FTP is short for File Transfer Protocol. FTP is used to transfer file from one computer to another over any type of network. An FTP server can receive traffic over FTP protocol and allow transfer of files.
We are using VSFTP for our FTP server. VSFTP stands for Very Secure FTP server. We have used Fedora based system for purpose of installation. Similar method will apply to Red hat / SUSE
Installing FTP sever
Installing FTP server will require to use command dnf
Syntax
dnf -y install vsftpd
Once installed you will have start vsftp manually
Start vsftpd and configuring start-up at boot
Syntax
systemctl start vsftpd
In order to ensure vsftpd start automatically at time of restart use command
Syntax
systemctl enable vsftpd
Configuring Firewall to enable vsftpd
If you are using firewall, then you must configure it to allow ftp server communication.
Allow FTP service on firewall using below command
Syntax
firewall-cmd --add-service=ftp –permanent
Next allow FTP communication port to communicate through firewall. Assuming you have configured Passive FTP server with range 31000-31010.
Syntax
firewall-cmd --add-port=31000-31010/tcp –permanent
Finally reload your new rules
Syntax
firewall-cmd --reload
Allow anonymous user login to vsftpd server
Allowing anonymous user in vsftpd server involves multiple steps – creation of folder for sharing ftp contents and configuring anonymous access.
Create folder for sharing files on ftp
First create folder for sharing files using ftp
Syntax
mkdir -p /ftp/shared/
Now set permissions of folder so as
Syntax
sudo chown nobody:nogroup /ftp/shared/
After this step copy or create any file in this folder for later testing.
Allowing anonymous in vsftpd configuration file
Open vsftpd configuration file, go to below configuration line and set it to yes.
anonymous_enable=YES
Also disable local user login
local_enable=NO
Folder created earlier in marked as anonymous root folder changing below configuration
anon_root=/ftp/shared
restart your ftp services
Syntax
sudo systemctl restart vsftpd
Allow user-based access to vsftpd server
Here we will enable ftp server to enable user access based on user list given in /etc/vsftpd.userlist .
First enable user list, for this following configuration need to be changed from YES to NO
userlist_deny=NO
Second enable user list, for this make below change in configuration
userlist_enable=YES
Final configuration should look like
userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO
Now if you want user to be in chroot jail to their default home directory, i.e they will not be able to access files above this directory in hierarchy. To change this make following changes in configuration file
chroot_local_user=YES
Also, you can give write access to user by changing
allow_writeable_chroot=YES
Save the file and restart vsftpd services
Restart vsftpd services
Synatx
systemctl restart vsftpd