In this article, we will learn how to configure FTP server on CentOs 7 using ‘vsftpd’. ‘vsftpd’ (Very Secure File Transport Protocol Daemon) is a secure and very fast FTP server on Linux systems.
Installing ‘vsftpd’
Below is the command to install the ‘vsftpd’, we needed a root user to run the following command.
# yum install vsftp ftp –y Loaded plugins: fastestmirror, refresh-packagekit, security Loading mirror speeds from cached hostfile * base: ftp.iitm.ac.in * extras: ftp.iitm.ac.in * updates: ftp.iitm.ac.in Setting up Install Process No package vsftp available. Resolving Dependencies --> Running transaction check ---> Package ftp.x86_64 0:0.17-54.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================================================================================================================= Package Arch Version Repository Size ================================================================================================================================================================================= Installing: vsftpd x86_64 2.2.2-21.el6 base 155 k ftp x86_64 0.17-54.el6 base 58 k Transaction Summary ================================================================================================================================================================================= Install 2 Package(s) Total download size: 58 k Installed size: 95 k Is this ok [y/N]: y Downloading Packages: ftp-0.17-54.el6.x86_64.rpm , vsftpd-2.2.2-21.el6.x86_64.rpm | 58 kB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : ftp-0.17-54.el6.x86_64 Installing : vsftpd-2.2.2-21.el6.x86_64 Verifying : vsftpd-2.2.2-21.el6.x86_64 Verifying : ftp-0.17-54.el6.x86_64 Installed: ftp.x86_64 0:0.17-54.el6, vsftpd.x86_64 0:2.2.2-21.el6 Complete!
Configuring ‘vsftpd’
We needed to edit the configuration file ‘vsftpd’ for securing the FTP server since, by default it will allow anonymous users to login and use the server.
# vi /etc/vsftpd/vsftpd.conf
We have to disallow anonymous, unidentified users to access files via FTP; change the anonymous_enable setting to NO:
anonymous_enable=NO
Allow local users to login by changing the local_enable setting to YES:
local_enable=YES
If you want to allow the local users to be able to write to a directory, then change the write_enable setting in the configuration file to YES:
write_enable=YES
Local users will be ‘chroot jailed’ and they will be denied access the local users to any other part of the server; change the chroot_local_user setting in the configuration file to YES:
chroot_local_user=YES
Below is the simple configuration file for your reference –
anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 chroot_local_user=YES dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_std_format=YES listen=YES #listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES Save the file with the command :wq .
Restarting the vsftpd Service
We needed to restart the ‘vsftpd’ services so that the configuration changes has applied
# systemctl restart vsftpd
We will set the ‘vsftpd’ service to start at boot time, below is the command to enable the ‘vsftpd’ to start.
# systemctl enable vsftpd
Allowing the ‘vsftpd’ Through the Firewall
We have to allow the default FTP port, port 21, through firewall.
# firewall-cmd --permanent --add-port=21/tcp
We needed to reload the firewall so that the firewall.
# firewall-cmd –reload
Create the FTP user’s
We will create FTP user other than local users and assign the home directory
For this tutorial, I will create a user without a home directory therefore I use –M instead of –m.
# useradd -M user1 –s /sbin/nologin # passwd user1
We will next set the home directory for “user1” by creating a new directory
# mkdir /var/www/mike # chmod 755 /var/www/mike
We have to provide access to the “user1” on FTP
# chown -R mike /var/www/user1 We can access the FTP server from the client on your favorite browser using the url ftp://192.168.100.108