https://dntco43u.github.io/tags/vsftpd/Recent content in vsftpd on 대충어쩌고저쩌고샬라샬라HugoenMon, 08 Dec 2025 00:00:00 +0000https://dntco43u.github.io/infra/vsftpd/Mon, 08 Dec 2025 00:00:00 +0000https://dntco43u.github.io/infra/vsftpd/<p><img src="https://dntco43u.github.io/images/sh-logo.webp#center" alt="image"></p> <pre class="mermaid"> graph LR subgraph gvp6nx1a A2[ssl-cert] --- A1 end A1[vsftpd] &lt;-- tcp/tls --&gt; B[client] A1[vsftpd] &lt;-- ftp-passive --&gt; B</pre> <h2 id="host-구성">host 구성<a class="td-heading-self-link" href="#host-%ea%b5%ac%ec%84%b1" aria-label="Heading self-link"></a></h2> <h3 id="포트-개방">포트 개방<a class="td-heading-self-link" href="#%ed%8f%ac%ed%8a%b8-%ea%b0%9c%eb%b0%a9" aria-label="Heading self-link"></a></h3> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-sh" data-lang="sh"><span class="line"><span class="cl">sudo firewall-cmd --permanent --add-forward-port<span class="o">=</span><span class="nv">port</span><span class="o">=</span>6****:proto<span class="o">=</span>tcp:toport<span class="o">=</span><span class="m">21</span> <span class="o">&amp;&amp;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>sudo firewall-cmd --permanent --add-port<span class="o">=</span>6****-6****/tcp <span class="o">&amp;&amp;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>sudo firewall-cmd --reload <span class="o">&amp;&amp;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>sudo firewall-cmd --list-all </span></span></code></pre></div><h3 id="selinux">selinux<a class="td-heading-self-link" href="#selinux" aria-label="Heading self-link"></a></h3> <div class="alert alert-primary" role="alert"><div class="h4 alert-heading" role="heading">Note</div> <p>Permissive mode인 경우에도 필수적으로 구성</p> </div> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-sh" data-lang="sh"><span class="line"><span class="cl">sudo setsebool -P ftpd_use_passive_mode on <span class="o">&amp;&amp;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>sudo setsebool -P ftpd_full_access on </span></span></code></pre></div><h3 id="설치">설치<a class="td-heading-self-link" href="#%ec%84%a4%ec%b9%98" aria-label="Heading self-link"></a></h3> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-sh" data-lang="sh"><span class="line"><span class="cl">sudo dnf update -y <span class="o">&amp;&amp;</span> sudo dnf install -y vsftpd <span class="o">&amp;&amp;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>sudo systemctl <span class="nb">enable</span> vsftpd <span class="o">&amp;&amp;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>sudo systemctl start vsftpd <span class="o">&amp;&amp;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>sudo systemctl status vsftpd </span></span></code></pre></div><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-sh" data-lang="sh"><span class="line"><span class="cl">sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak <span class="o">&amp;&amp;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>sudo cp /etc/vsftpd/ftpusers /etc/vsftpd/ftpusers.bak </span></span></code></pre></div><p>root 접속 허용 (optional)</p>