CentOS Linux Server Guide

CentOS Linux FTP Server

Setup FTP Sever (VSFTPD)

Setting vsftpd just involved a few simple steps. First of all, we must check if the vsftpd already installed at our system. If your system already installed vftpd, by entering the "rpm -qa | grep vsftpd" command, you should see the version and the package name installed as below.

Step1 : Install vsftpd package

rpm -qa | grep vsftpd
vsftpd-2.0.5-12.el5

If there is no package vsftpd package installed.

we can either run the vsftpd installation

(Option A) via CentOS installation media as below

cd /media/dvd/CentOS/
rpm -qip vsftpd-2.0.5-12.el5.i386.rpm
warning: vsftpd-2.0.5-12.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID e8 562897
Name : vsftpd Relocations: (not relocatable)
Version : 2.0.5 Vendor: CentOS
Release : 12.el5 Build Date: Sat 24 May 2008 12:05:45 PM EDT
Install Date: (not installed) Build Host: builder16.centos.org
Group : System Environment/Daemons Source RPM: vsftpd-2.0.5-12.el5.src. rpm
Size : 289673 License: GPL
Signature : DSA/SHA1, Sat 14 Jun 2008 07:41:45 PM EDT, Key ID a8a447dce8562897
URL : http://vsftpd.beasts.org/
Summary : vsftpd - Very Secure Ftp Daemon
Description :
vsftpd is a Very Secure FTP daemon. It was written completely from scratch.

rpm -iUvh vsftpd-2.0.5-12.el5.i386.rpm
warning: vsftpd-2.0.5-12.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID e8562897
Preparing... ########################################### [100%]
1:vsftpd ########################################### [100%]

rpm -qa vsftpd
vsftpd-2.0.5-12.el5

(option B) via installing the vsftpd packager from internet using "yum install command". The following "yum -y install" means assume that the answer to any question which would be asked during yum installation operation

yum -y install vfstpd

Step2 : Start the vsftp daemon/service

First we start the vsftpd daemon using "service vsftpd start" command". Next we want the vsftpd service/daemon started in level 3,4, and 5 by using "chkconfig vsftpd on". You can check the services "chkconfig --list" and ftp port status using "netstat -anp" command.

Below example, show the vsftpd is started and port is licensing at 21

service vsftpd start
Starting vsftpd for vsftpd: [ OK ]

chkconfig vsftpd on
chkconfig --list vsftpd
vsftpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

netstat -anp | grep vsftpd
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 10203/vsftpd

you can do further test, just to test if the vstpd service is start and running. Let us stop the iptables for a while. Take note that we are using "root" to access ftp and it returen permission denied. why? because root account is not allowd to login vsftpd b y default.

service iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]

ftp 127.0.0.1
Connected to 127.0.0.1.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): root
530 Permission denied.
Login failed.
ftp>

Now, let us try on another machine (a Windows 7 machine). The following example, we are using jane account to login and showing her current directory using "pwd" (default directory for user is /home/user)

C:\Users\OptNote>ftp 192.168.13.145
Connected to 192.168.13.145.
220 (vsFTPd 2.0.5)
User (192.168.13.145:(none)): jane
331 Please specify the password.
Password:
230 Login successful.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
Desktop
226 Directory send OK.
ftp: 9 bytes received in 0.00Seconds 9.00Kbytes/sec.
ftp> pwd
257 "/home/jane"
ftp>

Step3 : Configure vsftpd configuration file (/etc/vsftpd/vsftpd.conf)

Now, let us customize the setting for vsftpd service. The configuration of vsftpd is stored at /etc/vsftpd/vsftpd.conf.

vim /etc/vsftpd/vsftpd.conf

Most are default settings are perfectly configured. We are only need to focus 5 lines of configuration here. The configuration format for vsftpd.conf is very simple. It look this:-

configuration category = Value [YES or NO]

# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=YES
# Uncomment this to enable any form of FTP write command.
write_enable=YES

# Activate logging of uploads/downloads.
xferlog_enable=YES

# Uncomment this to allow local users to log in.
local_enable=YES

# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES

Basically, these are the areas that you need to focus on the vsftpd configuration, please read further on security chapter to tighten down vsftpd services.

Back to CentOS Linux FTP

All trademarks are the property of their respective owners.