728x90
lftp 패키지 설치
$ yum install -y lftp
$ lftp --version
LFTP | Version 4.4.8 | Copyright (c) 1996-2013 Alexander V. Lukyanov
LFTP is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with LFTP. If not, see <http://www.gnu.org/licenses/>.
Send bug reports and questions to the mailing list <lftp@uniyar.ac.ru>.
Libraries used: Readline 6.2
$ lftp --help
Usage: lftp [OPTS] <site>
`lftp' is the first command executed by lftp after rc files
-f <file> execute commands from the file and exit
-c <cmd> execute the commands and exit
--help print this help and exit
--version print lftp version and exit
Other options are the same as in `open' command
-e <cmd> execute the command just after selecting
-u <user>[,<pass>] use the user/password for authentication
-p <port> use the port for connection
<site> host name, URL or bookmark name
ftps(ftp + ssl) 클라이언트 접속 방법
1. 명령어 나열하여 접속
$ lftp -e "set ftp:ssl-auth TLS; set ftp:ssl-force true; set ssl:verify-certificate no; set ftp:ssl-protect-data true;" remote-server -p remote-server-port
> user ftp_user
$ lftp -e "set ftp:ssl-auth TLS; set ftp:ssl-force true; set ssl:verify-certificate no; set ftp:ssl-protect-data true;" ftps.sangchul.kr -p 990
lftp ftps.sangchul.kr:~> user ftp_user
비밀번호:
lftp ftp_user@ftps.sangchul.kr:~> ls
-rw-rw-r-- 1 1001 1001 0 Dec 06 06:45 ftpfiletest.txt
2. 환경 설정(.lftprc) 파일 생성 후 접속
.lftprc 파일 생성
$ lftp -u ftp_user remote-server -p remote-server-port
$ vim ~/.lftprc
set ftp:ssl-auth TLS
set ftp:ssl-force true
set ftp:ssl-protect-list yes
set ftp:ssl-protect-data yes
set ftp:ssl-protect-fxp yes
set ssl:verify-certificate no
$ lftp -u ftp_user ftps.sangchul.kr -p 990
비밀번호:
lftp ftp_user@ftps.sangchul.kr:~> ls
3. 파일질라(FileZilla) 클라이언트 툴로 접속
4. openssl s_client -starttls ftp -connect ftps.sangchul.kr:990
$ echo '' | openssl s_client -starttls ftp -connect ftps.sangchul.kr:990
CONNECTED(00000003)
depth=0 C = KR, ST = Seoul, L = Jongno-gu, O = sangchul.kr, OU = infra team, CN = ftps.sangchul.kr, emailAddress = admin@sangchul.kr
verify error:num=18:self signed certificate
verify return:1
depth=0 C = KR, ST = Seoul, L = Jongno-gu, O = sangchul.kr, OU = infra team, CN = ftps.sangchul.kr, emailAddress = admin@sangchul.kr
verify return:1
---
Certificate chain
0 s:/C=KR/ST=Seoul/L=Jongno-gu/O=sangchul.kr/OU=infra team/CN=ftps.sangchul.kr/emailAddress=admin@sangchul.kr
i:/C=KR/ST=Seoul/L=Jongno-gu/O=sangchul.kr/OU=infra team/CN=ftps.sangchul.kr/emailAddress=admin@sangchul.kr
---
Server certificate
-----BEGIN CERTIFICATE-----
MIID/zCCAuegAwIBAgIJAKD99Lob8Z6NMA0GCSqGSIb3DQEBCwUAMIGVMQswCQYD
VQQGEwJLUjEOMAwGA1UECAwFU2VvdWwxEjAQBgNVBAcMCUpvbmduby1ndTETMBEG
A1UECgwKTW9uZXlUb2RheTETMBEGA9UECwwKaW5mcmEgdGVhbTEWMBQGA1UEAwwN
YWZ0cC5tdC5jby5rcjEgMB4GCSqGSIb3DQEJARYRYW50aTEzNDZAbXQuY28ua3Iw
HhcNMjEwNTE4MDExMTUzWhcNMzEwNTE2MDExMTUzWjCBlTELMAkGA1UEBhMCS1Ix
DjAMBgNVBAgMBVNlb3VsMRIwEAYDVQQHDAlKb25nbm8tZ3UxEzARBgNVBAoMCk1v
bmV5VG9kYXkxEzARBgNVBAsMCmluZnJhIHRlYW0xFjAUBgNVBAMMDWFmdHAubXQu
Y28ua3IxIDAeBgkqhkiG9w0BCQEWEWFudGkxMzQ2QG10LmNvLmtyMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIwpnlOClmHzEevwg/5ZQ6H273TyflPd
MFAKSJR9jfbQhhRTPCdXA4vESoHJO6GHHOWA+CCAwABtV4H94PHKDcofSRw8eKgV
aJML/ivw0tNxXsXLDunb9YbNW7uaJh33IRxGfm5BO3xBYwZZbNuVXWs2sKNQKmmG
KWZWyRzCL3Gcyi5osJcURXZBxZv5G0z/DOIrOoFlNeBu907MJWvWLigfE+sGtUD4
VgsMltg/0ZAekARKsShQuwe4x3b0xwTweoyDG8WOD+OYYFE7VgF8voyjLHfI6z/w
adPdZl/kRZD/m08DN1fnQgDzWUbmsaN3Okk6PwqGy2+ubI0JnU3a0QIDAQABo1Aw
TjAdBgNVHQ4EFgQUO5yQv6257jHUSZhz6f6J/CSRgT0wHwYDVR0jBBgwFoAUO5yQ
v6257jHUSZhz6f6J/CSRgT0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC
AQEAjyzlNc5lJOD/jujegLzayDpRC8XRuc/vamyB2OE6f1K+HVYEpQBnROibuAI6
UPQzKTlu8hxw1Dmn3H+1UN9BFPiK6iK7L5NG1mOxW7q5u45KOccFsQvPqU8s3jsj
c+VOhzbRAAHCKsqIgoSc7HAQqseuGFSftzt9KN0KeSc9r5ZnpSAVDrsaWh3WY6jb
5CcIstHrLeHkCbVsZaPP0eBp07vnaY1XC8rtvPFp/V4f/E7lG0qxv3HT/GPzUycF
5euHeNIdMew3UyzsU84nI9rqe7EL92qMvEPOX1YrBCEwNhkdvbmahIwlNPNoS9NF
xOa4dm+tC2i7xcs9EqaxFFxnbg==
-----END CERTIFICATE-----
subject=/C=KR/ST=Seoul/L=Jongno-gu/O=sangchul.kr/OU=infra team/CN=ftps.sangchul.kr/emailAddress=admin@sangchul.kr
issuer=/C=KR/ST=Seoul/L=Jongno-gu/O=sangchul.kr/OU=infra team/CN=ftps.sangchul.kr/emailAddress=admin@sangchul.kr
---
No client certificate CA names sent
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA386:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1
Shared Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA386:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1797 bytes and written 437 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: A6A90A286C5EAC93447DF978DE6869BCEEBE122CCFBF3A2169273FF3E46BB9CE
Session-ID-ctx:
Master-Key: CD9F0D87AC9EC57B72D05164CEEDA83A12212CA8F136F6AFBA00C38D8937C5BA9BBF019506AB7949CC9802EFB96AE745
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - f3 57 b6 77 a2 94 4d 31-a5 ac ad b8 4b 0b d1 ea .W.w..M1....K...
0010 - d9 d8 6d 25 6a 02 a0 95-ab 5c d1 87 d5 d4 e2 a5 ..m%j....\......
0020 - 91 f8 44 54 6c fe 28 79-e3 b7 6d 43 d3 26 ad 27 ..DTl.(y..mC.&.'
0030 - 66 fd 8e f8 fb e5 6d bd-75 f6 cf 65 c6 f3 40 b1 f.....m.u..e..@.
0040 - 93 9f 01 4f 3c 48 81 a2-2d ee 1a 61 05 e0 87 83 ...O<H..-..a....
0050 - df 86 1c 45 b0 b2 f7 97-27 6e f9 0d e4 8f cf 0f ...E....'n......
0060 - e7 48 91 d8 db d9 bf 49-39 33 3c 75 ae c6 19 bc .H.....I93<u....
0070 - 49 87 36 fd 67 33 a1 5b-1a 08 32 b7 ea 3e b4 d5 I.6.g3.[..2..>..
0080 - 15 94 36 3a 65 08 56 d6-a1 fe ce e7 fb 1d 33 81 ..6:e.V.......3.
0090 - b8 f0 59 fe 4e 83 0c e3-53 ce 43 e0 2a d5 af 8c ..Y.N...S.C.*...
Start Time: 1638775855
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
220 Welcome to ftps.sangchul.kr FTP service.
DONE
728x90
'리눅스' 카테고리의 다른 글
[kubernetes] 쿠버네티스 실습 환경(플레이그라운드) (0) | 2021.12.07 |
---|---|
[VPN] Linux에서 SoftEther VPN 클라이언트 설치 (0) | 2021.12.06 |
[리눅스] ftps(ftp + ssl) 클라이언트 접속 방법 (0) | 2021.12.06 |
[리눅스] SSL(TLS) 인증서의 만료 날짜 확인 (0) | 2021.12.05 |
[리눅스] 웹 프록시 자동 검색 프로토콜(Auto-Discovery Protocol) (0) | 2021.12.03 |
[리눅스] elasticsearch 클러스터 구성에서 인덱스 생성 (0) | 2021.12.02 |