Knowledgebase

Have a Question?

If you have any question you can ask below or enter what you are looking for!

Set up vsftpd FTP server on CentOS 6

22 Jun, 2013 Linux 0 Comments

Introduction

vsftpd (Very Secure FTP Daemon) is a secure and fast FTP server for UNIX systems including Linux. It is the default FTP service in Red Hat Enterprise Linux, CentOS, Ubuntu and many other Linux distributions. This article walks through steps required to create a simple and secure FTP server using vsftpd in your server with CentOS 6 Linux operating system.

Requirements

Running the commands given here requires root user privilege in your CentOS 6 server.

Installation

vsftpd is available in CentOS base repository and it can be installed using YUM package manager.

yum install vsftpd -y

Enable vsftpd service during server boot:

chkconfig vsftpd on

Configuration

Main configuration file of vsftpd is /etc/vsftpd/vsftpd.conf. Edit this file using vi, nano or your favorite text editor and make following changes:

anonymous_enable=NO    – Disable anonymous FTP logins.
local_enable=YES   – Enable FTP login for system users. Here we use system users as FTP users.
ftpd_banner=FTP Server   – Setting this option disables the default welcome message which contains vsftpd version and other server information. Here, banner is set to the string ‘FTP Server’ and it will be displayed as the welcome message to FTP clients while connecting.
chroot_local_user=YES   – Restrict FTP users inside their home directory so that they cannot access other file system paths in the server.
hide_ids=YES   – Hide numerical user and group IDs in FTP directory listing by showing ‘ftp’ instead of actual user and group IDs.

Restart vsftpd to make above configuration changes effective:

service vsftpd restart

Create and manage FTP users

Here FTP users are created as system users. Use useradd’ command to create a system user. Following command creates a system user named john:

useradd john

FTP directory of the system user is same as its home directory. By default, a user’s home directory is created as /home/USER (where USER stands for the user name). If you want a different home directory (and thus FTP directory) specify that directory with -d option of useradd command while creating the user. For example, following command creates a user named john with home and ftp directory as /ftp/john

useradd -d /ftp/john john

It is a good idea not to allow shell/SSH access to FTP users. For that you can set login shell of the user to /sbin/nologin while creating the user. You can use -s option of useradd command for this.

useradd -d /ftp/john -s /sbin/nologin john

To set password for a system user, use passwd command. Following command sets password for user john:

passwd john

Since system users are used as FTP users, you can use other system user management commands to manage these FTP users. For example, use usermod to modify home/FTP directory, login shell etc of the FTP user and use userdel command to remove a FTP user.

When to use vsftpd

vsftpd is lightweight and it can scale efficiently with many users. It is recommended to use vsftpd if you main requirements are security, performance and stability.

Leave a Reply

Your email address will not be published. Required fields are marked *

You can use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>