Linux

How To Install an FTP Server on Rocky Linux 8 With VSFTPD

Pinterest LinkedIn Tumblr

Vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It stands for Very Secure File Transfer Protocol Daemon. It is stable, secure and extremely fast.

FTP stands for File Transfer Protocol. It has been a standard method for transferring files between computers for decades.

In this guide we will learn how to install an SFTP server in Rocky linux 8 using vsftp  for transferring files between client and server quickly and securely via the FTP protocol.

Related content:

Ensure that the server is updated

Before proceeding, let us make sure that our server has updated packages. Use this command:

sudo dnf update -y

Install vsftpd

VSFTPD is available in the default Rocky linux repos. Install it using this command:

sudo dnf install -y vsftpd

When prompted, type Y to allow the operation to complete.

Start and enable the service

The vsftpd service will not be started by default. Start it using this command:

sudo systemctl start vsftpd

Confirm that the service is up and running

$ sudo systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemon
   Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2022-02-14 08:32:41 UTC; 7s ago
  Process: 72141 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
 Main PID: 72142 (vsftpd)
    Tasks: 1 (limit: 23168)
   Memory: 584.0K
   CGroup: /system.slice/vsftpd.service
           └─72142 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf

Feb 14 08:32:41 rockysrv.citizix.com systemd[1]: Starting Vsftpd ftp daemon...
Feb 14 08:32:41 rockysrv.citizix.com systemd[1]: Started Vsftpd ftp daemon.

Finally, enable the service to start on boot:

sudo systemctl enable vsftpd

Enable the service in firewall

If you have firewalld installed and enabled, use these commands to allow the ftp service:

sudo firewall-cmd --zone=public --permanent --add-port=21/tcp
sudo firewall-cmd --zone=public --permanent --add-service=ftp
sudo firewall-cmd –-reload

Configuring VSFTPD

The default vsftpd configuration file is located in the  /etc/vsftpd/vsftpd.conf path. Before editing the file, let us backup the file so we can revert to the original if something doesn’t go as expected.

sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bk

Next, open the file with your favourite text editor. I am using vim:

sudo vim /etc/vsftpd/vsftpd.conf

First, let us set our FTP server to disable anonymous users and allow local users.

Find the following entries in the configuration file, and edit them to match the following:

anonymous_enable=NO
local_enable=YES

Anonymous access is a risky – you should avoid it unless you understand the risks.

Next, allow a logged-in user to upload files to your FTP server. Let us enable write access with this lin:

write_enable=YES

Limit FTP users to their own home directory. This is often called jail or chroot jail. Find and adjust the entry to match the following:

chroot_local_user=YES
allow_writeable_chroot=YES

The vsftpd utility provides a way to create an approved user list. To manage users this way, find the userlist_enable entry, then edit the file to look as follows:

userlist_enable=YES
userlist_file=/etc/vsftpd/user_list
userlist_deny=NO

You can now edit the /etc/vsftpd/user_list file, and add your list of users. (List one per line.) The userlist_deny option lets you specify users to be included; setting it to yes would change the list to users that are blocked.

Once you’re finished editing the configuration file, save your changes. Restart the vsftpd service to apply changes:

sudo systemctl restart vsftpd

Create a New FTP User

To create a new FTP user enter the following:

sudo adduser ftpuser0
sudo passwd ftpuser0

The system should prompt you to enter and confirm a password for the new user.

Add the new user to the userlist:

echo "ftpuser0" | sudo tee –a /etc/vsftpd/user_list

Create a directory for the new user, and adjust permissions:

sudo mkdir -p /home/ftpuser0/ftp/upload
sudo chmod 550 /home/ftpuser0/ftp
sudo chmod 750 /home/ftpuser0/ftp/upload
sudo chown -R ftpuser0: /home/ftpuser0/ftp

This creates a /home/ftpuser0 directory for the new user, with a special directory for uploads. It sets permissions for uploads only to the /uploads directory.

Now, you can log in to your FTP server with the user you created:

ftp 10.2.11.9

Replace this IP address with the one from your system. You can find your IP address in Linux with the  ip addr  command.

The system should prompt you for a username – enter whatever username you created earlier. Type the password, and the system should log you in.

Testing FTP Connection

To test the FTP server locally, use the command:

$ ftp localhost
Trying ::1...
Connected to localhost (::1).
220 (vsFTPd 3.0.3)
Name (localhost:rocky): rocky
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

Conclusion

We have managed to set up our own ftp server. You should be able to login to your server via FTP and start transferring files. You can use an FTP client like Filezilla to finally access your FTP server with the different accounts created and start transferring files.

I am a Devops Engineer, but I would describe myself as a Tech Enthusiast who is a fan of Open Source, Linux, Automations, Cloud and Virtualization. I love learning and exploring new things so I blog in my free time about Devops related stuff, Linux, Automations and Open Source software. I can also code in Python and Golang.

Write A Comment