FTP (File Transfer Protocol) is the most common method of uploading files to a server. A wide array of FTP servers, such as vsftpd, and clients exist for every platform.
- These instructions are intended specifically for installing the VSFTP server on Fedora 23. If you’re on a different operating system, check out our guides for installing vsftpd on Fedora 22, CentOS 7, and Ubuntu 15.04.
- We’ll be logging into a Liquid Web Self Managed Fedora 23 server as root.
Step #1: Install vsftpd
As a matter of best practice we’ll first update our packages:
dnf -y update
Now we’ll install vsftpd and any required packages:
dnf -y install vsftpd
Step #2: Configure vsftpd
First, we’ll edit the configuration file for vsftpd:
Now, to prevent anonymous FTP access, we’ll change the anonymous_enable setting to “NO”:
We do want to allow local users to log in, so we’ll change the local_enable setting to “YES”:
If you want local users to be able to write to a directory, you’ll also need to change the write_enable setting to “YES”:
For our purposes, we want local users to be ‘jailed’ with no access to any other part of the server. To accomplish that, we simply uncomment the chroot_local_user setting by removing the preceding “#”, so that:
Now save and exit the file with the command:
At this point, we’ll restart the vsftpd service with the new configuration:
systemctl restart vsftpd
Finally, we’ll set the vsftpd service to start at boot:
systemctl enable vsftpd
That should produce output similar to the following:
[root@host ~]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service
Step #3: Allow vsftpd Through the Firewall
Allow the default FTP port, port 21, through firewalld:
firewall-cmd --permanent --add-port=21/tcp
And reload the firewall:
There are a few common vsftpd errors that we’ve already solved for you! Check out the following if you run into issues:
Error: 500 OOPS: vsftpd: refusing to run with writable root inside chroot() [SOLVED]
Error: 500 OOPS: priv_sock_get_cmd [SOLVED]
Error: 500 OOPS: priv_sock_get_int [SOLVED]
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.