How To Configure vsftpd Linux FTP Server In Redhat/Centos/Fedora

In this article, we are going to learn How To Configure vsftpd Linux FTP Server In Redhat/Centos/Fedora. Vsftpd stands for Very Secure File Transfer Protocol is an FTP Server used to transfer data over the network securely. The port number of Vsftpd Server is 21. Vsftpd Linux FTP Server is available for all Linux distros like Redhat, Debian, Ubuntu, etc.

How To Configure vsftpd Linux FTP Server In Redhat/Centos/Fedora

How To Configure vsftpd Linux FTP Server In Redhat/Centos/Fedora

Follow the below steps to Configure vsftpd Linux FTP Server In Redhat/Centos/Fedora:

Step: 1 Install Package for Linux FTP Server (Vsftpd Server)

Before we start the configuration of Vsftpd Linux FTP Server we have to install the required packages. To do so refer the below command.

[root@localhost ~]# yum -y install vsftpd   # Install Vsftpd Linux FTP Server Package
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
 * base: centos-hcm.viettelidc.com.vn
 * extras: centos-hcm.viettelidc.com.vn
 * updates: centos.excellmedia.net
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package vsftpd.x86_64 0:2.2.2-24.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================
 Package                       Arch                          Version                             Repository                   Size
===================================================================================================================================
Installing:
 vsftpd                        x86_64                        2.2.2-24.el6                        base                        156 k

Transaction Summary
===================================================================================================================================
Install       1 Package(s)

Total download size: 156 k
Installed size: 340 k
Downloading Packages:
vsftpd-2.2.2-24.el6.x86_64.rpm                                                                              | 156 kB     00:01     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : vsftpd-2.2.2-24.el6.x86_64                                                                                      1/1 
  Verifying  : vsftpd-2.2.2-24.el6.x86_64                                                                                      1/1 

Installed:
  vsftpd.x86_64 0:2.2.2-24.el6                                                                                                     

Complete!

To confirm the Package installation we can use rpm -qa command. Refer to the command below.

[root@localhost ~]# rpm -qa | grep vsftpd   # Confirm the Package Installation
vsftpd-2.2.2-24.el6.x86_64

After vsftpd package installation, we have to check the required file locations of Vsftpd Linux FTP Server like main configuration file Location i.e. vsftpd.conf, vsftpd user’s restriction configuration files and many more.

[root@localhost ~]# rpm -ql vsftpd   # Query the Files & Directory location of Installed Package
/etc/logrotate.d/vsftpd
/etc/pam.d/vsftpd
/etc/rc.d/init.d/vsftpd   # Used to Start/Stop/Restart vsftpd service
/etc/vsftpd
/etc/vsftpd/ftpusers   # Used to Restrict User from Login Vsftpd Server
/etc/vsftpd/user_list  # Allow/DisAllow Users from Login Vsftpd Server
/etc/vsftpd/vsftpd.conf   # Main Configuration File of Linux FTP Server
/etc/vsftpd/vsftpd_conf_migrate.sh
/usr/sbin/vsftpd   # Binary File
/var/ftp
/var/ftp/pub   # Default Document Directory

Step: 2 Start the Vsftpd Service

Start the Vsftpd Linux FTP Server service using the below command.

[root@localhost ~]# /etc/init.d/vsftpd start   # Start the Vsftpd Service
Starting vsftpd for vsftpd:                                [  OK  ]

We have to start the Vsftpd service at system startup otherwise when we restart the system, again we have to start the service manually. So we can start the service at startup using chkconfig command. Refer to the command below.

[root@localhost ~]# chkconfig --level 35 vsftpd on   # Start the Vsftpd service at startup

[root@localhost ~]# chkconfig --list vsftpd   # Confirm the Startup Setting
vsftpd          0:off   1:off   2:off   3:on      4:off   5:on      6:off

Step : 3  Configure Vsftpd Linux FTP Server

Note: Restart the Vsftpd Service after every change to take effect using the below command.

[root@localhost ~]# /etc/init.d/vsftpd restart
Shutting down vsftpd:                                      [  OK  ]
Starting vsftpd for vsftpd:                                [  OK  ]

Now let’s understand some very important syntax of Vsftpd Linux FTP Server. One of the most important and useful syntax is anonymous_enable.

We have two anonymous users in Linux i.e. FTP and anonymous. If you want to allow the vsftpd server to login by using anonymous users then just edit the /etc/vsftpd/vsftpd.conf file and search for anonymous_enable and set as anonymous_enable=YES. Refer to the Sample Output below.

Note: Password for anonymous users i.e. FTP and anonymous is BLANK. BLANK in the sense there is no password for both users So just press enter while asking for Password.

[root@localhost ~]# nano /etc/vsftpd/vsftpd.conf   # Edit the Vsftpd Linux FTP Server Main Configuration File

anonymous_enable=YES   # Allowing to Login Vsftpd Server using Anonymous Users

Restart the Vsftpd Service using the below command to effect the changes.

[root@localhost ~]# /etc/init.d/vsftpd restart  # Restart the Vsftpd Service
Shutting down vsftpd:                                      [  OK  ]
Starting vsftpd for vsftpd:                                [  OK  ]

Now let’s try login using anonymous users i.e. FTP & anonymous. Refer to the Sample Output below.

[root@localhost ~]# ftp localhost   # Logging in using "ftp" User
Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:root): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> bye
221 Goodbye.

[root@localhost ~]# ftp localhost   # Logging in using anonymous User
Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:root): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> bye
221 Goodbye.

Now If you want to Disable login anonymous users then just use the syntax anonymous_enable=NO. and with that, you have allowed another syntax i.e. local_enable=YES so that Local users can be able to log in the Vsftpd Linux FTP Server. Refer to the sample output below.

[root@localhost ~]# nano /etc/vsftpd/vsftpd.conf 

anonymous_enable=NO  # Disable Login Anonymous Users
local_enable=YES  # Allow Login Local Users

Restart the Vsftpd Service after saving changes.

Here I have a User named helpdesk. So let’s try to log in the Vsftpd Linux Server using the helpdesk.

[root@localhost ~]# ftp localhost
Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:root): helpdesk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.

if you set local_enable=NO with anonymous_enable=NO then you will get the below error message.

[root@localhost ~]# ftp localhost
Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
500 OOPS: vsftpd: both local and anonymous access disabled!

To control user’s login to Vsftpd Linux FTP Server we have two useful files i.e. /etc/vsftpd/user_list and /etc/vsftpd/ftpusers. So let’s understand the uses of both files.

  • /etc/vsftpd/ftpusers : The user’s added in this file will not allow login via FTP. For Example, I have added one of my user i.e. helpdesk. Now let’s try to log in via FTP using the helpdesk.
[root@localhost ~]# nano /etc/vsftpd/ftpusers  

# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
helpdesk

As you can see below I am unable to log in via FTP using the user helpdesk. So you can utilize this file to restrict users from access Vsftpd Server.

Sample Output : 

[root@localhost ~]# ftp localhost
Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:root): helpdesk
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.

Now let’s move toward our next file i.e. /etc/vsftpd/user_list. You can use this file to both allow or Disallow the users from login via FTP Server. If you use the syntax userlist_deny=NO in /etc/vsftpd/vsftpd.conf file then the users you have mentioned in this file are allowed to login via FTP Server and if you use syntax userlist_deny=YES in /etc/vsftpd/vsftpd.conf file then the users you have mentioned in this file are not allowed to login via FTP Server. I have tried both scenarios by using the user helpdesk. Refer to the sample output below.

[root@localhost ~]# nano /etc/vsftpd/user_list   # Add the User by edit the File
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
helpdesk

First I tried using userlist_deny=YES and got the below output.

[root@localhost ~]# ftp localhost
Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:root): helpdesk
530 Permission denied.
Login failed.

Then when I tried userlist_deny=NO then I able to successfully log in via Vsftpd Linux FTP Server.

Some Important & Useful Global Syntax of Vsftpd Server for Basic Configuration : 

  • anonymous_enable : To Enable/Disable Anonymous Login Via FTP.
  •  local_enable : To Enable/Disable login local Users via FTP.
  • write_enable : Used to allow users to Write on Vsftpd Linux FTP Server.
  • anon_mkdir_write_enable : Allow Anonymous Users to Create a directory on FTP Server.
  • anon_upload_enable : Allow anonymous users to upload data on FTP Server.
  • idle_session_timeout : Allow to set Time/Session in Seconds.

For more Vaftpd Syntax and Directived you can Refer to this link.

Now let’s perform a task and configure the Vsftpd Linux FTP Server to make your concept more clear.

So the task is to Configure the Vsftpd Linux FTP Server (Basic Configuration) with the below Settings :

  1. Disable Anonymous Login
  2. Session Timeout in 600 Seconds
  3. Allow Local Users Login
  4. All users should be able to write in FTP Server

For above task just edit the /etc/vsftpd/vsftpd.conf file and search for below syntax and do the settings as I have shown below.

anonymous_enable=NO
local_enable=YES
write_enable=YES
idle_session_timeout=600

Troubleshooting :

If you got some error like 500 OOPS: cannot change directory while connecting to FTP Server.

[root@localhost ~]# ftp localhost
Trying ::1...
ftp: connect to address ::1Connection refused
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:root): helpdesk
331 Please specify the password.
Password:
500 OOPS: cannot change directory:/home/helpdesk
Login failed.

Solution: Disable the SELinux by using the below Step.

[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce 
Permissive
[root@localhost ~]# nano /etc/sysconfig/selinux 
SELINUX=disabled

Vsftpd Linux FTP Server comes with huge range of features and it’s not possible to include all of those settings in one article. I will write another article on the Advance features of Vsftpd Server.

Also Read – How To Configure the Proxy Server On Linux Using Terminal

That’s all, In this article, we have explained How To Configure Linux FTP Server (vsftpd Server) In Redhat/Centos/Fedora. I hope you enjoy this article. If you like this article, then just share it. If you have any questions about this article, please comment.

Share this:

Mangesh Dhulap

This is Mangesh Dhulap the Founder and Editor of IT SMART TRICKS have 6+ years of Industrial Experience. We expect from our visitors to like, share, and comment on our posts.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.