�͂��߂Ă̎���T�[�o�\�z - Fedora/CentOS -
Last Update 2018/05/30
[ �X�V���� ] [ �T�C�g �}�b�v ] [ ����f���� ] [ �G�k�f���� ] [ �����N ]
�� �g�b�v >> �N���C�A���g���T�[�o�𑀍� >> FTP�T�[�o�̍\�z(vsFTPD)
����m�F�@[ FC1 / FC2 / FC3 / FC4 / FC5 / FC6 / Fedora7 / Fedora8 / Fedora9 / Fedora10 / Fedora11 / Fedora12 / Fedora13 / Fedora14 / Fedora15 / Fedora16 / Fedora17 / CentOS4 / CentOS5 / CentOS6 / CentOS7 ]
  1. �͂��߂ɁE�E�E
  2. FTP�T�[�o(vsFTPD)�̃C���X�g�[��
  3. vsFTPD�̐ݒ�t�@�C���ύX
  4. FTP�ڑ����[�U�ݒ�
  5. FTP�ڑ��ł���N���C�A���g�̐���(�Z�L�����e�B����)
  6. vsFTPD���N������
  7. OS�̍ċN�����s�Ȃ�������vsFTPD�������I�ɋN������悤�ɐݒ肷��
  8. vsFTPD�̓���m�F(PORT���[�h)
  9. vsFTPD�̓���m�F(PASV���[�h)
  10. �O��(WAN)����̐ڑ�

�� �͂��߂ɁE�E�E

FTP�v���g�R���ł̃t�@�C���]���c�[����FFFTP�Ȃǂ��L���ł��B
���̃c�[���͂ƂĂ��D�G�Ŏg��������悭�����g�킹�Ă�����Ă��܂��B
�������A����T�[�o�ւ̃t�@�C���]���ɂ͈�؎g�p���Ă���܂���B
FFFTP���̂ɂ͑S�����͂���܂��񂪁AFTP�v���g�R�����g�ɑ����̖�肪����܂��B

�������FTP�T�[�o�̍\�z(vsFTPD)���Ǘ��҂ւ̗v�]�����������ׁA���Љ�܂��B
�\�z��̎g�p�ɂ́ALAN�ȊO(WAN)����̃T�[�o�A�N�Z�X�ɂ͏\���ɋC��t���ĉ������B

�l�I�ɂ́wWinSCP�ɂ��T�[�o�t�@�C���]���x�������߂��܂��B

�� FTP�T�[�o(vsFTPD)�̃C���X�g�[��

# yum -y install vsftpd

�� vsFTPD�̐ݒ�t�@�C���ύX

vsFTPD�̐ݒ�t�@�C����ҏW
# vi /etc/vsftpd/vsftpd.conf
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
�������[�U�̓��O�C�������Ȃ�
anonymous_enable=NO

# You may change the default value for timing out an idle session.
�A�C�h�����̃^�C���A�E�g��ݒ�(300�b)
idle_session_timeout=300

# You may change the default value for timing out a data connection.
�ڑ������̃^�C���A�E�g��ݒ�(30�b)
data_connection_timeout=30

# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
�A�X�L�[���[�h�ŃA�b�v���[�h�E�_�E�����[�h�����‚���
ascii_upload_enable=YES
ascii_download_enable=YES

# You may fully customise the login banner string:
���O�I�����̃o�i�[(�K�{�ł͂���܂���B�D�݂łǂ����B)
ftpd_banner=Welcome to kajuhome.com FTP service.

# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
��ʃ��[�U�̓z�[���p�X����փA�N�Z�X�����Ȃ�
chroot_list_enable=YES
# (default follows)
�z�[���p�X����փA�N�Z�X�����Ȃ����[�U���X�g�t�@�C��
chroot_list_file=/etc/vsftpd/chroot_list

# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
�f�B���N�g�����폜�”\�ɂ���
ls_recurse_enable=YES

PAM�F�؂̃T�[�r�X���w��
pam_service_name=vsftpd

�A�N�Z�X���[�U�[���X�g�t�@�C���̎g�p
userlist_enable=YES
�@�@��L�́uuserlist_enable�v�̐ݒ�ɂ��A�t�@�C���u/etc/vsftpd/user_list�v���̃��[�U�ڑ����@���قȂ�܂��B
�@�@YES �F �t�@�C���u/etc/vsftpd/user_list�v���Ɏw�肳�ꂽ���[�U�����������
�@�@NO  �F �u/etc/vsftpd/user_list�v���̎w�胆�[�U�Ɋւ�炸�ڑ�������(��1)�����

�B�ꂽ����������A�ȉ����`����Ɓu�A�N�Z�X���[�U�[���X�g�v�ɒ�`���ꂽ���[�U�̋������ς��̂Œ���
��`���Ȃ�(�f�t�H���g)�ꍇ�́uuserlist_enable=YES�v�Ƃ��ď�������܂�
userlist_enable=NO
���̐ݒ�l���uNO�v�ɂ���Ɓu/etc/vsftpd/user_list�v���Ɏw�肳�ꂽ���[�U�̂�����(��1)�����

��1�F�t�@�C���u/etc/vsftpd/ftpusers�v���ɂ��̃��[�U���ݒ肳��Ă����ꍇ�́u���ہv�����̂Œ���

tcp_wrappers���g�p����
tcp_wrappers=YES


����ȍ~�͔C�ӂŒlj�

���[�U���ł�����ftp�R�}���h�����O�Ɏc��(���L�Q��)
xferlog_std_format=NO
log_ftp_protocol=YES

�^�C���X�^���v���Ԃ���{���Ԃɍ��킹��
use_localtime=YES

�p�b�V�u���[�h�𗘗p�ɂ���
pasv_promiscuous=YES
�p�b�V�u���[�h���p���̃|�[�g�͈�(��F50000�`50030)
pasv_min_port=50000
pasv_max_port=50030

�� FTP�ڑ����[�U�ݒ�

�z�[���p�X����փA�N�Z�X�����Ȃ����[�U�ꗗ
�@�@���F�͂��߂č쐬����ꍇ�A���Y�t�@�C���͂Ȃ��̂ŐV�K�쐬�ƂȂ�܂�
# vi /etc/vsftpd/chroot_list
���[�U�ulinux�v�́A���z�[���p�X����ɍs�����Ȃ�
linux

FTP�ڑ������Ȃ����[�U�ꗗ
# vi /etc/vsftpd/user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd.ftpusers
# for users that are denied.
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
���[�U�ufedora�v��FTP�ڑ������Ȃ��悤�ɐݒ�
fedora


�wvsFTPD�̐ݒ�t�@�C���ύX�x�ł��q�ׂĂ��܂����uuserlist_enable�v�Ɓuuserlist_deny�v�̐ݒ�
�Őڑ��̓��삪�قȂ�̂Œ��ӂ��鎖�B(�ȉ��ɊȒP�ȕ\��Z�߂Ă����܂��B)
                                    ������������������������������
                                    ��  /etc/vsftpd/user_list   ��
������������������������������������������������������������������
��     ������     ��     �ݒ�l     �����[�U�����脠���[�U���Ȃ���
������������������������������������������������������������������
��userlist_enable ��      YES       ��  �ڑ��s��  ��   �ڑ���   ��
������������������������������������������������������������������
��                ��YES(�f�t�H���g) ��    ����    ��    ����    ��
��userlist_deny   ������������������������������������������������
��                ��       NO       ��   �ڑ���   ��  �ڑ��s��  ��
������������������������������������������������������������������


�O���w��t�@�C���̓f�B�X�g���r���[�V������vsftpd�̃o�[�W�����ɂ��Ⴄ�̂Œ���
�@�@�@�@user_list�F�u/etc/vsftpd/user_list�v �܂��� �u/etc/vsftpd.user_list�v
�@�@�@�@ftpusers �F�u/etc/vsftpd/ftpusers�v  �܂��� �u/etc/vsftpd.ftpusers�v

�� FTP�ڑ��ł���N���C�A���g�̐���(�Z�L�����e�B����)

FTP���O�C���ł���N���C�A���g��ݒ�(tcp_wrappers)
# vi /etc/hosts.allow
#
# hosts.allow   This file describes the names of the hosts which are
#       allowed to use the local INET services, as decided
#       by the '/usr/sbin/tcpd' server.
#
�v���C�x�[�g�A�h���X�u192.168.1.�v�ƃT�[�o���g�A�O���[�o���A�h���X�u211.xxx.xxx.xxx�v�͋���
vsftpd : 192.168.1. 127.0.0.1 211.xxx.xxx.xxx


�w/etc/hosts.allow�x�Ŏw�肳�ꂽ�N���C�A���g�ȊO�͑S�ċ���
# vi /etc/hosts.deny
#
# hosts.deny    This file describes the names of the hosts which are
#       *not* allowed to use the local INET services, as decided
#       by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!
vsftpd : ALL

�� vsFTPD���N������

vsFTPD���N������
�yFC1 ���� Fedora15 / CentOS4 / CentOS5 / CentOS6 �̏ꍇ�z
# /etc/rc.d/init.d/vsftpd start

�yFedora16�ȍ~ / CentOS7 �̏ꍇ�z
# systemctl start vsftpd.service

�� OS�̍ċN�����s�Ȃ�������vsFTPD�������I�ɋN������悤�ɐݒ肷��

�N������vsFTPD���N������
�yFC1 ���� Fedora15 / CentOS4 / CentOS5 / CentOS6 �̏ꍇ�z
# chkconfig vsftpd on
�ݒ���e���m�F
# chkconfig --list vsftpd
vsftpd          0:�I�t  1:�I�t  2:�I��  3:�I��  4:�I��  5:�I��  6:�I�t

�yFedora16�ȍ~ / CentOS7 �̏ꍇ�z
# systemctl enable vsftpd.service
�ݒ���e���m�F
# systemctl status vsftpd.service
vsftpd.service - Vsftpd ftp daemon
   Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; enabled)
   Active: active (running) since �� 2014-07-15 17:17:25 JST; 47s ago

�� vsFTPD�̓���m�F(PORT���[�h)

�N���C�A���g�@���ڑ�����(������Windows��DOS�����s���Ă�������)

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

FTP�ڑ����ېݒ�̊m�F(���[�U�ufedora�v�����ۂ���邩�H)
C:\Documents and Settings\fedora>ftp
ftp> op
To 192.168.1.5
Connected to 192.168.1.5.
220 (vsFTPd 1.2.1)
User (192.168.1.5:(none)): fedora
���O�C�������ۂ��ꂽ
530 Permission denied.
Login failed.
FTP�ڑ����I��
ftp> bye
221 Goodbye.

FTP�ڑ��̊m�F
C:\Documents and Settings\fedora>ftp
ftp> op
To 192.168.1.5
Connected to 192.168.1.5.
220 (vsFTPd 1.2.1)
User (192.168.1.5:(none)): linux
���O�C���ł���
331 Please specify the password.
Password:
230 Login successful.
ftp>

�p�b�V�u���[�h�̏�Ԃ��m�F
ftp> ls -l
�p�b�V�u���[�h�������ɂȂ��Ă���(���FWindows��FTP�R�}���h��PASV�ɑΉ����Ă��܂���)
�uPASV���g�����Ƃ��l���Ă��������v�Ƃ������b�Z�[�W
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-------    1 500      500          2049 Oct 05 16:27 Mailbox
226 Directory send OK.
ftp: 65 bytes received in 0.00Seconds 65000.00Kbytes/sec.
ftp>

���z�[���p�X�ȊO�Ɉڂ�邩�m�F
���݂̈ʒu�m�F
ftp> pwd
vsFTPD�ł�chroot�ݒ�́A���z�[���p�X(/home/linux/)���g�b�v�p�X(/)�ɋ[���I�ɒu�������܂�
257 "/"
/root/�Ɉړ����Ă݂�
ftp> cd /root/
���ۂ��ꂽ
550 Failed to change directory.
/etc/�Ɉړ����Ă݂�
ftp> cd /etc/
���ۂ��ꂽ
550 Failed to change directory.
ftp>

�T�[�o�փt�@�C����]������
ftp> put c:\textfile
200 PORT command successful. Consider using PASV.
150 Ok to send data.
226 File receive OK.
ftp: 60 bytes sent in 0.00Seconds 60000.00Kbytes/sec.
�]����̊m�F
ftp> ls -l
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-------    1 500      500          2049 Oct 05 16:27 Mailbox
�]���ł���
-rw-r--r--    1 500      500            57 Dec 07 17:57 textfile
226 Directory send OK.
ftp: 131 bytes received in 0.00Seconds 131000.00Kbytes/sec.

�T�[�o���t�@�C�����擾����
ftp> get textfile
200 PORT command successful. Consider using PASV.
150 Opening ASCII mode data connection for textfile (57 bytes).
226 File send OK.
ftp: 60 bytes received in 0.00Seconds 60000.00Kbytes/sec.

FTP�ڑ����I��
ftp> bye
221 Goodbye.

�� vsFTPD�̓���m�F(PASV���[�h)

�N���C�A���g�@���ڑ�����(��\�I��Windows��FTP�c�[����FFFTP���g�p���܂��B)

  1. FFFTP�́u�z�X�g�̐ݒ�v-�u�g���v��PASV�𗘗p����l�ɐݒ肷��

�ȉ���FFFTP���쎞�̃��O�ł��B

FFFTP Ver.1.92 Copyright(C) 1997-2003 Sota.
----------------------------
�z�X�g xxx.xxx.xxx.xxx (21) �ɐڑ����Ă��܂�.
�ڑ����܂���.
220 (vsFTPd 2.0.3)
>USER linux
331 Please specify the password.
>PASS [xxxxxx]
230 Login successful.
>>CD c:\
>XPWD
257 "/home/linux"
>TYPE A
200 Switching to ASCII mode.
�p�b�V�u���[�h�ɂȂ��Ă���B(�܂��|�[�g���w��͈͓��ł���)
>PASV
227 Entering Passive Mode (xxx,xxx,xxx,xxx,156,70)
�_�E�����[�h�̂��߂Ƀz�X�g xxx.xxx.xxx.xxx (50006) �ɐڑ����Ă��܂�.
�ڑ����܂���.
>NLST -alL
150 Here comes the directory listing.
226 Directory send OK.
�t�@�C���ꗗ�̎擾�͐���I�����܂���. (716 Bytes)
>TYPE I
200 Switching to Binary mode.
>PASV
227 Entering Passive Mode (xxx,xxx,xxx,xxx,156,89)
�A�b�v���[�h�̂��߂Ƀz�X�g xxx.xxx.xxx.xxx (50025) �ɐڑ����Ă��܂�.
�ڑ����܂���.
>STOR /home/linux/textfile
150 Ok to send data.
226 File receive OK.
�A�b�v���[�h�͐���I�����܂���. (1 Sec. 57 B/S).
>TYPE A
200 Switching to ASCII mode.
>PASV
227 Entering Passive Mode (xxx,xxx,xxx,xxx,156,75)
�_�E�����[�h�̂��߂Ƀz�X�g xxx.xxx.xxx.xxx (50011) �ɐڑ����Ă��܂�.
�ڑ����܂���.
>NLST -alL
150 Here comes the directory listing.
226 Directory send OK.
�t�@�C���ꗗ�̎擾�͐���I�����܂���. (782 Bytes)
>TYPE I
200 Switching to Binary mode.
>PASV
227 Entering Passive Mode (xxx,xxx,xxx,xxx,156,87)
�_�E�����[�h�̂��߂Ƀz�X�g xxx.xxx.xxx.xxx (50023) �ɐڑ����Ă��܂�.
�ڑ����܂���.
>RETR /home/linux/textfile
150 Opening BINARY mode data connection for /home/linux/textfile (57 bytes).
226 File send OK.
�_�E�����[�h�͐���I�����܂���. (1 Sec. 57 B/S).
�ؒf���܂���

�� �O��(WAN)����̐ڑ�

WAN����ڑ�����ɓ������āA���[�^�̐ݒ肪�K�v�ł��B
���[�^�̃|�[�g�J�‚́A�������̃��[�^�戵���������������������B

DNS���Őڑ�����ɂ͎��O�Ƀh���C�����̎擾���s���Ă���K�v������܂��B(�ȉ��͑�\�I�Ȃ��̂ł���A�܂��A���T�C�g���g�p�����Ē����Ă���܂�)

�� �R���e���c�֘A

�� ���̑�

�y�[�W�擪��
Copyright(©)2004-2018 First home server construction. All Right Reserved.