CentOS 7 FTP 설정
CentOS 7 FTP 간단 설정
안녕하세요.
JP-Hosting 입니다.
오늘은 CentOS7 에서 쉽고 빠르게 FTP설정하는 법을 설명해드리려고 합니다.
-
테스트환경은 Centos 7.8 버전입니다.
[root@localhost ~]# rpm -qa *-release centos-release-7-8.2003.0.el7.centos.x86_64
-
설치되었는지 확인
[root@localhost ~]# cd /etc/vsftpd -> ls -bash: cd: /etc/vsftpd: No such file or directory
-
vsftpd 설치
[root@localhost ~]# yum install vsftpd Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: ty1.mirror.newmediaexpress.com * extras: ty1.mirror.newmediaexpress.com * updates: ty1.mirror.newmediaexpress.com base | 3.6 kB 00:00:00 extras | 2.9 kB 00:00:00 updates | 2.9 kB 00:00:00 updates/7/x86_64/primary_db | 2.1 MB 00:00:00 Resolving Dependencies --> Running transaction check ---> Package vsftpd.x86_64 0:3.0.2-27.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================ Package Arch Version Repository Size ============================================================================================================================================ Installing: vsftpd x86_64 3.0.2-27.el7 base 172 k Transaction Summary ============================================================================================================================================ Install 1 Package Total download size: 172 k Installed size: 353 k Is this ok [y/d/N]:Y Downloading packages: vsftpd-3.0.2-27.el7.x86_64.rpm | 172 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : vsftpd-3.0.2-27.el7.x86_64 1/1 Verifying : vsftpd-3.0.2-27.el7.x86_64 1/1 Installed: vsftpd.x86_64 0:3.0.2-27.el7 Complete!
-
vsftpd 설치 확인
[root@localhost ~]# cd /etc/vsftpd [root@localhost vsftpd]# ls ftpusers user_list vsftpd.conf vsftpd_conf_migrate.sh
-
vsftpd 설정 파일 백업
[root@localhost vsftpd]# cp vsftpd.conf vsftpd.conf.bak [root@localhost vsftpd]# ls ftpusers user_list vsftpd.conf vsftpd.conf.bak vsftpd_conf_migrate.sh
- vsftpd 설정파일 수정
- 서비스 재시작
- 재부팅시 자동실행되게 등록
[root@localhost vsftpd]# vi vsftpd.conf anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_file=/var/log/xferlog xferlog_std_format=YES chroot_local_user=YES listen=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES [root@localhost vsftpd]# systemctl restart vsftpd [root@localhost vsftpd]# chkconfig vsftpd on Note: Forwarding request to 'systemctl enable vsftpd.service'. Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
- 포트허용 (여기에서는 iptables를 사용하였습니다. -> centos7에서 Iptables사용하는방법보러가기)
- Iptables 재시작
[root@localhost vsftpd]# vi /etc/sysconfig/iptables # sample configuration for iptables service # you can edit this manually or use system-config-firewall # please do not ask us to add additional ports/services to this default configuration *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT [root@localhost vsftpd]# systemctl restart iptables-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT위 두줄을 추가하였습니다.
-
selinux 비활성화
[root@localhost vsftpd]# vi /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. #SELINUX=enforcing SELINUX=disabled # SELINUXTYPE= can take one of three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
-
root 접속가능하게 설정
[root@localhost vsftpd]# vi /etc/vsftpd/user_list # vsftpd userlist # If userlist_deny=NO, only allow users in this file # If userlist_deny=YES (default), never allow users in this file, and # do not even prompt for a password. # Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers # for users that are denied. #root bin daemon adm lp sync shutdown halt mail news uucp operator games nobody [root@localhost vsftpd]# vi /etc/vsftpd/ftpusers # Users that are not allowed to login via ftp #root bin daemon adm lp sync shutdown halt mail news uucp operator games nobody
- root 앞에 #으로 주석처리를 해줍니다.
- 각 파일에 들어가있는 내용으로는 로그인을 할수없게 막아둔거라 보면 됩니다.
-
FTP 접속확인 (cmd로 테스트)
이상으로, 오늘은 CentOS7 에서 간단하게 FTP 설정하는 방법을 소개하였습니다.
유익한 정보가 되었으면 좋겠습니다.