In this guide we will describe the steps to install and configure a FTP server
(Very Secure FTP Daemon) in CentOS 7.x
1. Install and Enable Firewalld
Install and Enable Firewalld to start at boot:
# yum install -y firewalld
# systemctl start firewalld
# systemctl enable firewalld
# systemctl status firewalld
2. Open FTP Service ports on Firewall:
# firewall-cmd --state
# firewall-cmd --get-default-zone
# firewall-cmd --zone=public --add-port=22/tcp --permanent
# firewall-cmd --zone=public --add-port=21/tcp --permanent
# firewall-cmd --zone=public --add-service=ftp --permanent
# firewall-cmd --reload
# firewall-cmd --list-ports
To check whether the port was added to iptables rules:
# iptables-save | grep 22
# iptables-save | grep 20
3. Update your repository and install VSFTPD package.
# yum check-update
# yum -y install vsftpd
4. VSFTP.
After installation you can find /etc/vsftpd/vsftpd.conf file which is the main configuration file for VSFTP. Take a backup copy before making changes.
# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak
# cd /etc/vsftpd/
# vi vsftpd.conf
Find this line anonymous_enable=YES (Line no : 12) and change value to NO to disable anonymous FTP access.
$ anonymous_enable=NO
Uncomment the below line (Line no: 100 ) to restrict users to their home directory.
$ chroot_local_user=YES
And add the below lines at the end of the file to enable passive mode and allow chroot writable.
allow_writeable_chroot=YES
pasv_enable=Yes
pasv_min_port=40000
pasv_max_port=40100
5. Restart vsftpd service
# systemctl restart vsftpd.service
# systemctl enable vsftpd.service
6. Create an User for ftp access
Now create a User for ftp access. Here /sbin/nologin shell is used to prevent shell access to the server. Keep in mind to use strong passwords for FTP Users
For example:
# useradd -m user1 -s /sbin/nologin
# passwd *********
That’s it.
You are ready to use FTP Server.
(Very Secure FTP Daemon) in CentOS 7.x
1. Install and Enable Firewalld
Install and Enable Firewalld to start at boot:
# yum install -y firewalld
# systemctl start firewalld
# systemctl enable firewalld
# systemctl status firewalld
2. Open FTP Service ports on Firewall:
# firewall-cmd --state
# firewall-cmd --get-default-zone
# firewall-cmd --zone=public --add-port=22/tcp --permanent
# firewall-cmd --zone=public --add-port=21/tcp --permanent
# firewall-cmd --zone=public --add-service=ftp --permanent
# firewall-cmd --reload
# firewall-cmd --list-ports
To check whether the port was added to iptables rules:
# iptables-save | grep 22
# iptables-save | grep 20
3. Update your repository and install VSFTPD package.
# yum check-update
# yum -y install vsftpd
4. VSFTP.
After installation you can find /etc/vsftpd/vsftpd.conf file which is the main configuration file for VSFTP. Take a backup copy before making changes.
# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak
# cd /etc/vsftpd/
# vi vsftpd.conf
Find this line anonymous_enable=YES (Line no : 12) and change value to NO to disable anonymous FTP access.
$ anonymous_enable=NO
Uncomment the below line (Line no: 100 ) to restrict users to their home directory.
$ chroot_local_user=YES
And add the below lines at the end of the file to enable passive mode and allow chroot writable.
allow_writeable_chroot=YES
pasv_enable=Yes
pasv_min_port=40000
pasv_max_port=40100
5. Restart vsftpd service
# systemctl restart vsftpd.service
# systemctl enable vsftpd.service
6. Create an User for ftp access
Now create a User for ftp access. Here /sbin/nologin shell is used to prevent shell access to the server. Keep in mind to use strong passwords for FTP Users
For example:
# useradd -m user1 -s /sbin/nologin
# passwd *********
That’s it.
You are ready to use FTP Server.
