web analytics

Configuring VSFTPD in CentOS‭ ‬6.0

Written by config on . Posted in CentOS, Linux

Advertisement

Configuring VSFTPD in CentOS‭ ‬6.0

vsftpd stands for‭ ‬Very‭ ‬Secure‭ ‬File‭ ‬Transfer‭ ‬Protocol‭ ‬Daemon and it is an popular and well known FTP server for Unix-like‭ (‬Linux‭) ‬Operating system.

It is Licensed under GNU General Public License.

In this tutorial we cover how to configure‭ ‘‬vsftpd‭’ FTP server ‬on CentOS‭ ‬6.0.

Assumptions:

We assume that you are using CentOS‭ ‬6‭ (‬Linux operating system based on RedHat Distribution‭)‬.
And using‭ ‬vsftpd‭ ‬version‭ ‬2.2.2
Your system is connected to Internet via any means.

Advertisement

Step-by-Step Procedure:

‎ ‏Step‭ ‬1:‭ ‬Open Terminal in your CentOS.

Step‭ ‬2:‭ ‬Gain the root access by executing the following command:

‏su‭ ‬-root


Step‭ ‬3:‭ ‬After gaining the root access,‭ ‬now run the following command in the root shell:

‏
yum install vsftpd

‎ ‏Step‭ ‬4:‭ ‬The above command will download the‭ ‬vsftpd‭ ‬from the CentOS repository and‭
will be installed automatically.

‎ ‏Step‭ ‬5:‭ ‬Once the installation is completed,‭ ‬a default configuration file will be placed in
‎ ‏following directory‭ “‬ /etc/vsftpd/‭ “‬.

‎ ‏Step‭ ‬6:‭ ‬Now navigate to the following directory using the cd command in terminal:

‏
cd‭ ‬/etc/vsftpd/

‎ ‏Step‭ ‬7:‭ ‬We need to make some changes in the‭ ‬config file present in this directory.‭
Use any of your favorite text editor to edit this file,‎ ‏here we are using‭ ‬gedit
‎ ‏text editor.‭ “ ‬gedit config‭ &“ ‬or if you wish use‭ “ ‬vi config‭ “‬.

‎ ‏Step‭ ‬8:‭ ‬In this file comment/add or uncomment the following and leave the rest as is.

‎‏anonymous_enable=NO‭ 	‬        This is set to‭ ‬YES by default.
‎local_enable=YES‭ 		‬This is set to‭ ‬NO by default and change when you want the local users to have ftp access.
‎‏xferlog_enable=Yes‭ 		‬This is set to‭ ‬NO by default.‭ ‬Your logs will be written to‭ ‬/var/log/xferlog.

Common Errors:

Most of the Linux systems have SELinux‎ (‏Security Enhanced Linux‭) ‬is a linux feature installed by default and enabled in order to enhance the security of a Linux system and this throws an error when the installer does not take care of the SELinux policy’s.‭ ‬The Error is as follows:‭ ‬500‭ ‬OOPS:‭ ‬cannot change directory:/home/someuser

Need not panic,‭ ‬this can be fixed by either disabling the SELinux or Setting the SELinux boolean option.

Solution‭ ‬1:‭ ‬Disabling SELinux.

‎ ‏Step‭ ‬1:‭ ‬Open the linux terminal and edit the following file:

	
‏vi‭ ‬/etc/selinux/config

‎ ‏Step‭ ‬2:‭ ‬Now change the value of SELINUX‭ = ‬enabled to‭ ‘ ‬disabled‭ ‘ ‬and save the file.

Solution‭ ‬2:‭ ‬Tuning SELinux for ftp access.

‎ ‏ Open the linux terminal and run the following commands in terminal‎ (‏you may
‎ ‏need to execute these commands as a super user‭)‬.

	‏
getsebool‭ ‬-a‭ | ‬grep ftp


This will list a group of ftp Boolean options,‭ ‬the value of‭ ‬ftp_home_dir will be
‎ ‏set‭ ‘‬off‭’ ‬by default and we need to set it‭ ‘‬on‭’ ‬by using the following command.

	
‏setsebool‎ ‏-P ftp_home_dir on


Execution of the above command may take some time to be completed,‎ ‏a minute
‎ ‏or two and please wait until you get back the prompt.‭ ‬To check back whether it‭
is set on check using the former command‎ (‏getsebool‭)‬.

Configuring VSFTPD for local and virtual users‭’ ‬access

The virtual users home folders will be under‎ ‏/var/ftp/‎ ‏and we need root access to do‭
access this directory.

‎ ‏Step‭ ‬1:‭ ‬Run the following command in terminal:‭ ‬‭ ‬yum install db4-utils

Step‎ ‏2:‎ ‏Create the virtual users as a simple text file in the‭ ‬/etc/vsftpd/‭ ‬directory with‭
username of virtual users and their respective password on the next line and save‎
this file with name user1_list‎ (‏use any of your favorite text editor‭)‬.
‎ ‏Eg:-‭

‬                user1
‎		‏password1
‎		‏admin
‎		‏password2

‎ ‏Step‭ ‬3:‭ ‬Now make sure you are in the‭ ‬/etc/vsftpd/‭ ‬directory and run the following:

‎		‏
mkdir user1		‏
cp user1_list user1/		‏
db_load‭ ‬-T‭ ‬-t hash‭ ‬/etc/vsftpd/user1/user1_list‭ ‬/etc/vsftpd/user1/user1_db.db

‎ ‏A hashed DB file of the user1_list is created named user1_db.db.‎
Note that the file has a‎ ‏.db extension and this is necessary.

‎ ‏Step‭ ‬4:‭ ‬You need to append to the file‭ ‬/etc/pam.d/vsftpd the following contents and‭
follow the below commands to perform it.

cd‭ ‬/etc/pam.d/
‎‏vim vsftpd

‎Now add the following‭ ‬2‭ ‬lines to the file as it is:

auth‭       ‬sufficient pam_userdb.so db‭=‬/etc/vsftpd/user1/user1_db
‎account‭  ‬sufficient pam_userdb.so db‭=‬/etc/vsftpd/user1/user1_db

‎ ‏Step‭ ‬5:‭ ‬Append Options to‭ ‬/etc/vsftpd/vsftpd.conf‭ ‬file from following:

guest_enable=YES‎ ‏#‎ ‏activate the virtual users
‎virtual_use_local_privs=YES‎ ‏#‎ ‏virtual users have local priveleges
‎user_sub_token‎=‏$USER
local_root‭=‬/var/ftp/user1/$USER‭ ‬#‭ ‬specifies a home directory for each virtual user
‏chroot_local_user=YES‭ ‬#‭ ‬Restricting the user to the FTP area and HOME dir's only

‎ ‏Step‭ ‬6:‭ ‬Create the Virtual User Folders

	‎‏cd‭ ‬/var/ftp‭
	‬mkdir user1‭
	‬mkdir user1/user1‭
	‬mkdir user1/user2‭
	‬chown‭ ‬-R ftp:ftp‭ ‬/etc/ftp/user1/
‎	

Step‭ ‬7:‭ ‬For local users,‭ ‬do the following

‎	‏cd‭ ‬/var/ftp/user1/
‎	‏mkdir yourlocaluser‎
	‏
	chown ftp:ftp yourlocaluser‭
	‬ln‭ ‬-s‭ ‬/var/ftp/user1/yourlocaluser‭ ‬/home/yourlocaluser/ftphome

‎	

Step‎ ‏8:‎ ‏Testing the server

	
service vsftpd start‎

(‏or‭)

service vsftpd restart

‎ ‏Step‭ ‬9:‭ ‬From another machine in the network connect to this server either using a GUI‭
client or CLI client.‎ ‏Its simple right.

‎ ‏Step‭ ‬10:‭ ‬If you want the ftp service to run automatically whenever your computer boots then just type the command given below.

 
chkconfig vsftpd on

You can stop the service from running automatically by replacing‎ “‏on‭” ‬with‭ “‬off‭”‬.‭

That is all about the FTP using VSFTPD package.‭

Tags: , , , , , , , , ,

Trackback from your site.

Comments (1)

  • Jimmy Chan

    |

    Hi,

    I am success install the vsftpd and it working, I install the CentOS on VMWare for testing first, but have a super big problems there, I am using FileZilla FTP Client, both the CentOS and my workstation are in the same LAN 10.10.10.x/255.255.255.0

    When I am using vsftpd, login as local user, send phpmyadmin to my home folder, it will super super slowly, just about 8KB/S in a 100M LAN??? and it look like using PASV mode, what is wrong on my vsftpd setting? I am force the firewall and SELinux disable and reboot also same. Any idea or suggestion?

    Thank you very much of this how to there and I like your site.

    Reply

Leave a comment

*