Configuring VSFTPD in CentOS 6.0
vsftpd stands for Very Secure File Transfer Protocol Daemon and it is an popular and well known FTP server for Unix-like (Linux) Operating system.
It is Licensed under GNU General Public License.
In this tutorial we cover how to configure ‘vsftpd’ FTP server on CentOS 6.0.
We assume that you are using CentOS 6 (Linux operating system based on RedHat Distribution).
And using vsftpd version 2.2.2
Your system is connected to Internet via any means.
Step 1: Open Terminal in your CentOS.
Step 2: Gain the root access by executing the following command:
Step 3: After gaining the root access, now run the following command in the root shell:
yum install vsftpd
Step 4: The above command will download the vsftpd from the CentOS repository and
will be installed automatically.
Step 5: Once the installation is completed, a default configuration file will be placed in
following directory “ /etc/vsftpd/ “.
Step 6: Now navigate to the following directory using the cd command in terminal:
Step 7: We need to make some changes in the config file present in this directory.
Use any of your favorite text editor to edit this file, here we are using gedit
text editor. “ gedit config &“ or if you wish use “ vi config “.
Step 8: In this file comment/add or uncomment the following and leave the rest as is.
anonymous_enable=NO This is set to YES by default. local_enable=YES This is set to NO by default and change when you want the local users to have ftp access. xferlog_enable=Yes This is set to NO by default. Your logs will be written to /var/log/xferlog.
Most of the Linux systems have SELinux (Security Enhanced Linux) is a linux feature installed by default and enabled in order to enhance the security of a Linux system and this throws an error when the installer does not take care of the SELinux policy’s. The Error is as follows: 500 OOPS: cannot change directory:/home/someuser
Need not panic, this can be fixed by either disabling the SELinux or Setting the SELinux boolean option.
Solution 1: Disabling SELinux.
Step 1: Open the linux terminal and edit the following file:
Step 2: Now change the value of SELINUX = enabled to ‘ disabled ‘ and save the file.
Solution 2: Tuning SELinux for ftp access.
Open the linux terminal and run the following commands in terminal (you may
need to execute these commands as a super user).
getsebool -a | grep ftp
This will list a group of ftp Boolean options, the value of ftp_home_dir will be
set ‘off’ by default and we need to set it ‘on’ by using the following command.
setsebool -P ftp_home_dir on
Execution of the above command may take some time to be completed, a minute
or two and please wait until you get back the prompt. To check back whether it
is set on check using the former command (getsebool).
Configuring VSFTPD for local and virtual users’ access
The virtual users home folders will be under /var/ftp/ and we need root access to do
access this directory.
Step 1: Run the following command in terminal: yum install db4-utils
Step 2: Create the virtual users as a simple text file in the /etc/vsftpd/ directory with
username of virtual users and their respective password on the next line and save
this file with name user1_list (use any of your favorite text editor).
user1 password1 admin password2
Step 3: Now make sure you are in the /etc/vsftpd/ directory and run the following:
mkdir user1 cp user1_list user1/ db_load -T -t hash /etc/vsftpd/user1/user1_list /etc/vsftpd/user1/user1_db.db
A hashed DB file of the user1_list is created named user1_db.db.
Note that the file has a .db extension and this is necessary.
Step 4: You need to append to the file /etc/pam.d/vsftpd the following contents and
follow the below commands to perform it.
cd /etc/pam.d/ vim vsftpd
Now add the following 2 lines to the file as it is:
auth sufficient pam_userdb.so db=/etc/vsftpd/user1/user1_db account sufficient pam_userdb.so db=/etc/vsftpd/user1/user1_db
Step 5: Append Options to /etc/vsftpd/vsftpd.conf file from following:
guest_enable=YES # activate the virtual users virtual_use_local_privs=YES # virtual users have local priveleges user_sub_token=$USER local_root=/var/ftp/user1/$USER # specifies a home directory for each virtual user chroot_local_user=YES # Restricting the user to the FTP area and HOME dir's only
Step 6: Create the Virtual User Folders
cd /var/ftp mkdir user1 mkdir user1/user1 mkdir user1/user2 chown -R ftp:ftp /etc/ftp/user1/
Step 7: For local users, do the following
cd /var/ftp/user1/ mkdir yourlocaluser chown ftp:ftp yourlocaluser ln -s /var/ftp/user1/yourlocaluser /home/yourlocaluser/ftphome
Step 8: Testing the server
service vsftpd start
service vsftpd restart
Step 9: From another machine in the network connect to this server either using a GUI
client or CLI client. Its simple right.
Step 10: If you want the ftp service to run automatically whenever your computer boots then just type the command given below.
chkconfig vsftpd on
You can stop the service from running automatically by replacing “on” with “off”.
That is all about the FTP using VSFTPD package.
Trackback from your site.