How to Install and Configure FTP server in Centos 7


In this article, we will learn how to configure FTP server on CentOs 7 using ‘vsftpd’. ‘vsftpd’ (Very Secure File Transport Protocol Daemon) is a secure and very fast FTP server on Linux systems.

Installing ‘vsftpd’

Below is the command to install the ‘vsftpd’, we needed a root user to run the following command

# yum install vsftp ftp –y
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile * base: ftp.iitm.ac.in
 * extras: ftp.iitm.ac.in
 * updates: ftp.iitm.ac.in
Setting up Install Process
No package vsftp available.
Resolving Dependencies
--> Running transaction check
---> Package ftp.x86_64 0:0.17-54.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=================================================================================================================================================================================
 Package                                Arch                                      Version                                          Repository                               Size
=================================================================================================================================================================================
Installing:
vsftpd                                   x86_64                                   2.2.2-21.el6                                     base                                   155 k ftp                                    x86_64                                    0.17-54.el6                                      base                                     58 k

Transaction Summary
=================================================================================================================================================================================
Install       2 Package(s)
Total download size: 58 k
Installed size: 95 k
Is this ok [y/N]: y
Downloading Packages:
ftp-0.17-54.el6.x86_64.rpm , vsftpd-2.2.2-21.el6.x86_64.rpm                                                                                                                             |  58 kB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : ftp-0.17-54.el6.x86_64   
  Installing : vsftpd-2.2.2-21.el6.x86_64                                                                                                                                    
  Verifying  : vsftpd-2.2.2-21.el6.x86_64                                                                                                                                   
  Verifying  : ftp-0.17-54.el6.x86_64                                                                                                                                        
Installed:
  ftp.x86_64 0:0.17-54.el6, vsftpd.x86_64 0:2.2.2-21.el6
Complete!

Configuring ‘vsftpd’

We needed to edit the configuration file ‘vsftpd’ for securing the FTP server since, by default it will allow anonymous users to login and use the server.

# vi /etc/vsftpd/vsftpd.conf

We have to disallow anonymous, unidentified users to access files via FTP; change the anonymous_enable setting to NO:

anonymous_enable=NO

Allow local users to login by changing the local_enable setting to YES:

local_enable=YES

If you want to allow the local users to be able to write to a directory, then change the write_enable setting in the configuration file to YES:

write_enable=YES

Local users will be ‘chroot jailed’ and they will be denied access the local users to any other part of the server; change the chroot_local_user setting in the configuration file to YES:

chroot_local_user=YES

Below is the simple configuration file for your reference –

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
chroot_local_user=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
#listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
Save the file with the command :wq .

Restarting  the vsftpd Service

We needed to restart the ‘vsftpd’ services so that the configuration changes has applied

# systemctl restart vsftpd

We will set the ‘vsftpd’ service to start at boot time, below is the command to enable the ‘vsftpd’ to start.

# systemctl enable vsftpd

Allowing the  ‘vsftpd’ Through the Firewall

We have to allow the default FTP port, port 21, through firewall.

# firewall-cmd --permanent --add-port=21/tcp

We needed to reload the firewall so that the firewall.

# firewall-cmd –reload

Create the FTP user’s

We will create FTP user other than local users and assign the home directory

For this tutorial, I will create a user without a home directory therefore I use –M instead of –m.

# useradd -M user1 –s /sbin/nologin
# passwd user1

We will next set the home directory for “user1” by creating a new directory

# mkdir /var/www/mike
# chmod 755 /var/www/mike

We have to provide access to the “user1” on FTP

# chown -R mike /var/www/user1

We can access the FTP server from the client on your favorite browser using the url ftp://192.168.100.108 
vsfftp

By using the above information, we can easily configure and install the FTP server. ‘vsftpd’ is a simple and very secure FTP server, we can use local user and we can also create other users specially to use FTP ‘vsftpd’ server which has many more features too.

 

Advertisements