Search Our Database
How To Install And Configure vsFTPd (Linux)
IMPORTANT: – SELinux must be “DISABLED” before you can proceed. Read more: How to disable SELinux.
For Centos Platform
Step 1 – Run the command below to install vsftpd using your server’s terminal.
yum install vsftpd -y
Step 2 – Navigate to /etc/vsftpd directory and copy a backup of vsftpd.conf
cd /etc/vsftpd
cp -p vsftpd.conf vsftpd.conf.ori
Step 3 – Create a vsftpd.chroot_list under /etc/. This is to name users who will be granted privilege and access into root (/) directory.
touch /etc/vsftpd.chroot_list
Step 4 – Replace the configuration file with commands below:-
/usr/bin/perl -pi -e "s/anonymous_enable=YES/anonymous_enable=NO/g" /etc/vsftpd/vsftpd.conf
/usr/bin/perl -pi -e "s/xferlog_enable=YES/#xferlog_enable=YES/g" /etc/vsftpd/vsftpd.conf
/usr/bin/perl -pi -e "s/connect_from_port_20=YES/#connect_from_port_20=YES/g" /etc/vsftpd/vsftpd.conf
/usr/bin/perl -pi -e "s/xferlog_std_format=YES/#xferlog_std_format=YES/g" /etc/vsftpd/vsftpd.conf
/usr/bin/perl -pi -e "s/#ftpd_banner=Welcome to blah FTP service./ftpd_banner=Hello./g" /etc/vsftpd/vsftpd.conf
echo "chroot_local_user=YES" >> /etc/vsftpd/vsftpd.conf
echo "chroot_list_enable=YES" >> /etc/vsftpd/vsftpd.conf
echo "chroot_list_file=/etc/vsftpd.chroot_list" >> /etc/vsftpd/vsftpd.conf
echo "dual_log_enable=YES" >> /etc/vsftpd/vsftpd.conf
echo "" >> /etc/vsftpd/vsftpd.conf
echo "ssl_enable=YES" >> /etc/vsftpd/vsftpd.conf
echo "allow_anon_ssl=NO" >> /etc/vsftpd/vsftpd.conf
echo "force_local_data_ssl=YES" >> /etc/vsftpd/vsftpd.conf
echo "force_local_logins_ssl=YES" >> /etc/vsftpd/vsftpd.conf
echo "ssl_ciphers=HIGH" >> /etc/vsftpd/vsftpd.conf
echo "ssl_tlsv1=YES" >> /etc/vsftpd/vsftpd.conf
echo "ssl_sslv2=NO" >> /etc/vsftpd/vsftpd.conf
echo "ssl_sslv3=NO" >> /etc/vsftpd/vsftpd.conf
echo "rsa_cert_file=/cert/server.crt" >> /etc/vsftpd/vsftpd.conf
echo "rsa_private_key_file=/cert/server.key" >> /etc/vsftpd/vsftpd.conf
echo "" >> /etc/vsftpd/vsftpd.conf
echo "pasv_enable=YES" >> /etc/vsftpd/vsftpd.conf
echo "pasv_min_port=40000" >> /etc/vsftpd/vsftpd.conf
echo "pasv_max_port=41000" >> /etc/vsftpd/vsftpd.conf
Step 5 – Configure vsftpd to start whenever the server starts or after a reboot.
chkconfig vsftpd on
Step 6 – Start vsftpd service.
service vsftpd start
Step 7 – If there is an error, it is probably caused by “ssl_enable=YES” in your vsftpd.conf file. You can disable it by changing “ssl_enable=YES” to “ssl_enable=NO” and start the vsftpd service again. But this is not recommended.
Read more on how to generate SSL: How to create self-signed SSL Certificate.
ERROR!
Refer to the article below on how to secure your FTP access.
How to Secure your FTP Access
Affordable but Powerful Cloud Hosting Package
Check out IPServerOne’s Cloud Hosting Packages.
Contact us @ +603-6259-5625 or email @ sales@ipserverone.com