How to Change FTP Port in Linux?

Introduction

FTP, or File Transfer Protocol, is a standard network protocol used to transfer files from one host to another over a TCP-based network, such as the internet. In Linux, FTP is a vital tool for transferring files between servers or between a local machine and a server. It allows users to manage and organize files on their Linux system without having to be physically present at that location.

Understanding the Default FTP Port in Linux

FTP (File Transfer Protocol) is an essential component of any Linux server. It allows users to transfer files between the local machine and remote servers.

In Linux, the default FTP port is 21. This default port was assigned by the Internet Assigned Numbers Authority (IANA) to ensure that FTP traffic is directed correctly.

Risks Associated with Using the Default Port

Using the default FTP port can put your server at risk. Attackers can use widely available tools to scan your network for open ports like port 21.

Once they find an open FTP service, they can attempt brute-force attacks against it using automated tools that exploit weak passwords or outdated software versions. They can then gain unauthorized access to servers and steal valuable data.

Benefits of Changing the Default Port

Changing the default FTP port provides several benefits that help secure your system. It makes it harder for attackers to locate and exploit your service since they would have to scan a larger range of ports to find your service.

Additionally, changing ports ensures that only authorized users who know which port number you're using can connect to your service. This helps prevent unauthorized access attempts from malicious actors who don't know which port you're using.

Changing the default FTP port requires editing configuration files on your server as well as updating any firewalls or security groups that may be in place. In our next section, we'll walk through these steps in detail so you can confidently secure your system by changing its FTP port.

Steps to Change FTP Port in Linux

Step-by-step Guide to Changing the FTP port

Changing the default FTP port in Linux involves a series of steps. These steps are simple but require some basic knowledge of Linux terminal commands and file editing.

The following is a step-by-step guide on how to change the FTP port in Linux −

• Accessing Terminal − To start with, we need to access the terminal as we will be using command-line interface (CLI) tools.

We can access the CLI by opening a terminal window either by clicking on ‘Applications’ and navigating through ‘Utilities’ or using a keyboard shortcut Ctrl+Alt+T.

• Editing Configuration File − After accessing the terminal, use any text editor such as nano or vim to open ‘/etc/vsftpd.conf’ file, which stores configuration settings for vsftpd daemon.

$ vim /et	c/vsftpd.conf

You can use any other text editor that you are comfortable with as well. Locate “#listen_port=21” line and uncomment it by removing “#” from beginning of this line.

#listen_port=21

Then change 21 with your desired port number (for example 3000).

listen_port=3000

• Restarting Service − After updating configuration file we need to restart vsftpd service so that it could use new ftp-port number instead of default one. Run below command to restart vsftpd service −

sudo systemctl restart vsftpd.service 

• Verifying Changes − Verify if changes have been made successfully or not, run below command −

sudo grep listen_port /etc/vsftpd.conf 

This command will output "listen_port=" if changes are successfully saved.

Common Issues and Troubleshooting Tips

Possible Issues That may Arise During or After Changing the FTP port

One of the most common issues that you may encounter while changing the FTP port in Linux is that your firewall may block the new port. This can happen if your firewall rules are not updated to allow traffic on the new port you have specified. In such a case, you will need to update your firewall rules to allow traffic on the new port.

You can do this by opening your firewall configuration file and adding a rule to allow traffic on the new port. Another issue that may arise when changing the FTP port is incorrectly editing configuration files.

This can happen if you accidentally make a typo or change something incorrectly while editing your configuration file. If this happens, it can cause errors in your FTP service, and it may not work as expected.

To avoid this issue, it is important to double-check any changes that you make to your configuration file before saving them. Additionally, sometimes even after making necessary changes in configuration files, some users experience issues with service failing to restart after changes made due to invalid syntax used while making changes.

Troubleshooting Tips for Resolving Common Issues

If you are facing any of these common issues while changing the FTP port in Linux, there are several troubleshooting tips that you can use to resolve them. First, if you find that your firewall is blocking traffic on the new port, check whether there is an existing rule for allowing traffic on FTP ports in general or specifically for Port 21 (default). If not then follow these instructions −

• Edit /etc/sysconfig/iptables

• Add a rule similar as below −

A INPUT -m state --state NEW -m tcp -p tcp --dport -j ACCEPT NOTE 

Replace with the port number you set as new FTP port

• Save and close the file and then restart your firewall for changes to take effect. −

Alternatively, if you are facing issues due to incorrect configuration file edits, you can try reverting your changes or updating the configuration file with correct syntax.

You can also check system logs to get a better understanding of what went wrong. In case of service failing to restart after changes made, it is important to double-check any syntax errors or typos in configuration files that might have gone unnoticed.

Additionally, make sure that there are no conflicting settings in your configuration files that may be causing the issue. If none of these methods work, it may be best to seek assistance from a professional Linux administrator.

Conclusion

In this article, we have covered the importance of changing the default FTP port in Linux, as well as the risks associated with using the default port. We explained step-by-step how to change the FTP port on a Linux system, and provided troubleshooting tips for common issues that may arise during or after making changes.

Changing default ports is an essential part of securing your system against potential attackers. By changing the default ports used by commonly targeted services like FTP, you can make it more difficult for attackers to gain access to your system and data. It's also important to stay vigilant about security by regularly monitoring logs for suspicious activity and keeping all software up-to-date.