Setting up FTP server via VSFTPD

by tux
3 min read
5 Comments

* Setting up ftp via vsftpd in linux

The VSFTPD (Very Secure FTP Server Deamon) is one of the most commonly used FTP servers under Linux and comes with most Linux distributions.

This article will help you install and configure vsftpd in Linux. (sample OS used is a Red-hat based distribution)

GOALS:

* to create a secure ftp server
* to create an ftp user chrooted or jailed in a certain directory (sample use is an apache directory wherein you can limit users or your developers to just upload to a restricted folder)

procedures and actual simulation as follows:

A. INSTALLATION

#yum install vsftpd

Loaded plugins: refresh-packagekit
updates                                                  | 3.4 kB     00:00
updates/primary_db                                       | 4.0 MB     00:10
fedora                                                   | 2.8 kB     00:00
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
–> Running transaction check
—> Package vsftpd.i386 0:2.0.7-2.fc10 set to be updated
updates/filelists_db                                                                                   | 7.3 MB     00:18
fedora/filelists_db                                                                                    |  11 MB     00:24
–> Finished Dependency Resolution
Dependencies Resolved
======================================================================================================
Package                     Arch                      Version                             Repository                    Size
======================================================================================================
Installing:
vsftpd                      i386                      2.0.7-2.fc10                        updates                      145 k

Transaction Summary
======================================================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 145 k
Is this ok [y/N]:y

Downloading Packages:
vsftpd-2.0.7-2.fc10.i386.rpm                                                                              | 145 kB     00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing     : vsftpd                                                                                                    1/1
Installed:
vsftpd.i386 0:2.0.7-2.fc10
Complete!

B. Edit configuration file (self-explanatory)

# vi /etc/vsftpd/vsftpd.conf

Here’s the important line that you need to modify:

# Turn off anonymous users
anonymous_enable=NO

# Turn on local users
local_enable=YES

# Users should be able to write
write_enable=YES

# chroot everyone
chroot_local_user=YES

#create userlist
userlist_file=/etc/vsftpd/vsftpd.userlist

C.  Create ftp acct (example create ftp user darwin)

# useradd -d /home/Sites/ -s /sbin/nologin darwin
# passwd darwin

D.    Add it on the vsftpd service userlist

# vi /etc/vsftpd/vsftpd.userlist

Add the ftp name pmorris, This will be the output once included:

# cat /etc/vsftpd/vsftpd.userlist
darwin

E. Add an FTP group e.g. ftpusers

#groupadd ftpusers

Example directory where we will jail the ftp users: /home/Sites

F. Change the ownership of the directory. e.g. root: ftpusers

/home/Sites folder ownership is currently set to root:ftpusers with permission 775 (meaning all FTP users should be in the GROUP “ftpusers”, and it has a GROUP read-write-execute) permission
drwxrwxr-x 13 root      ftpusers   4096 Jan 28 15:23 Sites

G. Add the ftpuser in the ftpusers group

#vi /etc/group

This will be the output once included:
ftpusers:x:502:darwin

Alternatively: you can use the command

#usermod -G ftpusers darwin

Testing:
Using your favorite FTP client such as FileZilla FTP or via CLI , you can test the functionality by uploading, deleting or creating folders on it.

————————————————————————————————————————
[root@darwin ~]# ftp ip.of.the.server
Connected to ip.of.the.server (ip.of.the.server).
220 (vsFTPd 2.0.5)
Name (ip.of.the.server:root): darwin
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> bin
200 Switching to Binary mode.
ftp> bye
221 Goodbye.

* this was tested in RPM-based distro such as CentOS,Fedora Core & RHEL

About the author

tux

View all posts

5 Comments

  • Pingback: Installing vsftpd FTP server on Ubuntu | Programming Notes

  • My Konsole in Mint 13 KDE did not recognize the following “F” command in your list of changes: drwxrwxr-x 13 root ftpusers 4096 Jan 28 15:23 Sites, which I’m not sure is actually a command but what to do? Any help would be appreciated.
    Dolphinman

  • Pingback: Configure a ftp server in unix | Unix Administration Blog

  • Hi
    What is the default ftp folder ? ( where files to be downloaded are stored)
    example /var/www/html for http.
    is there anyway to change that folder can be changed inside vsftpd.conf.
    Thanks in advance

  • @TINO
    Usually, default FTP directory would be /var/ftp . Pls. check your vsftpd.conf and see what’s configured.

    grep -i ‘/var/ftp’ /etc/vsftpd.conf

    Or you try to change it by modifying/adding this on your vsftpd.conf

    anon_root = (directory path)

Leave a Reply