[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

[YouTube] Beyond official channel “Biyomaru Channel”

Points that stuck when using passive with FTP in ec2

This is Ito from the infrastructure team.

When I had the opportunity to use FTP (vsftpd) passively on an ec2 instance, I had trouble establishing FTP communication, so
I would like to introduce some points to keep in mind.

vsftpd was an abbreviation for Very Secure FTP Daemon.

Not just security groups

I think most people use security groups to control the ec2 firewall.

The process is to use a security group to allow only IP addresses that use FTP.
Also, when using passive with FTP, you also need to open the passive port in the security group.

Like this
SnapCrab_NoName_2016-4-25_23-4-43_No-00

And I will also set it on the vsftpd side.
This is the setting of the port used passively.

# vim /etc/vsftpd/vsftpd.conf pasv_enable=YES pasv_min_port=60000 pasv_max_port=60030

However, this alone is not enough to connect. . .

Communication when vsftpd is passive in ec2

ec2 basically doesn't know about public IPs.
When I run ifconfig, only the local IP is returned.

This means that passive communication is performed using the local IP of the ec2 instance.
The FTP connection will fail, saying something like ` `FTP communication is possible, but passive communication is not possible, so I can't list the directory.''

To resolve this, you can set the IP address for passive communication to vsftpd.
It's like this.

# vim /etc/vsftpd/vsftpd.conf pasv_address=<public IP>

FTP is fine! !

If you found this article helpful , please give it a like!
2
Loading...
2 votes, average: 1.00 / 12
13,127
X facebook Hatena Bookmark pocket
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

The person who wrote this article

About the author