FTP is a useful protocol for transferring files over the internet, this guide will show you how to set up vsFTPd (Very Secure File Transfer Protocol Daemon) on a CentOS 7 server.
To start with, we’ll need to provision a server. vsFTPd’s requirements are modest, you’ll want to select a plan that provides sufficient disk space and transfer capacity for your target use case. Make sure you select a location for your server that is geographically close to where you’ll be using it most. Select CentOS 7 as your operating system. It may take a couple of minutes to instantiate a new server.
Once it is up and running, use the root credentials on the overview page to SSH into your new server.
ssh [email protected]
After being prompted for your root password you’ll have a new root session. Before you install new software, it’s always a good idea to make sure your existing packages are up to date. CentOS uses
yum to manage packages. Even on a brand new server, there may be a couple packages out of date.
yum upgrade -y
When the upgrade is complete, you’ll be ready to install vsFTPd itself.
yum install -y vsftpd
Before we start the FTP server there are some options that are critical to set in the configuration file.
By default vsFTPd allows for anonymous FTP sessions. Unless you want anyone to be able to upload or download files from your server, it is recommend to set this option to “no”.
Ensure that you are able to upload files to the FTP server.
These next changes ensure that when a user on your server logs in they are only able to upload files to their own home folder.
chroot_local_user=YES chroot_list_enable=NO allow_writeable_chroot=YES
Finally, we need to tell vsFTPd which passive ports to use. FTP servers typically take commands from clients on one port and then return data on another. Today, we’ll allocate 1000 ports, between
Save the file and exit. We can now restart vsFTPd to make those changes take effect.
systemctl restart vsftpd
Finally we need to add firewall rules so that vsFTPd can talk to the outside world.
firewall-cmd --permanent --add-port=20-21/tcp firewall-cmd --permanent --add-port=8000-9000/tcp firewall-cmd --reload
Now, using the FTP client of your choice, login with your username and password and try uploading a file. You’ll be able to use
ls to list files on your terminal session:
Want to contribute?
You could earn up to $300 by adding new articles
Suggest an update
Request an article
Leave a Reply