Created
June 27, 2014 13:57
-
-
Save fernandoaleman/68b59dae947ec7a1c5ab to your computer and use it in GitHub Desktop.
How To Install vsftpd on CentOS 6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Installing vsftpd on CentOS | |
yum install vsftpd | |
How to configure vsftpd: | |
Now that you’ve installed vsftpd, follow this procedure to configure it. These steps applies for both the linux variants. | |
Before you get started, stop the vsftpd by typing: | |
service vsftpd stop | |
Edit the vsftp.conf | |
vi /etc/vsftpd/vsftpd.conf | |
Make the following changes: | |
We don’t want anonymous login: | |
anonymous_enable=NO | |
Enable local users: | |
local_enable=YES | |
The ftpuser should be able to write data: | |
write_enable=YES | |
Port 20 need to turned off, makes vsftpd run less privileged: | |
connect_from_port_20=NO | |
Chroot everyone: | |
chroot_local_user=YES | |
set umask to 022 to make sure that all the files (644) and folders (755) you upload get the proper permissions. | |
local_umask=022 | |
Now that basic configuration is complete, now let us begin with locking / securing a directory to user. | |
sudo useradd -d /var/www/path/to/your/dir -s /usr/sbin/nologin ftpuser | |
Setup a password for the user: | |
sudo passwd ftpuser | |
In order to enable the ftpuser read and write the data in your home dir, change the permission and take ownership: | |
sudo chown -R ftpuser /var/www/path/to/your/dir | |
sudo chmod 775 /var/www/path/to/your/dir | |
Create userlist file and add the user: | |
Ubuntu / Debian: | |
vi /etc/vsftpd.userlist | |
CentOS / Fedora | |
vi /etc/vsftpd/vsftpd.userlist | |
and add the user: | |
ftpuser | |
save the file and open the vsftp.conf file again: | |
vi /etc/vsftpd.conf | |
Add the following lines at the end of the file and save it: | |
# the list of users to give access | |
userlist_file=/etc/vsftpd.userlist | |
# this list is on | |
userlist_enable=YES | |
# It is not a list of users to deny ftp access | |
userlist_deny=NO | |
After completing all these procedures it is almost ready to use it, give it a try but you will get a 500 OOPS permission denied error. To fix it you need to add a nologin to the shell set. | |
vi /etc/shells | |
The file should look like this: | |
/bin/ksh | |
/usr/bin/rc | |
/usr/bin/tcsh | |
/bin/tcsh | |
/usr/bin/esh | |
/bin/dash | |
/bin/bash | |
/bin/rbash | |
Add this line at the end: | |
/usr/sbin/nologin | |
Now create a usergroup and add the ftpuser to it: | |
sudo addgroup ftpusers | |
sudo usermod -Gftpusers ftpuser | |
Now start the vsftpd: | |
service vsftpd start | |
That’s it. Now you have a secure installation of vsftpd on your server. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment