文書の表示以前のリビジョンバックリンク文書の先頭へ この文書は読取専用です。文書のソースを閲覧することは可能ですが、変更はできません。もし変更したい場合は管理者に連絡してください。 ====== vsftpd - very secure FTP daemon ====== 本家: [[https://security.appspot.com/vsftpd.html|vsftpd - Secure, fast FTP server for UNIX-like systems]]\\ ===== インストール ===== <WRAP color_term> <WRAP color_command><html><pre> <font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:solid">sudo</u></font> <font color="#26A269">dnf</font> install <font color="#A347BA">-y</font> </pre></html></WRAP> <WRAP color_result><html><pre> リポジトリの更新を読み込み中: Docker CE Stable - x86_64 100% | 19.5 KiB/s | 10.9 KiB | 00m01s Remi's RPM repository - Fedora 41 - x86_64 100% | 76.8 KiB/s | 422.0 KiB | 00m05s RPM Fusion for Fedora 41 - Nonfree - NVIDIA Driver 100% | 11.7 KiB/s | 26.5 KiB | 00m02s Fedora 41 - x86_64 - Updates 100% | 130.7 KiB/s | 3.4 MiB | 00m27s RPM Fusion for Fedora 41 - Free - Updates 100% | 10.9 KiB/s | 66.6 KiB | 00m06s Remi's Modular repository - Fedora 41 - x86_64 100% | 50.3 KiB/s | 225.2 KiB | 00m04s RPM Fusion for Fedora 41 - Nonfree - Updates 100% | 22.0 KiB/s | 53.5 KiB | 00m02s リポジトリを読み込みました。 <b>Package </b> <b>Arch </b> <b>Version </b> <b>Repository </b> <b> Size</b> Installing: <font color="#26A269"> vsftpd </font> x86_64 3.0.5-8.fc41 fedora 343.8 KiB Transaction Summary: Installing: 1 package パッケージサイズ 167 KiB 、ダウンロードサイズ 167 KiB 。 完了後、344 KiB のサイズが利用されます(インストール 344 KiB、削除 0 B)。 [1/1] vsftpd-0:3.0.5-8.fc41.x86_64 100% | 125.9 KiB/s | 167.1 KiB | 00m01s -------------------------------------------------------------------------------------------------------------- [1/1] Total 100% | 75.5 KiB/s | 167.1 KiB | 00m02s トランザクションを実行中 [1/3] パッケージ ファイルを検証 100% | 100.0 B/s | 1.0 B | 00m00s [2/3] トランザクションの準備 100% | 0.0 B/s | 1.0 B | 00m07s [3/3] インストール中 vsftpd-0:3.0.5-8.fc41.x86_64 100% | 27.7 KiB/s | 353.0 KiB | 00m13s 完了しました! </pre></html></WRAP> </WRAP> ===== ftps 用の SSL 証明書の作成...🤔 ===== <WRAP color_term> <WRAP color_command><html><pre> <font color="#0087FF"><b>$</b></font> <font color="#26A269">openssl</font> req <font color="#A347BA">-x509</font> <font color="#A347BA">-newkey</font> rsa:4096 <font color="#A347BA">-nodes</font> <font color="#A347BA">-sha256</font> <font color="#A347BA">-days</font> 3650 <font color="#A347BA">-keyout</font> vsftpd.pem <font color="#A347BA">-out</font> vsftpd.pem \ <font color="#A347BA">-subj</font> <font color="#A2734C">"/C=JP/ST=Hokkaido Pref./L=Sapporo City/O=Monsters Garage Co.,Ltd./OU=-/CN=localhost,highway-x,highway-x.fireball.local"</font> \ <font color="#A347BA">-addext</font> <font color="#A2734C">"subjectAltName=DNS:localhost,DNS:highway-x,DNS:highway-x.fireball.local"</font> </pre></html></WRAP> <WRAP color_result><html><pre> ......+......+...+...+........+......+++++++++++++++++++++++++++++++++++++++++++++*........+...+..+......+.......+........+.......+..+.......+.....+....+.....+............+...+......+.+..+.+.....+.......+..+.+......+++++++++++++++++++++++++++++++++++++++++++++*.....+...............+.+......+............+..+.............+......+.........+......+............+....................+....+...+..+.+..+......+....+..+....+...............+....................+....+...+.....+.........+.+..+...............+.+..+.........+......+.........................+..+..........+........+...+.+..................+...........+..........+...........+...+..................+...+..........+................................+...+..........+.....+.........+...+.......+...............+...+.....+.......+........+....+.......................+..........+.....+.+.....+......+...............+.+..................+...........+.+..............+.........+....+.....+............+...+.............+...+......+.....+......+...+....+...+...+.....+......+...................+......+...+.....+.+.............................+...+...+......+..........+......+.....+.......+...+.....+....+++++ .+.+......+.....+....+.....+.............+.....+...+.......+.....+.+......+...........+..................+.........+.+++++++++++++++++++++++++++++++++++++++++++++*..+...+++++++++++++++++++++++++++++++++++++++++++++*........+...+......+......+...............+............+..+.+...+...........+...+......+..........+.....+.+........+.......+..................+........+...+....+........+.......+............+...........+...+....+.....+.+..+..........+.................+.+..+...+...........................+............+...+....+..................+.....+............+.+.........+.....+.............+...+..+......+.+...+...........+.......+............+..+...+.............+...+.....+......+...+.......+........+...............+.......+...+++++ ----- </pre></html></WRAP> </WRAP> <WRAP color_term> <WRAP color_command><html><pre> <font color="#0087FF"><b>$</b></font> <font color="#26A269">openssl</font> x509 <font color="#A347BA">-in</font> <u style="text-decoration-style:solid">vsftpd.pem</u> <font color="#A347BA">-text</font> <font color="#A347BA">-noout</font> </pre></html></WRAP> <WRAP color_result_long><html><pre> Certificate: Data: Version: 3 (0x2) Serial Number: 14:0d:6a:0f:ae:71:d4:0a:77:b0:c1:f9:f8:78:b6:4c:e8:65:f5:7d Signature Algorithm: sha256WithRSAEncryption Issuer: C=JP, ST=Hokkaido Pref., L=Sapporo City, O=Monsters Garage Co.,Ltd., OU=-, CN=localhost,highway-x,highway-x.fireball.local Validity Not Before: Feb 27 07:58:50 2025 GMT Not After : Feb 25 07:58:50 2035 GMT Subject: C=JP, ST=Hokkaido Pref., L=Sapporo City, O=Monsters Garage Co.,Ltd., OU=-, CN=localhost,highway-x,highway-x.fireball.local Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (4096 bit) Modulus: 00:ed:86:f3:c1:18:02:69:ac:8f:0c:e6:ab:9c:1a: a3:09:58:dd:64:13:28:60:68:12:6b:c6:00:c2:ce: 38:b3:a4:7c:94:aa:2f:0d:6d:17:d5:73:29:57:a4: db:0e:5e:f3:dc:d2:f2:ea:9a:c9:56:b3:ce:71:8d: 55:95:40:98:25:a2:db:d7:38:9a:58:32:4f:54:cc: c4:b2:d2:09:47:d5:0b:46:ce:cc:23:04:7d:5b:da: 7c:95:20:14:d0:d8:f9:80:cd:97:1a:f5:65:35:de: 86:ca:4e:76:b6:28:dc:a8:a1:41:fa:18:f3:7f:a5: 7e:3c:78:54:32:e7:15:f9:f6:22:c3:dc:27:3e:2b: e2:e0:84:3b:d0:98:ae:db:aa:86:03:f6:5e:2a:7f: 58:ea:9f:30:5c:e4:f0:24:35:8b:33:95:30:7c:35: fc:8e:02:6e:76:37:2d:e2:92:4b:5b:d9:98:1b:5c: e8:d4:d9:43:da:ef:2f:0f:04:13:bd:e7:66:c8:8f: 04:18:23:dd:8e:8e:6f:b0:73:d4:a3:00:12:ed:61: 48:b1:d8:56:2b:a9:3d:e5:87:43:68:ff:e0:cd:82: 62:a5:2c:cc:d8:e3:d0:44:94:1b:c9:40:71:f2:67: 88:87:cb:e1:b1:70:38:04:91:d7:a8:59:53:b8:76: fd:83:0a:d6:c3:94:12:87:4b:5f:a8:b9:06:32:c7: 9e:c2:bb:53:6c:8b:b1:16:8d:a7:a5:8d:ca:9e:cf: 8b:e1:79:4d:ff:43:fb:af:3f:4c:db:83:be:31:f7: 10:af:1c:c1:dd:fd:61:8f:9d:fc:51:82:0f:13:1f: c0:52:d2:04:38:2d:1b:3b:bb:2e:db:24:f7:7f:9a: d9:69:b2:dc:68:00:e1:2e:cc:21:b8:9a:9f:29:0c: 88:79:d4:00:3b:46:21:b3:14:9d:1e:17:ec:97:0e: 58:b2:ed:cd:6d:d1:ba:6e:2a:5b:28:fd:1a:e5:d7: 3f:ed:e2:e3:eb:c5:c2:0a:20:b3:25:a6:bd:cd:fa: 16:dd:e0:0b:3d:74:8e:a4:05:28:b8:18:3c:52:56: c4:7d:59:3a:d6:bb:4c:6f:9f:e5:c7:b2:82:8c:34: c2:3c:ad:dd:32:f6:cc:27:26:f8:2b:3d:c8:a6:36: 1b:8a:d0:1a:b3:09:9c:32:df:04:37:d4:b5:f5:05: 61:bd:a0:2c:40:e1:ff:3b:ef:19:90:b1:dc:48:22: c7:b7:59:9c:49:8a:e5:31:33:ac:14:46:7c:91:3b: 40:b3:3e:73:8a:08:37:8c:9f:bc:d6:26:1f:cc:49: 5a:40:35:e0:78:68:c2:d6:02:fd:62:e5:84:87:26: 1d:95:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:DB:0E:9C:68:C0:5A:B1:63:1C:53:88:8A:81:4C:52:96:BD:CA:6F X509v3 Authority Key Identifier: E7:DB:0E:9C:68:C0:5A:B1:63:1C:53:88:8A:81:4C:52:96:BD:CA:6F X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Alternative Name: DNS:localhost, DNS:highway-x, DNS:highway-x.fireball.local Signature Algorithm: sha256WithRSAEncryption Signature Value: 9c:ab:af:94:fd:03:e2:76:57:f1:cf:2b:99:a3:dc:13:5c:11: 94:aa:b6:f6:e0:0e:56:89:64:49:30:ab:f8:2f:09:6c:16:ce: 84:49:78:eb:16:d7:c4:0e:e3:20:a2:53:ed:2b:33:4d:fc:c2: 29:3b:cd:4b:53:0e:9f:3d:72:aa:5d:c9:d1:97:01:4f:88:46: 51:9a:f5:f5:50:97:e6:bd:03:93:d2:cf:0d:bf:a7:8a:65:60: ff:6d:fa:23:31:60:c1:b2:e4:e8:dd:8a:c2:c2:15:97:13:49: 1b:3b:13:8d:96:10:c9:f0:e1:4c:04:ab:16:02:6e:c5:7f:71: 97:8a:e6:e1:fe:28:e8:af:5b:43:57:2a:37:7e:11:23:d1:c9: 06:1f:2d:77:d2:3e:19:b1:a3:42:67:9d:5c:3b:5c:c1:3b:e3: 3b:df:5a:9e:c3:01:bb:69:2a:9a:b7:c7:a7:7c:e8:b5:4d:27: 01:d1:74:69:ae:09:05:11:2b:a7:a1:eb:05:12:31:60:6b:68: 46:b6:fb:69:f2:a9:c1:ee:dc:eb:35:4f:34:f3:21:40:21:99: 19:08:4c:17:b0:73:bf:6a:ab:ef:af:39:40:f8:0d:aa:fa:e3: 32:80:b6:ec:0b:4d:6c:37:4e:71:f9:a6:3e:de:cf:f8:09:6b: 06:b2:0f:fd:f9:0f:5e:48:1c:3a:8a:3c:ae:24:a9:9e:68:d2: c4:a3:75:23:77:03:f2:8e:69:43:7f:3b:99:b5:98:e6:11:a7: 02:cf:3a:d1:dd:02:78:21:a2:75:56:e6:c2:1c:c0:c6:f1:47: 8a:c2:10:99:76:ab:38:be:6f:3c:68:56:67:49:01:13:50:ad: 5b:57:3a:72:4a:f4:a1:38:2b:08:c0:28:c3:6a:9b:9e:d1:30: b6:65:d8:35:4c:1c:7d:9e:4a:18:4c:91:2d:e8:94:16:1b:de: aa:a8:bd:ae:78:ca:52:b6:5e:5a:d7:10:27:5c:38:6b:27:5a: ef:56:0f:b5:d6:82:b4:8c:fd:a2:55:0e:4c:01:e1:94:c7:01: 43:79:25:e5:81:86:2b:36:0e:7b:c4:a7:47:db:37:79:58:f8: 52:f3:b9:be:b7:58:50:b0:11:35:e1:e5:d0:cb:4d:62:40:66: dc:c6:42:21:0b:9a:be:b2:30:11:74:07:c0:65:ca:9d:8a:16: 54:01:8d:be:ea:0a:d9:b3:72:8b:34:fb:e6:40:4d:50:92:4b: d8:fe:9d:43:9f:06:5a:00:e6:2f:25:ca:78:0e:92:a5:33:c4: 6a:f3:bc:39:ad:d1:a1:13:28:bc:6d:3a:a2:9d:30:8c:60:07: ba:f4:ff:3a:83:c9:ba:c5 </pre></html></WRAP> </WRAP> ===== SSL 証明書の配置...🤔 ===== <WRAP color_term> <WRAP color_command><html><pre> <font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:solid">sudo</u></font> <font color="#26A269">cp</font> <u style="text-decoration-style:solid">vsftpd.pem</u> <u style="text-decoration-style:solid">/etc/vsftpd</u> </pre></html></WRAP> </WRAP> ===== vsftpd の設定 ===== <WRAP color_term> <WRAP color_command><html><pre> <font color="#0087FF"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:solid">sudo</u></font> <font color="#26A269">nano</font><font color="#999999"> </font><font color="#999999"><u style="text-decoration-style:solid">/etc/vsftpd/vsftpd.conf</u></font> </pre></html></WRAP> <WRAP color_result> <WRAP color_result_long><html><pre class=Bat> <font color="#75715E"># Example config file /etc/vsftpd/vsftpd.conf</font> <font color="#75715E">#</font> <font color="#75715E"># The default compiled in settings are fairly paranoid. This sample file</font> <font color="#75715E"># loosens things up a bit, to make the ftp daemon more usable.</font> <font color="#75715E"># Please see vsftpd.conf.5 for all compiled in defaults.</font> <font color="#75715E">#</font> <font color="#75715E"># READ THIS: This example file is NOT an exhaustive list of vsftpd options.</font> <font color="#75715E"># Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's</font> <font color="#75715E"># capabilities.</font> <font color="#75715E">#</font> <font color="#75715E"># Allow anonymous FTP? (Beware - allowed by default if you comment this out).</font> <font color="#F92672">anonymous_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">NO</font> <font color="#75715E">#</font> <font color="#75715E"># Uncomment this to allow local users to log in.</font> <font color="#F92672">local_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font> <font color="#75715E">#</font> <font color="#75715E"># Uncomment this to enable any form of FTP write command.</font> <font color="#F92672">write_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font> <font color="#75715E">#</font> <font color="#75715E"># Default umask for local users is 077. You may wish to change this to 022,</font> <font color="#75715E"># if your users expect that (022 is used by most other ftpd's)</font> <font color="#F92672">local_umask</font><font color="#F8F8F2">=</font><font color="#E6DB74">022</font> <font color="#75715E">#</font> <font color="#75715E"># Uncomment this to allow the anonymous FTP user to upload files. This only</font> <font color="#75715E"># has an effect if the above global write enable is activated. Also, you will</font> <font color="#75715E"># obviously need to create a directory writable by the FTP user.</font> <font color="#75715E"># When SELinux is enforcing check for SE bool allow_ftpd_anon_write, allow_ftpd_full_access</font> <font color="#75715E">#anon_upload_enable=YES</font> <font color="#75715E">#</font> <font color="#75715E"># Uncomment this if you want the anonymous FTP user to be able to create</font> <font color="#75715E"># new directories.</font> <font color="#75715E">#anon_mkdir_write_enable=YES</font> <font color="#75715E">#</font> <font color="#75715E"># Activate directory messages - messages given to remote users when they</font> <font color="#75715E"># go into a certain directory.</font> <font color="#F92672">dirmessage_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font> <font color="#75715E">#</font> <font color="#75715E"># Activate logging of uploads/downloads.</font> <font color="#F92672">xferlog_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font> <font color="#75715E">#</font> <font color="#75715E"># Make sure PORT transfer connections originate from port 20 (ftp-data).</font> <font color="#F92672">connect_from_port_20</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font> <font color="#75715E">#</font> <font color="#75715E"># If you want, you can arrange for uploaded anonymous files to be owned by</font> <font color="#75715E"># a different user. Note! Using "root" for uploaded files is not</font> <font color="#75715E"># recommended!</font> <font color="#75715E">#chown_uploads=YES</font> <font color="#75715E">#chown_username=whoever</font> <font color="#75715E">#</font> <font color="#75715E"># You may override where the log file goes if you like. The default is shown</font> <font color="#75715E"># below.</font> <font color="#75715E">#xferlog_file=/var/log/xferlog</font> <font color="#75715E">#</font> <font color="#75715E"># If you want, you can have your log file in standard ftpd xferlog format.</font> <font color="#75715E"># Note that the default log file location is /var/log/xferlog in this case.</font> <font color="#F92672">xferlog_std_format</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font> <font color="#75715E">#</font> <font color="#75715E"># You may change the default value for timing out an idle session.</font> <font color="#75715E">#idle_session_timeout=600</font> <font color="#75715E">#</font> <font color="#75715E"># You may change the default value for timing out a data connection.</font> <font color="#75715E">#data_connection_timeout=120</font> <font color="#75715E">#</font> <font color="#75715E"># It is recommended that you define on your system a unique user which the</font> <font color="#75715E"># ftp server can use as a totally isolated and unprivileged user.</font> <font color="#75715E">#nopriv_user=ftpsecure</font> <font color="#75715E">#</font> <font color="#75715E"># Enable this and the server will recognise asynchronous ABOR requests. Not</font> <font color="#75715E"># recommended for security (the code is non-trivial). Not enabling it,</font> <font color="#75715E"># however, may confuse older FTP clients.</font> <font color="#75715E">#async_abor_enable=YES</font> <font color="#75715E">#</font> <font color="#75715E"># By default the server will pretend to allow ASCII mode but in fact ignore</font> <font color="#75715E"># the request. Turn on the below options to have the server actually do ASCII</font> <font color="#75715E"># mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains</font> <font color="#75715E"># the behaviour when these options are disabled.</font> <font color="#75715E"># Beware that on some FTP servers, ASCII support allows a denial of service</font> <font color="#75715E"># attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd</font> <font color="#75715E"># predicted this attack and has always been safe, reporting the size of the</font> <font color="#75715E"># raw file.</font> <font color="#75715E"># ASCII mangling is a horrible feature of the protocol.</font> <font color="#75715E">#ascii_upload_enable=YES</font> <font color="#75715E">#ascii_download_enable=YES</font> <font color="#75715E">#</font> <font color="#75715E"># You may fully customise the login banner string:</font> <font color="#75715E">#ftpd_banner=Welcome to blah FTP service.</font> <font color="#75715E">#</font> <font color="#75715E"># You may specify a file of disallowed anonymous e-mail addresses. Apparently</font> <font color="#75715E"># useful for combatting certain DoS attacks.</font> <font color="#75715E">#deny_email_enable=YES</font> <font color="#75715E"># (default follows)</font> <font color="#75715E">#banned_email_file=/etc/vsftpd/banned_emails</font> <font color="#75715E">#</font> <font color="#75715E"># You may specify an explicit list of local users to chroot() to their home</font> <font color="#75715E"># directory. If chroot_local_user is YES, then this list becomes a list of</font> <font color="#75715E"># users to NOT chroot().</font> <font color="#75715E"># (Warning! chroot'ing can be very dangerous. If using chroot, make sure that</font> <font color="#75715E"># the user does not have write access to the top level directory within the</font> <font color="#75715E"># chroot)</font> <font color="#75715E">#chroot_local_user=YES</font> <font color="#75715E">#chroot_list_enable=YES</font> <font color="#75715E"># (default follows)</font> <font color="#75715E">#chroot_list_file=/etc/vsftpd/chroot_list</font> <font color="#75715E">#</font> <font color="#75715E"># You may activate the "-R" option to the builtin ls. This is disabled by</font> <font color="#75715E"># default to avoid remote users being able to cause excessive I/O on large</font> <font color="#75715E"># sites. However, some broken FTP clients such as "ncftp" and "mirror" assume</font> <font color="#75715E"># the presence of the "-R" option, so there is a strong case for enabling it.</font> <font color="#75715E">#ls_recurse_enable=YES</font> <font color="#75715E">#</font> <font color="#75715E"># When "listen" directive is enabled, vsftpd runs in standalone mode and</font> <font color="#75715E"># listens on IPv4 sockets. This directive cannot be used in conjunction</font> <font color="#75715E"># with the listen_ipv6 directive.</font> <font color="#F92672">listen</font><font color="#F8F8F2">=</font><font color="#E6DB74">NO</font> <font color="#75715E">#</font> <font color="#75715E"># This directive enables listening on IPv6 sockets. By default, listening</font> <font color="#75715E"># on the IPv6 "any" address (::) will accept connections from both IPv6</font> <font color="#75715E"># and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6</font> <font color="#75715E"># sockets. If you want that (perhaps because you want to listen on specific</font> <font color="#75715E"># addresses) then you must run two copies of vsftpd with two configuration</font> <font color="#75715E"># files.</font> <font color="#75715E"># Make sure, that one of the listen options is commented !!</font> <font color="#F92672">listen_ipv6</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font> <font color="#F92672">pam_service_name</font><font color="#F8F8F2">=</font><font color="#E6DB74">vsftpd</font> <font color="#F92672">userlist_enable</font><font color="#F8F8F2">=</font><font color="#E6DB74">YES</font> </pre></html></WRAP> <WRAP color_result><html><pre class=Bat> <span style="background-color:#333333"><font color="#F92672">ssl_enable</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">YES</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#F92672">allow_anon_ssl</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">NO</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#F92672">force_local_data_ssl</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">YES</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#F92672">force_local_logins_ssl</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">YES</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#F92672">ssl_tlsv1</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">YES</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#F92672">ssl_sslv2</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">NO</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#F92672">ssl_sslv3</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">NO</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#75715E"># Filezilla uses port 21 if you don't set any port</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#75715E"># in Servertype "FTPES - FTP over explicit TLS/SSL"</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#75715E"># Port 990 is the default used for FTPS protocol.</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#75715E"># Uncomment it if you want/have to use port 990.</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#F92672">listen_port</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">990</font></span><span style="background-color:#333333"> </span> <span style="background-color:#333333"><font color="#F92672">rsa_cert_file</font></span><span style="background-color:#333333"><font color="#F8F8F2">=</font></span><span style="background-color:#333333"><font color="#E6DB74">/etc/vsftpd/vsftpd.pem</font></span><span style="background-color:#333333"> </span> </pre></html></WRAP> </WRAP> </WRAP> ===== FileZilla で接続確認😉 ===== <WRAP group> <WRAP column zoomimg w640 x1_2> {{:linux:vsftpd_filezilla_001.png?768|vsftpd FileZilla 001}} </WRAP> <WRAP column zoomimg w400 x1_2> {{:linux:vsftpd_filezilla_002.png?480|vsftpd FileZilla 002}} </WRAP> <WRAP column zoomimg w640 x1_2> {{:linux:vsftpd_filezilla_003.png?768|vsftpd FileZilla 003}} </WRAP> </WRAP> linux/vsftpd.txt 最終更新: 2025/02/27 17:58by ともやん
ともやん ともやん