[root@falcon21 ~]# yum -y install vsftpd
[root@falcon21 ~]# vi /etc/vsftpd/vsftpd.conf 上層へのアクセスを許可するユーザーの登録 [root@falcon21 ~]# echo hayato >> /etc/vsftpd/chroot_list 上層へのアクセスができないユーザーの設定 [root@falcon21 ~]# mkdir /etc/skel/etc [root@falcon21 ~]# cp /etc/localtime /etc/skel/etc/ [root@falcon21 ~]# vi localtimset #!/bin/bash for user in `ls /home` do id $user > /dev/null 2>&1 if [ $? -eq 0 ]; then grep $user /etc/vsftpd/chroot_list > /dev/null 2>&1 if [ $? -ne 0 ] && [ ! -f /home/$user/etc/localtime ]; then mkdir -p /home/$user/etc cp /etc/localtime /home/$user/etc echo $user fi fi done ---------------- [root@falcon21 ~]# sh localtimset [root@falcon21 ~]# rm -f localtimset ------------------ アクセスを禁止するユーザーの登録 [root@falcon21 ~]# echo ユーザー名 >> /etc/vsftpd/ftpusers サーバー証明書作成 [root@falcon21 ~]# cd /etc/pki/tls/certs/ [root@falcon21 certs]# make vsftpd.pem umask 77 ; \ PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \ PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \ /usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \ cat $PEM1 > vsftpd.pem ; \ echo "" >> vsftpd.pem ; \ cat $PEM2 >> vsftpd.pem ; \ rm -f $PEM1 $PEM2 Generating a 2048 bit RSA private key ...............................+++ .........................+++ writing new private key to '/tmp/openssl.cTrX7M' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:JP State or Province Name (full name) []:Gifu Locality Name (eg, city) [Default City]:Anpachi Organization Name (eg, company) [Default Company Ltd]:falcon21.space Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) []:ftp.falcon21.space Email Address []:root@falcon21.space --------------- vsftpd起動 [root@falcon21 ~]# /etc/rc.d/init.d/vsftpd start vsftpd 用の vsftpd を起動中: [ OK ] [root@falcon21 ~]# chkconfig vsftpd on [root@falcon21 ~]# chkconfig --list vsftpd vsftpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off アクセス制限 [root@falcon21 ~]# echo "vsftpd:127.0.0.1" >> /etc/hosts.allow [root@falcon21 ~]# echo "vsftpd:192.168.2." >> /etc/hosts.allow [root@falcon21 ~]# echo "vsftpd:192.168.0." >> /etc/hosts.allow [root@falcon21 ~]# echo "vsftpd:ALL" >> /etc/hosts.deny
投票数:1
平均点:10.00