CentOS 7 FTP 설정

CentOS 7 FTP 간단 설정


JP-Hosting 입니다.

오늘은 CentOS7 에서 쉽고 빠르게 FTP설정하는 법을 설명해드리려고 합니다.

  • 테스트환경은 Centos 7.8 버전입니다.

[root@localhost ~]# rpm -qa *-release centos-release-7-8.2003.0.el7.centos.x86_64

  • 설치되었는지 확인

[root@localhost ~]# cd /etc/vsftpd -> ls-bash: cd: /etc/vsftpd: No such file or directory

  • vsftpd 설치

[root@localhost ~]# yum install vsftpdLoaded plugins: fastestmirror, langpacksLoading mirror speeds from cached hostfile* base: ty1.mirror.newmediaexpress.com* extras: ty1.mirror.newmediaexpress.com* updates: ty1.mirror.newmediaexpress.combase | 3.6 kB 00:00:00extras | 2.9 kB 00:00:00updates | 2.9 kB 00:00:00updates/7/x86_64/primary_db | 2.1 MB 00:00:00Resolving Dependencies--> Running transaction check---> Package vsftpd.x86_64 0:3.0.2-27.el7 will be installed--> Finished Dependency ResolutionDependencies Resolved============================================================================================================================================Package Arch Version Repository Size============================================================================================================================================Installing:vsftpd x86_64 3.0.2-27.el7 base 172 kTransaction Summary============================================================================================================================================Install 1 PackageTotal download size: 172 kInstalled size: 353 kIs this ok [y/d/N]:YDownloading packages:vsftpd-3.0.2-27.el7.x86_64.rpm | 172 kB 00:00:00Running transaction checkRunning transaction testTransaction test succeededRunning transactionInstalling : vsftpd-3.0.2-27.el7.x86_64 1/1Verifying : vsftpd-3.0.2-27.el7.x86_64 1/1Installed:vsftpd.x86_64 0:3.0.2-27.el7Complete!

  • vsftpd 설치 확인

[root@localhost ~]# cd /etc/vsftpd[root@localhost vsftpd]# lsftpusers user_list vsftpd.conf vsftpd_conf_migrate.sh

  • vsftpd 설정 파일 백업

[root@localhost vsftpd]# cp vsftpd.conf vsftpd.conf.bak[root@localhost vsftpd]# lsftpusers user_list vsftpd.conf vsftpd.conf.bak vsftpd_conf_migrate.sh

  • vsftpd 설정파일 수정
  • 서비스 재시작
  • 재부팅시 자동실행되게 등록

[root@localhost vsftpd]# vi vsftpd.confanonymous_enable=NOlocal_enable=YESwrite_enable=YESlocal_umask=022dirmessage_enable=YESxferlog_enable=YESconnect_from_port_20=YESxferlog_file=/var/log/xferlogxferlog_std_format=YESchroot_local_user=YESlisten=YESpam_service_name=vsftpduserlist_enable=YEStcp_wrappers=YES[root@localhost vsftpd]# systemctl restart vsftpd[root@localhost vsftpd]# chkconfig vsftpd onNote: Forwarding request to 'systemctl enable vsftpd.service'.Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.

[root@localhost vsftpd]# vi /etc/sysconfig/iptables# sample configuration for iptables service# you can edit this manually or use system-config-firewall# please do not ask us to add additional ports/services to this default configuration*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT-A INPUT -j REJECT --reject-with icmp-host-prohibited-A FORWARD -j REJECT --reject-with icmp-host-prohibitedCOMMIT[root@localhost vsftpd]# systemctl restart iptables

-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT

위 두줄을 추가하였습니다.

  • selinux 비활성화

[root@localhost vsftpd]# vi /etc/sysconfig/selinux# This file controls the state of SELinux on the system.# SELINUX= can take one of these three values:# enforcing - SELinux security policy is enforced.# permissive - SELinux prints warnings instead of enforcing.# disabled - No SELinux policy is loaded.#SELINUX=enforcingSELINUX=disabled# SELINUXTYPE= can take one of three values:# targeted - Targeted processes are protected,# minimum - Modification of targeted policy. Only selected processes are protected.# mls - Multi Level Security protection.SELINUXTYPE=targeted

  • root 접속가능하게 설정

[root@localhost vsftpd]# vi /etc/vsftpd/user_list# vsftpd userlist# If userlist_deny=NO, only allow users in this file# If userlist_deny=YES (default), never allow users in this file, and# do not even prompt for a password.# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers# for users that are denied.#rootbindaemonadmlpsyncshutdownhaltmailnewsuucpoperatorgamesnobody[root@localhost vsftpd]# vi /etc/vsftpd/ftpusers# Users that are not allowed to login via ftp#rootbindaemonadmlpsyncshutdownhaltmailnewsuucpoperatorgamesnobody
  • root 앞에 #으로 주석처리를 해줍니다.
  • 각 파일에 들어가있는 내용으로는 로그인을 할수없게 막아둔거라 보면 됩니다.

  • FTP 접속확인 (cmd로 테스트)

이상으로, 오늘은 CentOS7 에서 간단하게 FTP 설정하는 방법을 소개하였습니다.

유익한 정보가 되었으면 좋겠습니다.

댓글 없음:

참고: 블로그의 회원만 댓글을 작성할 수 있습니다.

Powered by Blogger.