How to Install Linux FTP Server using Vsftpd

Vsftpd stands for Very Secure FTP Daemon. Vsftpd is not just another popular Unix / Linux FTP Server, but vsftpd delivering outstanding performance by taking less memory. It is running under xinetd and allows you run one process less because xinetd is shared among various other small services. For those webmasters or blogger who intend to run web server on Virtual Private Server (VPS) or Dedicated Server, Vsftpd would be the best choice. It is easy to install and can perform all that we expect from an FTP daemon while maintaining a higher level of security if configured properly. This article focuses on and covers the installation and configuration of the FTP server Vsftpd on CentOS Linux VPS.

1. Installing Linux FTP Server, vsftpd using yum command :

# yum install vsftpd -y

2. Makesure that xinetd has been installed :

# rpm -qa xinetd

If not installed, execute the following command :

# yum install xinetd -y

3. Make xinetd and Vsftpd daemon start at boot :

# chkconfig vsftpd on
# chkconfig xinetd on

4. It is recommended to do backup of your original configuration file, before do changes :

# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf-bak

5. Configure Vsftpd :

# vi /etc/vsftpd/vsftpd.conf

a) Uncomment ftpd_banner and customize the login banner string as below :

# You may fully customise the login banner string:
ftpd_banner=Welcome to Linux FTP service.
#

b) This step is to configure not allowed users. By default root account is not allowed to login the vsftpd server as it’s existed on /etc/vsftpd/ftpusers. To allow it, open /etc/vsftpd/ftpusers files and remove or comment on the line of a user “root”. Users whose name are set in this file will not allow to login from ftp.

# cat /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody

6. Test root login from windows command prompt at client PC using user, ehowstuff :

C:\>ftp 192.168.2.54
Connected to 192.168.2.54.
220 Welcome to Linux CentOS FTP service.
User (192.168.2.54:(none)): ehowstuff
331 Please specify the password.
Password:
230 Login successful.
ftp>

If you encounter any issues when setting up linux ftp server, you can put a few questions in the comments below.

linux ftp server

Credit : www.unixmen.com

 

How to Setup VsFTPD Service with SSL/TLS on Linux CentOS 7 / RHEL 7 / Oracle Linux 7

Setup VsFTPD service

If you have your own dedicated server or virtual private server (VPS) that run in linux operating system to host your website or blog, it is recommended to install and setup ftp Service in order to facilitate the transfer of files and update your website. Among the well-known FTP software is VsFTPD.

VsFTPD means “Very Secure FTP Daemon” is the free FTP for Linux and UNIX operating systems, which are very stable, fast and safe to use even if the server is in the internet.

Is ftp secure ?

Any server in the internet is vulnerable to intruders that may spying on data transfer and steal confidential information such as id and password if encryption is not configured.

In this article, I will share the basic steps to setup VsFTPD service with SSL/TLS encryption on CentOS 7, RHEL 7 and Oracle Linux 7 operating system.

Steps to Setup VsFTPD Service with SSL/TLS

1. Install and setup VsFTPD Service :

# yum install vsftpd -y

2. Add ftp user :

# useradd user1
# passwd user1
Changing password for user user1.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

3. Now Edit VsFTPd configuration file /etc/vsftpd/vsftpd.conf :

Enable the following :

..
..
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
# When SELinux is enforcing check for SE bool ftp_home_dir
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
..
..

Optionaly. you can customize the banner :

..
..
# You may fully customise the login banner string:
ftpd_banner=Welcome to ehowstuff FTP service.
..
..

4. Create ssl and private directory :

# mkdir -p /etc/vsftpd/ssl
# mkdir -p /etc/vsftpd/ssl/private/

5. Create a SSL certificate using on of following command :

# openssl req -x509 -nodes -days 720 -newkey rsa:2048 -keyout /etc/vsftpd/ssl/private/vsftpd.key -out /etc/vsftpd/ssl/vsftpd.pem

You will be prompted with a series of question, which you answer as they appear :

Example :

# openssl req -x509 -nodes -days 720 -newkey rsa:2048 -keyout /etc/vsftpd/ssl/private/vsftpd.key -out /etc/vsftpd/ssl/vsftpd.pem
Generating a 2048 bit RSA private key
......................+++
..........................+++
writing new private key to '/etc/vsftpd/ssl/private/vsftpd.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:MY
State or Province Name (full name) []:Malaysia
Locality Name (eg, city) [Default City]:Kuala Lumpur
Organization Name (eg, company) [Default Company Ltd]:ehowstuff
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:centos7
Email Address []:admin@ehowstuff.local

6. Assign the permission :

# chmod 400 /etc/vsftpd/ssl/vsftpd.pem
# chmod 400 /etc/vsftpd/ssl/private/vsftpd.key

7. Edit vsftpd configuration file /etc/vsftpd/vsftpd.conf. Specify the location of our certificate and key files then add the following line at the bottom of vsftpd.conf :

..
..
# Add follows to the bottom
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES

ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/ssl/vsftpd.pem
rsa_private_key_file=/etc/vsftpd/ssl/private/vsftpd.key

8. Stop and Start VsFTPD Service and make it auto start at boot :

# systemctl stop vsftpd
# systemctl start vsftpd
# systemctl enable vsftpd

9. Check VsFTPD status :

# systemctl status vsftpd
vsftpd.service - Vsftpd ftp daemon
   Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; enabled)
   Active: active (running) since Sat 2014-12-13 10:31:30 MYT; 34s ago
  Process: 20864 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
 Main PID: 20865 (vsftpd)
   CGroup: /system.slice/vsftpd.service
           ââ20865 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf

Dec 13 10:31:30 centos7.ehowstuff.local systemd[1]: Starting Vsftpd ftp daemon...
Dec 13 10:31:30 centos7.ehowstuff.local systemd[1]: Started Vsftpd ftp daemon.

10. From client PC, open filezilla and connect to your server and enter info, for encryption field, select “explicit FTP over TLS”.
vsftpd-centos7-1

Click the check box “Always trust certificate in the future sessions.” Then clik OK to proceed.
vsftpd-centos7-2

I hope this article gives you some ideas and essential guidance on how to setup VsFTPD service with SSL/TLS encryption on CentOS 7, RHEL 7 and Oracle Linux 7 operating system.

Resources :

How to Install and Configure vsftpd FTP Server on Ubuntu 14.04

The File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one machine to another machine or server. If you plan to manage your own virtual private server (VPS) or dedicated server to host your blog or website, i would suggest you install ftp service. It will be easy for you to retrieved and upload any files to the VPS server. This post describes the steps to install and configure vsftpd FTP Server on Ubuntu 14.04.

1. Install vsftpd FTP service :

ehowstuff@ubuntu14:~$ sudo apt-get install vsftpd -y

2. Open vsftpd.conf and uncomment the following :

ehowstuff@ubuntu14:~$ sudo vi /etc/vsftpd.conf

Uncomment below and add two last line :

..
write_enable=YES
..
ascii_upload_enable=YES
ascii_download_enable=YES
..
chroot_local_user=YES
chroot_list_enable=YES
..
chroot_list_file=/etc/vsftpd.chroot_list
..
ls_recurse_enable=YES
..
local_root=public_html
seccomp_sandbox=NO

3. Allow user to access their home directory :

ehowstuff@ubuntu14:~$ sudo vi /etc/vsftpd.chroot_list

Add ehowstuff :

ehowstuff

4. Restart vsftpd to take afffect :

ehowstuff@ubuntu14:~$ sudo initctl restart vsftpd
vsftpd start/running, process 1988

5. Verify the ftp port listening or not :

ehowstuff@ubuntu14:~$ telnet localhost 21
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 (vsFTPd 3.0.2)
^]
telnet> quit

6. Test from Windows Client :

D:\>ftp 192.168.0.114
Connected to 192.168.0.114.
220 (vsFTPd 3.0.2)
User (192.168.0.114:(none)): ehowstuff
331 Please specify the password.
Password:
230 Login successful.
ftp> pwd
257 "/home/ehowstuff/public_html"
ftp>

Thats all.

 

Setup vsftpd Service on CentOS 6.5

vsftpd is a free FTP service for UNIX and linux systems. It is very stable, fast and secure ftp server. In this post, i will share how to setup sftpd Service on CentOS 6.5. The steps has been tested working fine with other version of CentOS 6.

1. Install vsftpd ftp service :

[root@server-05 ~]# yum install vsftpd -y

Example :

[root@server-05 ~]# yum install vsftpd -y
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.upsi.edu.my
 * extras: mirror.upsi.edu.my
 * updates: mirror.upsi.edu.my
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package vsftpd.x86_64 0:2.2.2-11.el6_4.1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================
 Package              Arch                 Version                         Repository          Size
====================================================================================================
Installing:
 vsftpd               x86_64               2.2.2-11.el6_4.1                base               151 k

Transaction Summary
====================================================================================================
Install       1 Package(s)

Total download size: 151 k
Installed size: 331 k
Downloading Packages:
vsftpd-2.2.2-11.el6_4.1.x86_64.rpm                                           | 151 kB     00:03
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : vsftpd-2.2.2-11.el6_4.1.x86_64                                                   1/1
  Verifying  : vsftpd-2.2.2-11.el6_4.1.x86_64                                                   1/1

Installed:
  vsftpd.x86_64 0:2.2.2-11.el6_4.1

Complete!

2. Install ftp client on linux :

[root@server-05 ~]# yum install ftp -y

3. Create local user1 to access ftp service.

[root@server-05 ~]# useradd user1
[root@server-05 ~]# passwd user1
Changing password for user user1.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

4. Add user1 into vsftpd userlist as below :

[root@server-05 ~]# vi /etc/vsftpd/user_list
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
user1

5. Disabled anonymous access:

anonymous_enable=YES

to below :

anonymous_enable=NO

6. Add the following to bottom of the config file. If userlist_deny=NO, only allow users in this file :

userlist_deny=NO

7. Update the following banner :

ftpd_banner=Welcome to ehowstuff FTP service.

8. Start vsftpd service :

[root@server-05 ~]# service vsftpd start
Starting vsftpd for vsftpd:                                [  OK  ]

9. Configure vsftpd daemon start automatically on booting :

[root@server-05 ~]# chkconfig vsftpd on

10. Test ftp service connection from windows client using user1 :


C:\>ftp 192.168.0.5
Connected to 192.168.0.5.
220 Welcome to ehowstuff FTP service.
User (192.168.0.5:(none)): user1
331 Please specify the password.
Password:
230 Login successful.
ftp> bye
221 Goodbye.

11. Test ftp service connection from linux client using user1 :

[root@server-05 ~]# ftp 192.168.0.5
Connected to 192.168.0.5 (192.168.0.5).
220 Welcome to ehowstuff FTP service.
Name (192.168.0.5:root): user1
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> exit
221 Goodbye.