FTP Installation and Configuration

 

FTP Installation and Configuration with vsftpd

 

FTP (File Transfer Protocol) is a standard network protocol used to transfer files from one host to another. For a secure and efficient FTP setup on your server, we will use `vsftpd` (Very Secure FTP Daemon). This guide covers the installation and configuration of `vsftpd` on Debian/Ubuntu and CentOS systems, enabling access to web content from any specified folder.

 

Step 1: Installing vsftpd

 

For Debian/Ubuntu:

 

First, update your package index and install `vsftpd`:

 

```bash sudo apt update && sudo apt install vsftpd -y```

 

For CentOS:

 

Install `vsftpd` using the `yum` package manager:

 

```bash sudo yum install vsftpd –y```

 

Step 2: Configuring vsftpd

 

1. Backup the Original Configuration File: 

   It's always a good practice to back up the original configuration file before making any changes.

 

   ```bash sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.org ```

 

2. Edit vsftpd Configuration: 

   Open the `vsftpd.conf` file in a text editor and replace its contents with the following configuration settings:

 

   ```bash

   listen=NO

   listen_ipv6=YES

   anonymous_enable=NO

   local_enable=YES

   write_enable=YES

   local_umask=022

   dirmessage_enable=YES

   use_localtime=YES

   xferlog_enable=YES

   connect_from_port_20=YES

   xferlog_file=/var/log/vsftpd.log

   chroot_local_user=YES

   allow_writeable_chroot=YES

   userlist_enable=YES

   userlist_file=/etc/vsftpd.userlist

   userlist_deny=NO

   secure_chroot_dir=/var/run/vsftpd/empty

   pam_service_name=vsftpd

   rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem

   rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

   ssl_enable=NO

   pasv_min_port=40000

   pasv_max_port=50000

   ```

 

Step 3: Create or Use Existing User for FTP Access

 

To grant a user access to the FTP service, either create a new user or use an existing one:

 

1. Add the Username to vsftpd Userlist: 

   Edit the `/etc/vsftpd.userlist` file to include the username:

    ```bash echo "username" | sudo tee -a /etc/vsftpd.userlist ```

 

Step 4: Configure the Firewall

 Ensure that the necessary ports are open to allow FTP traffic. This includes ports `20`, `21`, `950`, and the passive port range `40000-50000`.

 

- Using firewalld:

 

   ```bash

   sudo firewall-cmd --permanent --add-port={20,21,950,40000-50000}/tcp

   sudo firewall-cmd --reload

   ```

 

Step 5: Start and Enable the vsftpd Service

 Start the `vsftpd` service and ensure it starts automatically on boot:

 ```bash sudo systemctl enable --now vsftpd```

 To verify the service is running, check its status:

 ```bash sudo systemctl status vsftpd```

 Step 6: Connect Using an FTP Client

 

Now, you can connect to the FTP server using any FTP client such as FileZilla or WinSCP. Use the username and password of the user configured earlier. By default, the user will only have access to their home directory for uploading, modifying, or deleting files.

 

Step 7: Grant Access to Other Directories

 

If you want to allow a user to upload files to a directory outside of their home directory, you can use the `bind mount` feature:

 

1. Mount a Directory:

 

   ```bash sudo mount --bind /home/user/ftp /path/to/your/destination/directory```

 

2. Persist the Mount Across Reboots:

 

   To ensure this mount persists after a reboot, add it to the `/etc/fstab` file:

 

   ```bash

   echo "/home/user/ftp /path/to/your/destination/directory none defaults,bind 0 0" | sudo tee -a /etc/fstab

   ```

 

3. Refresh Your FTP Client:

 

   After setting up the bind mount, refresh your FTP client to see the changes and enjoy your FTP service!

 

With these steps, you now have a fully functional FTP server using `vsftpd` configured for secure access and directory management.

Comments

Post a Comment

Popular posts from this blog

Problem Resizing Filesystem: "resize2fs: Permission denied to resize filesystem" During Online Resize

Image
  Environment                                                                                                                 Debian 10, 11, 12 Situation                                                                                                  The  resize2fs  command encountered a pe...
Read more

Nginx Ciphers

ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK:!SHA1:!DSS;
Read more

DevOps Culture

DevOps Culture: Bridging the Gap Between Development and Operations   DevOps, a portmanteau of "Development" and "Operations," is more than just a set of practices or tools. It's a culture that represents a paradigm shift in the way software development and IT operations work together. This culture emphasizes collaboration, communication, and integration between software developers and IT operations teams to improve the speed and quality of software delivery.   The Origins of DevOps Culture   The roots of DevOps can be traced back to the early 2000s when companies were facing significant challenges with traditional software development and deployment methods. These methods often involved long development cycles, siloed teams, and a lack of collaboration, leading to delays, higher costs, and poor-quality software releases.   The Agile Manifesto, published in 2001, sought to address some of these issues by promoting iterative development, customer ...
Read more