Instructions for installing VSFTPD on Centos 7 - Insurance Finances

I. Introduction

VSFTPD (Very Secure File Transport Protocol Daemon) is an FTP Server Stand Alone distributed by Red Hat Enterprise Linux.
This is software to create FTP Server with fast speed, simple configuration.

Also, if you don't use VSFTPD, you can use ProFTPD or Pure-FTPD.

In this article, I will install an FTP server on a CentOS-7 machine.
The installation is done with root privileges.

Prepare:

• One machine with CentOS-7


• IP address of FTP Server: 192.168.37.25/24

II. Install FTP Server

1. Install VSFTPD:

Install the package Vsftpd:

# yum install vsftpd

After the installation is complete, we start the service and allow it to start with the system.

# systemctl start vsftpd

# systemctl enable vsftpd

Configure firewall for FTP service and port 21:

# firewall-cmd --permanent --add-port=21/tcp

success



# firewall-cmd --permanent --add-service=ftp

success



# firewall-cmd --reload

success

Check service status vsftpd:

2. Configure VSFTPD

The vsftpd configuration file is located at: /etc/vsftpd/vsftpd.conf
Copy the configuration file for backup.

# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.backup

Edit configuration file vsftpd.conf:

# vi /etc/vsftpd/vsftpd.conf

• FTP Access: We do not allow anonymous connections, but only local connections to the FTP server

anonymous_enable=NO    // Không cho kết nối nặc danh 

local_enable=YES        // Cho phép kết nối cục bộ

• Enabling uploads: Allows users to upload.

write_enable=YES        //Cho phép người dùng nội bộ tải lên

• Chroot: the technique of keeping users in their directory, disallowed. Here we will chroot all users, except the users in the file /etc/vsftpd/chroot_list

chroot_local_user=YES

allow_writeable_chroot=YES

chroot_list_enable=YES

chroot_list_file=/etc/vsftpd/chroot_list

• Login banner FTP server: banner when the user logs into the FTP server.

ftpd_banner="Welcome FTP Server"

• Port limit for passive FTP: Limit the range of ports used for passive FTP

pasv_min_port=30000

pasv_max_port=31000

• Limit Users allowed to access the system: If you want to limit the local Users who can log in to the FTP server system. We add the following lines. Then, the Users in the file /etc/vsftpd/user_list new access to the system.

userlist_enable=YES

userlist_file=/etc/vsftpd/user_list

userlist_deny=NO

• Home directory: We can specify the home directory when the user logs into the system

local_root=<đường_dẫn_thư_mục>

• System time: we use local time:

use_local_time-YES

3. Restart the service and allow passive FTP ports to go through the firewall

# systemctl restart vsftpd



# firewall-cmd --permanent --add-port=30000-31000/tcp

success



# firewall-cmd --reload

success

III. Access FTP Server

To access the FTP server, we need a local account and are granted access to the FTP server.

1. Create local user

Create a local user as: user1 with the password bkns2022

# adduser user1

# passwd bkns2022

After adding, the default directory of this account will be in the directory /home/bkns/

2. Grant access to FTP server

I add user user1 to file /etc/vsftpd/user_list to be able to access the server.

Add to file /etc/vsftpd/chroot_list (If you use in config file)

Then restart the service vsftpd

# systemctl restart vsftpd

3. Access FTP server

There are many ways to access FTP server such as:

• lftp on CentOS-7


• cmd on Windows


• FileZilla on Windows

Here, we use FileZilla to access the FTP server. We enter the server's IP address, username, password

After entering the correct address of the FTP server and login account, we will see the same interface as above with the folders on the FTP server.

Related Posts