Setting up and Configuring FTP server (VSFTP) in Linux

FTP is short for File Transfer Protocol. FTP is used to transfer file from one computer to another over any type of network. An FTP server can receive traffic over FTP protocol and allow transfer of files.

We are using VSFTP for our FTP server. VSFTP stands for Very Secure FTP server. We have used Fedora based system for purpose of installation. Similar method will apply to Red hat / SUSE

Installing FTP sever

Installing FTP server will require to use command dnf

Syntax

dnf -y install vsftpd

Once installed you will have start vsftp manually

Start vsftpd and configuring start-up at boot

Syntax

systemctl start vsftpd

In order to ensure vsftpd start automatically at time of restart use command

Syntax

systemctl enable vsftpd

Configuring Firewall to enable vsftpd

If you are using firewall, then you must configure it to allow ftp server communication.

Allow FTP service on firewall using below command

Syntax

firewall-cmd --add-service=ftp –permanent

Next allow FTP communication port to communicate through firewall. Assuming you have configured Passive FTP server with range 31000-31010.

Syntax

firewall-cmd --add-port=31000-31010/tcp –permanent

Finally reload your new rules

Syntax

firewall-cmd --reload

Allow anonymous user login to vsftpd server

Allowing anonymous user in vsftpd server involves multiple steps – creation of folder for sharing ftp contents and configuring anonymous access.

Create folder for sharing files on ftp

First create folder for sharing files using ftp

Syntax

mkdir -p /ftp/shared/

Now set permissions of folder so as

Syntax

sudo chown nobody:nogroup /ftp/shared/

After this step copy or create any file in this folder for later testing.

Allowing anonymous in vsftpd configuration file

Open vsftpd configuration file, go to below configuration line and set it to yes.

anonymous_enable=YES

Also disable local user login

local_enable=NO

Folder created earlier in marked as anonymous root folder changing below configuration

anon_root=/ftp/shared

restart your ftp services

Syntax

sudo systemctl restart vsftpd

Allow user-based access to vsftpd server

Here we will enable ftp server to enable user access based on user list given in /etc/vsftpd.userlist .

First enable user list, for this following configuration need to be changed from YES to NO

userlist_deny=NO

Second enable user list, for this make below change in configuration

userlist_enable=YES

Final configuration should look like

userlist_enable=YES         
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO

Now if you want user to be in chroot jail to their default home directory, i.e they will not be able to access files above this directory in hierarchy.  To change this make following changes in configuration file

 chroot_local_user=YES

Also, you can give write access to user by changing

allow_writeable_chroot=YES

Save the file and restart vsftpd services

Restart vsftpd services

Synatx

systemctl restart vsftpd