In this post i will show how to install Very Secure FTP (Vsftpd) and how to configure ftp server in linux Red Hat Enterprise Linux 6 (RHEL 6). Vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It is secure and extremely fast and it is stable.
As an example I will install and configure the vsftpd server and will also transfer files from the clients running on the Windows XP command prompt.
-A linux server with ip address 192.168.1.43 running on RHEL 6 Operating system
-A window client with ip address 192.168.1.52 running on Windows XP Pro
-RHEL 6 server Running portmap/rpcbind and xinetd services
-Firewall and SElinux should be off on server
How to Install FTP Server in Linux ?
1. Install vsftpd, rpcbind and xinetd service using the following command :
# yum install vsftpd rpcbind xinetd -y
2. Check vsftpd, xinetd and rpcbind/portmap exist and installed on the server :
# rpm -qa vsftpd vsftpd-2.2.2-6.el6.i686 # rpm -qa xinetd xinetd-2.3.14-29.el6.i686 # rpm -qa rpcbind rpcbind-0.2.0-8.el6.i686
3. Make all these services auto start at boot :
# chkconfig vsftpd on # chkconfig xinetd on # chkconfig rpcbind on
4. Check the xinetd and rpcbind status :
# service xinetd status xinetd (pid 1326) is running... # service rpcbind status rpcbind (pid 1178) is running...
5. Create the a new user named ftpuser and set password :
# useradd ftpuser # passwd ftpuser Changing password for user ftpuser. New password: Retype new password: passwd: all authentication tokens updated successfully.
6. Login as ftpuser on other terminal and create a new files named “files”.
# su - ftpuser [ftpuser@rhel6 ~]$ cat > files This is file created on RHEL 6 ftp server
7. Start the vsftpd service :
# service vsftpd start Starting vsftpd for vsftpd: [ OK ]
8. Stop the iptables linux firewall and disabled selinux :
# service ip6tables stop ip6tables: Flushing firewall rules: [ OK ] ip6tables: Setting chains to policy ACCEPT: filter [ OK ] ip6tables: Unloading modules: [ OK ] # service iptables stop iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Unloading modules: [ OK ] # setenforce 0 setenforce: SELinux is disabled
How to Configure FTP Server in Linux ?
9. It’s good to make backup of your original configuration file.
[root@rhel6 ~]# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf-bak
10. login from user account and download the files :
D:\>ftp 192.168.1.43 Connected to 192.168.1.43. 220 (vsFTPd 2.2.2) User (192.168.1.43:(none)): ftpuser 331 Please specify the password. Password: 230 Login successful. ftp> get files 200 PORT command successful. Consider using PASV. 150 Opening BINARY mode data connection for files (42 bytes). 226 Transfer complete. ftp: 42 bytes received in 0.00Seconds 42000.00Kbytes/sec. ftp> quit 221 Goodbye.
11. Check the contain of downloaded files :
D:\>type files This is file created on RHEL 6 ftp server
12. By default root account is not allowed to login the vsftpd server as it’s exist in /etc/vsftpd/ftpusers.
D:\>ftp 192.168.1.43 Connected to 192.168.1.43. 220 (vsFTPd 2.2.2) User (192.168.1.43:(none)): root 530 Permission denied. Login failed. ftp>
13. Open /etc/vsftpd/ftpusers file. Remove or comment out the line for user “root” and add “ftpuser” instead. Users whose name are set in this file will not allowed to login from ftp.
[root@rhel6 ~]# vi /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp #root ftpuser bin daemon adm lp sync shutdown halt mail news uucp operator games nobody
14. Open /etc/vsftpd/user_list file. Remove or comment out entry in /etc/vsftpd/user_list files. Remove or comment out the line for user “root” and add “ftpuser” instead. Users whose names are set in this file are also not allowed to login from ftp even they are not prompt for password.
# vi /etc/vsftpd/user_list
# vsftpd userlist # If userlist_deny=NO, only allow users in this file # If userlist_deny=YES (default), never allow users in this file, and # do not even prompt for a password. # Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers # for users that are denied. #root ftpuser bin daemon adm lp sync shutdown halt mail news uucp operator games nobody
15. Root now allowed to access ftp server :
D:\>ftp 192.168.1.43 Connected to 192.168.1.43. 220 (vsFTPd 2.2.2) User (192.168.1.43:(none)): root 331 Please specify the password. Password: 230 Login successful. ftp> quit 221 Goodbye.
16. ftpuser now not allowed to access ftp server :
D:\>ftp 192.168.1.43 Connected to 192.168.1.43. 220 (vsFTPd 2.2.2) User (192.168.1.43:(none)): ftpuser 530 Permission denied. Login failed. ftp>
17. How to set login banner for ftp server :
Open /etc/vsftpd/vsftpd.conf look for “ftpd_banner” :
# vi /etc/vsftpd/vsftpd.conf
Uncomment ftpd_banner and customize the login banner string as below :
# You may fully customise the login banner string: ftpd_banner=Welcome to eHowStuff.com RHEL6 FTP server #
18 Restart the ftp service :
# service vsftpd restart Shutting down vsftpd: [ OK ] Starting vsftpd for vsftpd: [ OK ]
19. Try login to ftp server. Check the banner, it will appear before user login as below :
D:\>ftp 192.168.1.43 Connected to 192.168.1.43. 220 Welcome to eHowStuff.com RHEL6 FTP server User (192.168.1.43:(none)):
If you encounter any issues on how to configure ftp server in linux, you can put a few questions in the comments below.
2 Comments
Hi thanks for sharing this.
im having problems setting up vsftpd for a management server to support my cisco routers and switches infrastructure, the problem is that when trying to connect to the vsftpd server it asks for a username and password, which iv configured to be anonymous, but cisco does not support authentication, it just needs an ftp with no login requirements, can you please tell me how can i do this?
This is the output of one of my routers after attempting to login into the vsftpd server:
R1#copy ftp: running-config
Address or name of remote host []? 192.168.1.131
Source filename []? running-config
Destination filename [running-config]?
Accessing ftp://192.168.1.131/running-config…
%Error opening ftp://192.168.1.131/running-config (Incorrect Login/Password)
R1#
best regards,
NL
i have facing “10. login from user account and download the files :”
1,) login from which user? root, ftpuser or normal user?
2.) where to put “D:\>ftp 192.168.1.43” ?
or use what to operate it ? terminal, browser or windows explorer?
3) the ip “192.168.1.43” is my local ip address?
really looking for help