How to configure FTP server on CentOS 8 using VSFTPD

What is FTP?

FTP (File Transfer Protocol) is a client-server network protocol that allows users to exchange files with remote computers.

FTP uses plain text to transfer data and access it. For the Linux operating system platform, several different open source FTP servers are available. The most commonly used FTP servers are VSFTPD, ProFTPD and PureFTPD. FTP uses port 21 for communication and port 20 for data transfer. In passive mode, additional ports are used.

In this tutorial, we will learn how to install and configure VSFTPD. It is very safe, stable and available in the CentOS 8 repository.

Install VSFTP FTP Server

To install the VSFTPD package on CentOS 8, open a terminal or connect to the server via SSH as root and enter the following command:

# dnf install –y vsftpd

After installing the package, start and enable the VSFTPD service with the following command:

# systemctl enable vsftpd
# systemctl start vsftpd

Enable FTP Service

Start the ftp service

Take a copy of the original configuration file /etc/vsftpd/vsftpd.conf by entering the following command:

# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bk

Back up the original configuration file

Now edit the configuration file using the following command:

# vim /etc/vsftpd/vsftpd.conf

Edit the configuration file with vim

Locate and install the following directives:

anonymous_enable=NO # disable anonymous users(Unknown users)
local_enable=YES # allow local users
write_enable=YES # allow ftp write commands
local_umask=022 # set default umask
dirmessage_enable=YES # enable messages on change directory
xferlog_enable=YES # enable logging of uploads and downloads
connect_from_port_20=YES # ensure PORT transfer connections from port 20 xferlog_std_format=YES # keep standard log format
listen=NO # prevent vsftpd run in stand-alone mode
listen_ipv6=YES # allow vsftpd to listen on IPv6 socket
pam_service_name=vsftpd # set PAM Service name to vsftpd

Configure user list on FTP server

By default, all users who are in user_list file is in / Etc. / Vsftpd / user_list are located permitted use FTP services.

To limit users to Environmentuse the following directives:

chroot_local_user=YES # Create chrooted environment for users
allow_writeable_chroot=YES # Allow write permission to a user on chroot jail directory

To restrict a user to their home directory, use the following directives:

userlist_enable=YES # enable vsftpd to load usernames
userlist_deny=NO # allow access to users in the user list

If you want to share our system, add this directive to your configuration file:

chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list #users in this file list have an overall access

Save and close the configuration file.

Now create chroot_list under / Etc. / Vsftpd / directory using the following command:

# touch /etc/vsftpd/chroot_list

Chroot FTP Users

Only add users to the list that you want to share on the system.

Create a user to access FTP services

To create a user to use the FTP service, use the following command:

# useradd user1
# passwd user1

Add this user to user_list To restrict the user to his home directory, use the following command:

# vim /etc/vsftpd/user_list

A type “I am”To insert and enter this username as shown:

Create FTP User

Press ESC and enter : WQ! to save the file.

If you want to share a system with a specific user, add that user to / Etc. / Vsftpd / chroot_list.

Restart VSFTPD Service:

# systemctl restart vsftpd

Apply configuration changes

Check the status of the FTP service with the following command:

# systemctl status vsftpd

Check FTP Service Status

Configure Firewall for FTP

To enable the FTP service through the firewall, use the following command:

# firewall-cmd - - add-service = ftp - - permanent
# firewall-cmd - - reload

Configure firewalld for FTP

Apply Firewall Configuration Changes

Testing FTP Server with Windows Machine

Client software is required to connect to the FTP server. Most Used FTP Software Filezilla, WinSCP, etc. I am using FileZilla to connect.

Open the FTP client software, enter the following data to connect:

master -> IP address or host name.

Username: FTP username (in my case, this is user1)

password

Port: 21

Check FTP Connection

After a successful connection, you can upload / download files according to your needs.

FTP connection tested successfully

Conclusion

In this tutorial, we learned how to set up an FTP server on Centos 8, how to restrict users to their home directory, and how to give them read / write access. We also saw how to give a specific user access to the system.

How to configure FTP server on CentOS 8 using VSFTPD

Sidebar