FTP (File Transfer Protocol) is one of the most popular methods to upload files to a server. There exist a wide array of FTP servers, such as vsftpd, you can use and FTP clients exist for every platform.
How to Install and Configure vsftpd on CentOS 7 |
Essentially no matter what OS you use you can find an easy to use FTP client, so it makes for a great solution to transfer files. On CentOS based servers before you can connect via FTP you’ll have to setup an FTP server. Here we’re gonna setup vsftpd which is a great option since it has a focus on security and speed.
Installing vsftpd on CentOS 7
Pre-Flight Check
- These instructions are intended specifically for installing the vsfptd on CentOS 7.
- You must be logged in via SSH as the root user to follow these directions.
Warning:
FTP data transfer is inherently insecure; traffic is not encrypted, and all transmissions are done in clear text (including usernames, passwords, commands, and data). Consider securing your FTP connection with SSL/TLS.
- Install vsftpd
- Before installing new software, it’s always best practice to run updates:
yum -y update
- Then install vsftpd and any required packages:
yum -y install vsftpd
- Configure vsftpdFor a refresher on editing files with vim see: New User Tutorial: Overview of the VIM Text Editor
- Now let’s edit the configuration file for vsftpd. Open the file with the following command:
vi /etc/vsftpd/vsftpd.conf
Now that the file is opened up you’ll want to make the following changes. Either find the option line and edit it, or simply delete it and replace with the lines noted here. - Disallow anonymous logins; this allows unidentified users to access files via FTP. Ensure that the anonymous_enable setting to NO:
anonymous_enable=NO
- Enable local users to login, this will allow your regular user accounts to function as FTP accounts. Change the local_enable setting to YES:
local_enable=YES
- If you want local user to be able to write to a directory, then change the write_enable setting to YES:
write_enable=YES
- Local users will be ‘chroot jailed’ and they will be denied access to any other part of the server. Set the chroot_local_user setting to YES:
chroot_local_user=YES
- Exit and save the file with the command `:wq`, or with `:x`.
- Restart and Enable the vsftpd service:
- First restart the service:
systemctl restart vsftpd
- Then set the vsftpd service to start at boot:
systemctl enable vsftpd
- Allow vsftpd Through the Firewall
- Allow the default FTP port, port 21, through firewalld:
firewall-cmd --permanent --add-port=21/tcp
- And reload the firewall:
firewall-cmd --reload
And that is it! You should now have vsftpd installed, setup and configured on your server. If you followed these directions you should now be able to login to the server via FTP! The only catch is that if you have a hardware firewall in addition to the servers software firewall you may need to adjust that too.