Vsftpd stands for (Very Secure File Transport Protocol Daemon) is a secure, fast FTP server for Linux systems.
In this article, we will see how to set up a basic FTP server on CentOS 7.
Before this please make sure that you have a CentOS7 server, and it is connected to the Internet.
Install vsftpd.
Login to CentOS system and open terminal, run the below command.
[root@tc ~]# yum -y install vsftpd ftp
vsftpd: is an ftp server.
ftp: is an FTP client.
Configure vsftpd.
Before configuring the vsftpd server, let’s see the working directory.
Configuration file: /etc/vsftpd/vsftpd.conf
Data directory: /var/ftp/
Note: Take a backup of vsftpd.conf file before editing.
[root@tc ~]# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bkp
Now open the vsftpd configuration file with your favorite file editor.
[root@tc ~]# vi /etc/vsftpd/vsftpd.conf
You should see alike the below image.
Vsftpd server, by default it will allow anonymous users to login.
Username: anonymous
Password: abc@gmail.com (any mail format)
To configure the FTP server with password-protected, please follow the below steps.
Find the following variables and make the changes as shown below:
| SFTP-Variables | Description |
| anonymous_enable=NO | Disallow unidentified users to access FTP. |
| local_enable=YES | Allow local users to login. |
| write_enable=YES | Allow local users to write/upload access. |
| local_umask=022 | Only the user is having read/write access. |
| chroot_local_user=YES | Denied access to the local users to any other directory except his own. |
| dirmessage_enable=YES | To show the messages to FTP users. |
| xferlog_enable=YES | A log file will be maintained detailing uploads and downloads. |
| connect_from_port_20=YES | Listening port. |
| xferlog_std_format=YES | If enabled, the transfer log file will be written in standard xferlog format |
| listen=YES | Listen to the IPv4 network. |
| listen_ipv6=NO | Listen to the IPv6 network. |
| pam_service_name=vsftpd | Authentication service. |
| userlist_enable=YES | This option is the name of the file loaded when the userlist_enable the option is active. |
| tcp_wrappers=YES | compiled with tcp_wrappers support |
Firewall And SELinux Configuration.
Allow the FTP service and default port 21 via the firewall.
[root@tc ~]# firewall-cmd –add-port=21/tcp –permanent
[root@tc ~]# firewall-cmd –add-service=ftp –permanent
[root@tc ~]# firewall-cmd –reload
[root@tc ~]# setsebool -P ftp_home_dir on
Starting the vsftpd service.
We need to restart the ‘vsftpd’ service sot that the configuration changes have applied.
[root@tc ~]# systemctl start vsftpd
To start ‘vsftpd’ on boot time, the below command will enable the ‘vsftpd’ to start.
[root@tc ~]# systemctl enable vsftpd
Create an FTP user.
We will create an FTP user other than local users and assign the home directory.
[root@tc ~]# useradd -M tcuser2 -s /sbin/nologin
[root@tc ~]# passwd tcuser2
Next, we will create and set the home directory for tcuser2.
[root@tc ~]# mkdir /var/ftp/tcuser2
[root@tc ~]# chmod 755 /var/ftp/tcuser2
[root@tc ~]# chown -R tcuser2 /var/ftp/tcuser2
[root@tc ~]# usermod -m -d /var/ftp/tcuser2 tcuser2
Now you can access the FTP server via terminal, browser, FTP-client, and windows explorer by using the username and password.
