:05:11:2b:a7:a1:eb:05:12:31:60:6b:68
-        f9:ff:d0:83:95:e3:b5:27:9f:df:f7:7d:d4:39:f4:09:6b:e5+        46:b6:fb:69:f2:a9:c1:ee:dc:eb:35:4f:34:f3:21:40:21:99
-        72:a9:80:f2:be:75:bb:86:d5:64:ca:82:5a:d2:80:c2:23:6d+        19:08:4c:17:b0:73:bf:6a:ab:ef:af:39:40:f8:0d:aa:fa:e3
-        32:da:81:52:34:cb:61:1f:c1:cb:ec:86:35:ad:3b:6a:28:7d+        32:80:b6:ec:0b:4d:6c:37:4e:71:f9:a6:3e:de:cf:f8:09:6b
-        c8:f9:49:be:00:4e:aa:70:4b:0b:97:00:31:ad:5a:af:4b:89+        06:b2:0f:fd:f9:0f:5e:48:1c:3a:8a:3c:ae:24:a9:9e:68:d2
-        df:40:10:d7:79:3c:76:25:48:85:da:ce:00:0d:e4:e8:d1:a6+        c4:a3:75:23:77:03:f2:8e:69:43:7f:3b:99:b5:98:e6:11:a7
-        01:5e:d1:77:bb:ba:f1:3e:05:52:f9:a7:70:24:0e:97:7f:de+        02:cf:3a:d1:dd:02:78:21:a2:75:56:e6:c2:1c:c0:c6:f1:47
-        22:83:52:ae:86:0a:05:8b:a2:b8:79:ab:8b:2d:1f:fb:dd:e7+        8a:c2:10:99:76:ab:38:be:6f:3c:68:56:67:49:01:13:50:ad
-        44:56:9b:2a:5b:ff:1c:35:b0:97:6c:bd:85:bc:68:b7:8b:8c+        5b:57:3a:72:4a:f4:a1:38:2b:08:c0:28:c3:6a:9b:9e:d1:30
-        94:8c:0a:62:d2:a2:73:60:88:8b:2a:90:e1:54:71:14:ea:0e+        b6:65:d8:35:4c:1c:7d:9e:4a:18:4c:91:2d:e8:94:16:1b:de
-        e8:85:e1:01:21:31:6a:ec:ea:80:2f:09:9d:86:d6:db:79:26+        aa:a8:bd:ae:78:ca:52:b6:5e:5a:d7:10:27:5c:38:6b:27:5a
-        0c:87:e8:30:cc:01:b1:06:8b:3f:91:0d:8b:34:40:1f:a2:cf+        ef:56:0f:b5:d6:82:b4:8c:fd:a2:55:0e:4c:01:e1:94:c7:01
-        5c:07:ae:61:26:e0:bc:3a:61:84:ca:fe:b9:0b:b6:3c:4a:1d+        43:79:25:e5:81:86:2b:36:0e:7b:c4:a7:47:db:37:79:58:f8
-        04:07:26:36:ea:85:0c:84:87:d5:9d:a6:69:bd:2a:ac:1a:f3+        52:f3:b9:be:b7:58:50:b0:11:35:e1:e5:d0:cb:4d:62:40:66
-        65:94:4d:4e:e6:3c:b0:48:73:95:c8:84:43:a8:1e:2b:03:b9+        dc:c6:42:21:0b:9a:be:b2:30:11:74:07:c0:65:ca:9d:8a:16
-        a4:bb:81:17:62:81:6c:bd:38:05:b9:19:66:4e:74:97:35:e0+        54:01:8d:be:ea:0a:d9:b3:72:8b:34:fb:e6:40:4d:50:92:4b
-        24:39:a8:5e:0d:de:37:f4:68:ae:c1:ed:12:c7:12:d6:72:3b+        d8:fe:9d:43:9f:06:5a:00:e6:2f:25:ca:78:0e:92:a5:33:c4
-        76:fa:6a:13:05:a6:00:01:c9:55:46:62:9d:9d:ab:5b:7f:37+        6a:f3:bc:39:ad:d1:a1:13:28:bc:6d:3a:a2:9d:30:8c:60:07
-        aa:16:1c:35:9e:b0:e0:6a+        ba:f4:ff:3a:83:c9:ba:c5
 </pre></html></WRAP> </pre></html></WRAP>
 +</WRAP>
 +
 +===== SSL 証明書の配置...🤔 =====
 +<WRAP color_term>
 +<WRAP color_command><html><pre>
 +<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:solid">sudo</u></font> <font color="#26A269">cp</font> <u style="text-decoration-style:solid">vsftpd.pem</u> <u style="text-decoration-style:solid">/etc/vsftpd</u>
 +</pre></html></WRAP>
 +</WRAP>
 +
 +===== vsftpd の設定 =====
 +<WRAP color_term>
 +<WRAP color_command><html><pre>
 +<font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:solid">sudo</u></font> <font color="#26A269">nano</font><font color="#999999"> </font><font color="#999999"><u style="text-decoration-style:solid">/etc/vsftpd/vsftpd.conf</u></font>
 +</pre></html></WRAP>
 +<WRAP color_result>
 +<WRAP color_result_long><html><pre class=Bat>
 +<font color="#75715E"># Example config file /etc/vsftpd/vsftpd.conf</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># The default compiled in settings are fairly paranoid. This sample file</font>
 +<font color="#75715E"># loosens things up a bit, to make the ftp daemon more usable.</font>
 +<font color="#75715E"># Please see vsftpd.conf.5 for all compiled in defaults.</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># READ THIS: This example file is NOT an exhaustive list of vsftpd options.</font>
 +<font color="#75715E"># Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd&apos;s</font>
 +<font color="#75715E"># capabilities.</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># Allow anonymous FTP? (Beware - allowed by default if you comment this out).</font>
 +<font color="#F92672">anonymous_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">NO</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># Uncomment this to allow local users to log in.</font>
 +<font color="#F92672">local_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># Uncomment this to enable any form of FTP write command.</font>
 +<font color="#F92672">write_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># Default umask for local users is 077. You may wish to change this to 022,</font>
 +<font color="#75715E"># if your users expect that (022 is used by most other ftpd&apos;s)</font>
 +<font color="#F92672">local_umask</font><font color="#F8F8F2">=</font><font color="#E6DB74">022</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># Uncomment this to allow the anonymous FTP user to upload files. This only</font>
 +<font color="#75715E"># has an effect if the above global write enable is activated. Also, you will</font>
 +<font color="#75715E"># obviously need to create a directory writable by the FTP user.</font>
 +<font color="#75715E"># When SELinux is enforcing check for SE bool allow_ftpd_anon_write, allow_ftpd_full_access</font>
 +<font color="#75715E">#anon_upload_enable=YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># Uncomment this if you want the anonymous FTP user to be able to create</font>
 +<font color="#75715E"># new directories.</font>
 +<font color="#75715E">#anon_mkdir_write_enable=YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># Activate directory messages - messages given to remote users when they</font>
 +<font color="#75715E"># go into a certain directory.</font>
 +<font color="#F92672">dirmessage_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># Activate logging of uploads/downloads.</font>
 +<font color="#F92672">xferlog_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># Make sure PORT transfer connections originate from port 20 (ftp-data).</font>
 +<font color="#F92672">connect_from_port_20</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># If you want, you can arrange for uploaded anonymous files to be owned by</font>
 +<font color="#75715E"># a different user. Note! Using &quot;root&quot; for uploaded files is not</font>
 +<font color="#75715E"># recommended!</font>
 +<font color="#75715E">#chown_uploads=YES</font>
 +<font color="#75715E">#chown_username=whoever</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># You may override where the log file goes if you like. The default is shown</font>
 +<font color="#75715E"># below.</font>
 +<font color="#75715E">#xferlog_file=/var/log/xferlog</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># If you want, you can have your log file in standard ftpd xferlog format.</font>
 +<font color="#75715E"># Note that the default log file location is /var/log/xferlog in this case.</font>
 +<font color="#F92672">xferlog_std_format</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># You may change the default value for timing out an idle session.</font>
 +<font color="#75715E">#idle_session_timeout=600</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># You may change the default value for timing out a data connection.</font>
 +<font color="#75715E">#data_connection_timeout=120</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># It is recommended that you define on your system a unique user which the</font>
 +<font color="#75715E"># ftp server can use as a totally isolated and unprivileged user.</font>
 +<font color="#75715E">#nopriv_user=ftpsecure</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># Enable this and the server will recognise asynchronous ABOR requests. Not</font>
 +<font color="#75715E"># recommended for security (the code is non-trivial). Not enabling it,</font>
 +<font color="#75715E"># however, may confuse older FTP clients.</font>
 +<font color="#75715E">#async_abor_enable=YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># By default the server will pretend to allow ASCII mode but in fact ignore</font>
 +<font color="#75715E"># the request. Turn on the below options to have the server actually do ASCII</font>
 +<font color="#75715E"># mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains</font>
 +<font color="#75715E"># the behaviour when these options are disabled.</font>
 +<font color="#75715E"># Beware that on some FTP servers, ASCII support allows a denial of service</font>
 +<font color="#75715E"># attack (DoS) via the command &quot;SIZE /big/file&quot; in ASCII mode. vsftpd</font>
 +<font color="#75715E"># predicted this attack and has always been safe, reporting the size of the</font>
 +<font color="#75715E"># raw file.</font>
 +<font color="#75715E"># ASCII mangling is a horrible feature of the protocol.</font>
 +<font color="#75715E">#ascii_upload_enable=YES</font>
 +<font color="#75715E">#ascii_download_enable=YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># You may fully customise the login banner string:</font>
 +<font color="#75715E">#ftpd_banner=Welcome to blah FTP service.</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># You may specify a file of disallowed anonymous e-mail addresses. Apparently</font>
 +<font color="#75715E"># useful for combatting certain DoS attacks.</font>
 +<font color="#75715E">#deny_email_enable=YES</font>
 +<font color="#75715E"># (default follows)</font>
 +<font color="#75715E">#banned_email_file=/etc/vsftpd/banned_emails</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># You may specify an explicit list of local users to chroot() to their home</font>
 +<font color="#75715E"># directory. If chroot_local_user is YES, then this list becomes a list of</font>
 +<font color="#75715E"># users to NOT chroot().</font>
 +<font color="#75715E"># (Warning! chroot&apos;ing can be very dangerous. If using chroot, make sure that</font>
 +<font color="#75715E"># the user does not have write access to the top level directory within the</font>
 +<font color="#75715E"># chroot)</font>
 +<font color="#75715E">#chroot_local_user=YES</font>
 +<font color="#75715E">#chroot_list_enable=YES</font>
 +<font color="#75715E"># (default follows)</font>
 +<font color="#75715E">#chroot_list_file=/etc/vsftpd/chroot_list</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># You may activate the &quot;-R&quot; option to the builtin ls. This is disabled by</font>
 +<font color="#75715E"># default to avoid remote users being able to cause excessive I/O on large</font>
 +<font color="#75715E"># sites. However, some broken FTP clients such as &quot;ncftp&quot; and &quot;mirror&quot; assume</font>
 +<font color="#75715E"># the presence of the &quot;-R&quot; option, so there is a strong case for enabling it.</font>
 +<font color="#75715E">#ls_recurse_enable=YES</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># When &quot;listen&quot; directive is enabled, vsftpd runs in standalone mode and</font>
 +<font color="#75715E"># listens on IPv4 sockets. This directive cannot be used in conjunction</font>
 +<font color="#75715E"># with the listen_ipv6 directive.</font>
 +<font color="#F92672">listen</font><font color="#F8F8F2">=</font><font color="#E6DB74">NO</font>
 +<font color="#75715E">#</font>
 +<font color="#75715E"># This directive enables listening on IPv6 sockets. By default, listening</font>
 +<font color="#75715E"># on the IPv6 &quot;any&quot; address (::) will accept connections from both IPv6</font>
 +<font color="#75715E"># and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6</font>
 +<font color="#75715E"># sockets. If you want that (perhaps because you want to listen on specific</font>
 +<font color="#75715E"># addresses) then you must run two copies of vsftpd with two configuration</font>
 +<font color="#75715E"># files.</font>
 +<font color="#75715E"># Make sure, that one of the listen options is commented !!</font>
 +<font color="#F92672">listen_ipv6</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font>
 +
 +<font color="#F92672">pam_service_name</font><font color="#F8F8F2">=</font><font color="#E6DB74">vsftpd</font>
 +<font color="#F92672">userlist_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font>
 +
 +</pre></html></WRAP>
 +<WRAP color_result><html><pre class=Bat>
 +<span style="background-color:#333333"><font color="#F92672">ssl_enable</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">YES</font></span><span style="background-color:#333333">                                                                                                </span>
 +<span style="background-color:#333333"><font color="#F92672">allow_anon_ssl</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">NO</font></span><span style="background-color:#333333">                                                                                             </span>
 +<span style="background-color:#333333"><font color="#F92672">force_local_data_ssl</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">YES</font></span><span style="background-color:#333333">                                                                                      </span>
 +<span style="background-color:#333333"><font color="#F92672">force_local_logins_ssl</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">YES</font></span><span style="background-color:#333333">                                                                                    </span>
 +<span style="background-color:#333333"><font color="#F92672">ssl_tlsv1</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">YES</font></span><span style="background-color:#333333">                                                                                                 </span>
 +<span style="background-color:#333333"><font color="#F92672">ssl_sslv2</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">NO</font></span><span style="background-color:#333333">                                                                                                  </span>
 +<span style="background-color:#333333"><font color="#F92672">ssl_sslv3</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">NO</font></span><span style="background-color:#333333">                                                                                                  </span>
 +<span style="background-color:#333333"><font color="#75715E"># Filezilla uses port 21 if you don&apos;t set any port</font></span><span style="background-color:#333333">                                                            </span>
 +<span style="background-color:#333333"><font color="#75715E"># in Servertype &quot;FTPES - FTP over explicit TLS/SSL&quot;</font></span><span style="background-color:#333333">                                                           </span>
 +<span style="background-color:#333333"><font color="#75715E"># Port 990 is the default used for FTPS protocol.</font></span><span style="background-color:#333333">                                                             </span>
 +<span style="background-color:#333333"><font color="#75715E"># Uncomment it if you want/have to use port 990.</font></span><span style="background-color:#333333">                                                              </span>
 +<span style="background-color:#333333"><font color="#F92672">listen_port</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">990</font></span><span style="background-color:#333333">                                                                                               </span>
 +<span style="background-color:#333333"><font color="#F92672">rsa_cert_file</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">/etc/vsftpd/vsftpd.pem</font></span><span style="background-color:#333333">                                                                          </span>
 +</pre></html></WRAP>
 +</WRAP>
 +</WRAP>
 +
 +===== FileZilla で接続確認😉 =====
 +<WRAP group>
 +<WRAP column zoomimg w640 x1_2>
 +{{:linux:vsftpd_filezilla_001.png?768|vsftpd FileZilla 001}}
 +</WRAP>
 +<WRAP column zoomimg w400 x1_2>
 +{{:linux:vsftpd_filezilla_002.png?480|vsftpd FileZilla 002}}
 +</WRAP>
 +<WRAP column zoomimg w640 x1_2>
 +{{:linux:vsftpd_filezilla_003.png?768|vsftpd FileZilla 003}}
 +</WRAP>
 </WRAP> </WRAP>
  
  • linux/vsftpd.1740631155.txt.gz
  • 最終更新: 2025/02/27 13:39
  • by ともやん