I. Introduction
VSFTPD (Very Secure File Transport Protocol Daemon) is an FTP Server Stand Alone distributed by Red Hat Enterprise Linux.
This is software to create FTP Server with fast speed, simple configuration.
Also, if you don't use VSFTPD, you can use ProFTPD or Pure-FTPD.
In this article, I will install an FTP server on a CentOS-7 machine.
The installation is done with root privileges.
Prepare:
- One machine with CentOS-7
- IP address of FTP Server:
192.168.37.25/24
II. Install FTP Server
1. Install VSFTPD:
Install the package Vsftpd
:
# yum install vsftpd
After the installation is complete, we start the service and allow it to start with the system.
# systemctl start vsftpd
# systemctl enable vsftpd
Configure firewall for FTP service and port 21:
# firewall-cmd --permanent --add-port=21/tcp
success
# firewall-cmd --permanent --add-service=ftp
success
# firewall-cmd --reload
success
Check service status vsftpd
:
2. Configure VSFTPD
The vsftpd configuration file is located at: /etc/vsftpd/vsftpd.conf
Copy the configuration file for backup.
# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.backup
Edit configuration file vsftpd.conf
:
# vi /etc/vsftpd/vsftpd.conf
- FTP Access: We do not allow anonymous connections, but only local connections to the FTP server
anonymous_enable=NO // Không cho kết nối nặc danh
local_enable=YES // Cho phép kết nối cục bộ
- Enabling uploads: Allows users to upload.
write_enable=YES //Cho phép người dùng nội bộ tải lên
- Chroot: the technique of keeping users in their directory, disallowed. Here we will chroot all users, except the users in the file
/etc/vsftpd/chroot_list
chroot_local_user=YES
allow_writeable_chroot=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
- Login banner FTP server: banner when the user logs into the FTP server.
ftpd_banner="Welcome FTP Server"
- Port limit for passive FTP: Limit the range of ports used for passive FTP
pasv_min_port=30000
pasv_max_port=31000
- Limit Users allowed to access the system: If you want to limit the local Users who can log in to the FTP server system. We add the following lines. Then, the Users in the file
/etc/vsftpd/user_list
new access to the system.
userlist_enable=YES
userlist_file=/etc/vsftpd/user_list
userlist_deny=NO
- Home directory: We can specify the home directory when the user logs into the system
local_root=<đường_dẫn_thư_mục>
- System time: we use local time:
use_local_time-YES
3. Restart the service and allow passive FTP ports to go through the firewall
# systemctl restart vsftpd
# firewall-cmd --permanent --add-port=30000-31000/tcp
success
# firewall-cmd --reload
success
III. Access FTP Server
To access the FTP server, we need a local account and are granted access to the FTP server.
1. Create local user
Create a local user as: user1
with the password bkns2022
# adduser user1
# passwd bkns2022
After adding, the default directory of this account will be in the directory /home/bkns/
2. Grant access to FTP server
I add user user1
to file /etc/vsftpd/user_list
to be able to access the server.
Add to file /etc/vsftpd/chroot_list
(If you use in config file)
Then restart the service vsftpd
# systemctl restart vsftpd
3. Access FTP server
There are many ways to access FTP server such as:
lftp
on CentOS-7cmd
on Windows- FileZilla on Windows
Here, we use FileZilla to access the FTP server. We enter the server's IP address, username, password
After entering the correct address of the FTP server and login account, we will see the same interface as above with the folders on the FTP server.
Post a Comment
Post a Comment