IMPORTANT: – SELinux must be “DISABLED” before you can proceed. Read more: How to disable SELinux.
For Centos Platform
Step 1 – Run the command below to install vsftpd using your server’s terminal.
yum install vsftpd -y |
Step 2 – Navigate to /etc/vsftpd directory and copy a backup of vsftpd.conf
cd /etc/vsftpd cp -p vsftpd.conf vsftpd.conf.ori |
Step 3 – Create a vsftpd.chroot_list under /etc/. This is to name users who will be granted privilege and access into root (/) directory.
touch /etc/vsftpd.chroot_list |
Step 4 – Replace the configuration file with commands below:
/usr/bin/perl -pi -e "s/anonymous_enable=YES/anonymous_enable=NO/g" /etc/vsftpd/vsftpd.conf /usr/bin/perl -pi -e "s/xferlog_enable=YES/#xferlog_enable=YES/g" /etc/vsftpd/vsftpd.conf /usr/bin/perl -pi -e "s/connect_from_port_20=YES/#connect_from_port_20=YES/g" /etc/vsftpd/vsftpd.conf /usr/bin/perl -pi -e "s/xferlog_std_format=YES/#xferlog_std_format=YES/g" /etc/vsftpd/vsftpd.conf /usr/bin/perl -pi -e "s/#ftpd_banner=Welcome to blah FTP service./ftpd_banner=Hello./g" /etc/vsftpd/vsftpd.conf echo "chroot_local_user=YES" >> /etc/vsftpd/vsftpd.conf echo "chroot_list_enable=YES" >> /etc/vsftpd/vsftpd.conf echo "chroot_list_file=/etc/vsftpd.chroot_list" >> /etc/vsftpd/vsftpd.conf echo "dual_log_enable=YES" >> /etc/vsftpd/vsftpd.conf echo "" >> /etc/vsftpd/vsftpd.conf echo "ssl_enable=YES" >> /etc/vsftpd/vsftpd.conf echo "allow_anon_ssl=NO" >> /etc/vsftpd/vsftpd.conf echo "force_local_data_ssl=YES" >> /etc/vsftpd/vsftpd.conf echo "force_local_logins_ssl=YES" >> /etc/vsftpd/vsftpd.conf echo "ssl_ciphers=HIGH" >> /etc/vsftpd/vsftpd.conf echo "ssl_tlsv1=YES" >> /etc/vsftpd/vsftpd.conf echo "ssl_sslv2=NO" >> /etc/vsftpd/vsftpd.conf echo "ssl_sslv3=NO" >> /etc/vsftpd/vsftpd.conf echo "rsa_cert_file=/cert/server.crt" >> /etc/vsftpd/vsftpd.conf echo "rsa_private_key_file=/cert/server.key" >> /etc/vsftpd/vsftpd.conf echo "" >> /etc/vsftpd/vsftpd.conf echo "pasv_enable=YES" >> /etc/vsftpd/vsftpd.conf echo "pasv_min_port=40000" >> /etc/vsftpd/vsftpd.conf echo "pasv_max_port=41000" >> /etc/vsftpd/vsftpd.conf |
Step 6 – Configure vsftpd to start whenever the server starts or after a reboot.
chkconfig vsftpd on |
Step 7 – Start vsftpd service.
service vsftpd start |
Step 8 – If there is an error, it is probably caused by “ssl_enable=YES” in your vsftpd.conf file. You can disable it by changing “ssl_enable=YES” to “ssl_enable=NO” and start the vsftpd service again. But this is not recommended.
Read more on how to generate SSL: How to create self-signed SSL Certificate.
ERROR!
Refer below article on how to secure your ftp access.
How to Secure your FTP Access
Affordable but Powerful Cloud Hosting Package
Check out IPServerOne’s Cloud Hosting Packages.
Contact us @ +603-6259-5625 or email @ sales@ipserverone.com