CentOS7にftpサーバーを構築するメモ

1.vsftpdのインストール
#yum install vsftpd

2.設定ファイルを修正
#vim /etc/vsftpd/vsftpd.conf

anonymous_enable=NO
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=NO
log_ftp_protocol=YES
ascii_upload_enable=YES
ascii_download_enable=YES
ftpd_banner=Welcome to blah FTP service.
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
ls_recurse_enable=YES

###設定内容を追記###

local_root=public_html

pam_service_name=vsftpd
userlist_enable=YES
userlist_deny=YES
userlist_file=/etc/vsftpd/user_list
tcp_wrappers=YES
use_localtime=YES
allow_writeable_chroot=YES

pasv_enable=YES
pasv_address=cft.arkgame.com
pasv_min_port=70000
pasv_max_port=70040
pasv_addr_resolve=YES
pasv_promiscuous=YES

ssl_enable=YES
rsa_cert_file=/etc/letsencrypt/live/cft.arkgame.com/fullchain.pem
rsa_private_key_file=/etc/letsencrypt/live/cft.arkgame.com/privkey.pem
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
ssl_ciphers=HIGH

4.ユーザー名を追加
#echo yamdauser >> /ect/vsftpd/chroot_list

5.ポートを開放
#firewall-cmd –add-service=ftp –zone=public –permanent
#firewall-cmd –add-port=70000-70040/tcp –zone=public –permanent
#firewall-cmd –reload

6.vsftpd起動
#systemctl start vsftpd
#systemctl enable vsftpd