From long time FTP service is used world wide for file sharing. In Linux system we use vsftpd (very secure FTP daemon)packages.It is licensed under the GNU General Public License. It supports IPv6 and SSL.

In many of Linux machines vsftpd used as default package. It is really easy to install and configure vsftpd package on Linux. It is Securvsftpde, stable , highly stable, lightweight and fast FTP service used in Linux systems.

In this Post, we would try see how we could Install and configure on Linux machines.

Warning : Although if you like to use FTP outside LAN on internet than its better to use SFTP, its better alternative is to use SFTP as it share over SSH which is more secure. But you must FTP on internet than at least use secure connection over SSL/TLS

Installation of VSFTPD


Installation through RPM Command

#rpm -ivh vsftpd-2.2.2-11.el6_4.1.x86_64.rpm
Preparing...                ########################################### [100%]
   1:vsftpd                 ########################################### [100%]

Installation through YUM Command

#yum install vsftpd
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
 * base: centos.mirror.ndchost.com
 * extras: centos.vwtonline.net
 * rpmforge: apt.sw.be
 * updates: centos.hostingxtreme.com

...Output truncated...

Warning: RPMDB altered outside of yum.
  Installing : vsftpd-2.2.2-14.el6.x86_64                                            1/1
  Verifying  : vsftpd-2.2.2-14.el6.x86_64                                            1/1

Installed:
  vsftpd.x86_64 0:2.2.2-14.el6

Complete!

After installation of VSFTPD Package, we are ready to use FTP Services on Linux system. we just need to run its service.

Start and Stop FTP Service

#service  vsftpd restart
Shutting down vsftpd:                                      [FAILED]
Starting vsftpd for vsftpd:                                [  OK  ]
#service vsftpd stop

Now you can login in FTP Server through anonymous or FTP without password.

#ftp localhost
Connected to localhost.
220 (vsFTPd 2.2.2)
530 Please login with USER and PASS.
Name (localhost:root): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

Configuration of VSFTPD

1. Main configuration File — /etc/vsftpd/vsftpd.conf
2. For allowing or not allowing User to login — /etc/vsftpd/ftpusers, /etc/vsftpd/user_list

Allow Anonymous Users Login

In /etc/vsftpd/vsftpd.conf file, there is derivative used to allow or deny Anonymous Users Login, uncomment with hash will allow Anonymous Users

# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=YES

Uploading and making directory by Anonymous Users

In VSFTP, There is provision that you can enable Anonymous upload and allow Anonymous Users to create directory. But for same you have provide proper access to that directory for Anonymous Users.
By default this setting is disable. Describe in below mention setting, we have to uncomment and YES should mention on right side of setting and restart FTP service. Mention below.

# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writeable by the FTP user.
anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES

After creating separate directory ,enabling derivative and restart service , you can able to create directory with Anonymous Users.

Directory and its permission for Anonymous users upload
# ls -l /var/ftp/ano_dir/ drwx------ 2 ftp ftp 4096 Jan 12 12:58 ano_dir
Creating directory through Anonymous Users
#ftp localhost Trying 127.0.0.1... Connected to localhost (127.0.0.1). 220 (vsFTPd 2.2.2) Name (localhost:root): anonymous 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (127,0,0,1,109,42). 150 Here comes the directory listing. drwxr-xr-x 2 14 50 4096 Jan 12 07:25 ano_dir drwxr-xr-x 7 0 0 4096 Jul 24 00:49 pub 226 Directory send OK. ftp> cd ano_dir 250 Directory successfully changed. ftp> mkdir ano_dir 257 "/ano_dir/ano_dir" created ftp> ls 227 Entering Passive Mode (127,0,0,1,156,19). 150 Here comes the directory listing. drwx------ 2 14 50 4096 Jan 12 07:28 ano_dir 226 Directory send OK.

Ownership of Anonymous upload files

In /etc/vsftpd/vsftpd.conf file, there is derivative used set ownership of uploaded files through anonymous users. We have uncomment them and mention username for same.

# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
chown_username=u1

After editing these derivatives in /etc/vsftpd/vsftpd.conf , we could use this feature as below

ftp> mkdir [root@srv3 ~]# ftp localhost
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:root): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> mkdir ftp> put install.log
local: install.log remote: install.log
227 Entering Passive Mode (127,0,0,1,254,60).
553 Could not create file.
ftp> ls
227 Entering Passive Mode (127,0,0,1,213,167).
150 Here comes the directory listing.
drwxr-xr-x    3 14       50           4096 Jan 12 11:34 ano_dir
ftp> mkdir drwxr-xr-x    7 0        0            4096 Jul 24 00:49 pub
226 Directory send OK.

Allow Local Users Login

In /etc/vsftpd/vsftpd.conf file, there is derivative used to allow or deny Local Users Login, uncomment from hash and write YES in same derivative. For disallow write NO in same derivative.

# Uncomment this to allow local users to log in.
local_enable=YES

This way we can allow Local users can login on FTP. Below we can see Local user could login on FTP.

[root@srv3 ~]# ftp localhost
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:root): u1
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (127,0,0,1,152,4).
150 Here comes the directory listing.
226 Directory send OK.
ftp> pwd
257 "/home/u1"
ftp>

DisAllow specfic Local Users Login

In VSFTPD packages, there are two files /etc/vsftpd/ftpusers and /etc/vsftpd/user_list. let’s see its use.

/etc/vsftpd/ftpusers
Users that are not allowed to login via ftp
/etc/vsftpd/user_list
If userlist_deny=NO, only allow users in this file
If userlist_deny=YES (default), never allow users in this file, and do not even prompt for a password.
Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers for users that are denied.