Vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It stands for Very Secure File Transfer Protocol Daemon. It is stable, secure and extremely fast.
FTP stands for File Transfer Protocol. It has been a standard method for transferring files between computers for decades.
In this guide we will learn how to install an SFTP server in Rocky linux 8 using vsftp for transferring files between client and server quickly and securely via the FTP protocol.
Related content:
- How To Install an FTP Server on Rocky/Alma Linux 9 With VSFTPD
- How to set up an SFTP server on Rocky Linux/CentOS 8 Server
Ensure that the server is updated
Before proceeding, let us make sure that our server has updated packages. Use this command:
sudo dnf update -y
Install vsftpd
VSFTPD is available in the default Rocky linux repos. Install it using this command:
sudo dnf install -y vsftpd
When prompted, type Y
to allow the operation to complete.
Start and enable the service
The vsftpd service will not be started by default. Start it using this command:
sudo systemctl start vsftpd
Confirm that the service is up and running
$ sudo systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2022-02-14 08:32:41 UTC; 7s ago
Process: 72141 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
Main PID: 72142 (vsftpd)
Tasks: 1 (limit: 23168)
Memory: 584.0K
CGroup: /system.slice/vsftpd.service
└─72142 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
Feb 14 08:32:41 rockysrv.citizix.com systemd[1]: Starting Vsftpd ftp daemon...
Feb 14 08:32:41 rockysrv.citizix.com systemd[1]: Started Vsftpd ftp daemon.
Finally, enable the service to start on boot:
sudo systemctl enable vsftpd
Enable the service in firewall
If you have firewalld installed and enabled, use these commands to allow the ftp service:
sudo firewall-cmd --zone=public --permanent --add-port=21/tcp
sudo firewall-cmd --zone=public --permanent --add-service=ftp
sudo firewall-cmd –-reload
Configuring VSFTPD
The default vsftpd configuration file is located in the /etc/vsftpd/vsftpd.conf
path. Before editing the file, let us backup the file so we can revert to the original if something doesn’t go as expected.
sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bk
Next, open the file with your favourite text editor. I am using vim:
sudo vim /etc/vsftpd/vsftpd.conf
First, let us set our FTP server to disable anonymous users and allow local users.
Find the following entries in the configuration file, and edit them to match the following:
anonymous_enable=NO
local_enable=YES
Anonymous access is a risky – you should avoid it unless you understand the risks.
Next, allow a logged-in user to upload files to your FTP server. Let us enable write access with this lin:
write_enable=YES
Limit FTP users to their own home directory. This is often called _jail _or chroot jail. Find and adjust the entry to match the following:
chroot_local_user=YES
allow_writeable_chroot=YES
The vsftpd utility provides a way to create an approved user list. To manage users this way, find the userlist_enable
entry, then edit the file to look as follows:
userlist_enable=YES
userlist_file=/etc/vsftpd/user_list
userlist_deny=NO
You can now edit the /etc/vsftpd/user_list file, and add your list of users. (List one per line.) The userlist_deny
option lets you specify users to be included; setting it to yes
would change the list to users that are blocked.
Once you’re finished editing the configuration file, save your changes. Restart the vsftpd service to apply changes:
sudo systemctl restart vsftpd
Create a New FTP User
To create a new FTP user enter the following:
sudo adduser ftpuser0
sudo passwd ftpuser0
The system should prompt you to enter and confirm a password for the new user.
Add the new user to the userlist:
echo "ftpuser0" | sudo tee –a /etc/vsftpd/user_list
Create a directory for the new user, and adjust permissions:
sudo mkdir -p /home/ftpuser0/ftp/upload
sudo chmod 550 /home/ftpuser0/ftp
sudo chmod 750 /home/ftpuser0/ftp/upload
sudo chown -R ftpuser0: /home/ftpuser0/ftp
This creates a /home/ftpuser0 directory for the new user, with a special directory for uploads. It sets permissions for uploads only to the /uploads directory.
Now, you can log in to your FTP server with the user you created:
ftp 10.2.11.9
Replace this IP address with the one from your system. You can find your IP address in Linux with the ip addr
command.
The system should prompt you for a username – enter whatever username you created earlier. Type the password, and the system should log you in.
Testing FTP Connection
To test the FTP server locally, use the command:
$ ftp localhost
Trying ::1...
Connected to localhost (::1).
220 (vsFTPd 3.0.3)
Name (localhost:rocky): rocky
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
Conclusion
We have managed to set up our own ftp server. You should be able to login to your server via FTP and start transferring files. You can use an FTP client like Filezilla to finally access your FTP server with the different accounts created and start transferring files.