How To Install and Configure vsftpd on Fedora 23

FTP (File Transfer Protocol) is the most common method of uploading files to a server. A wide array of FTP servers, such as vsftpd, and clients exist for every platform.

Pre-Flight Check

  • These instructions are intended specifically for installing the VSFTP server on Fedora 23. If you’re on a different operating system, check out our guides for installing vsftpd on Fedora 22, CentOS 7, and Ubuntu 15.04.
  • We’ll be logging into a Liquid Web Self Managed Fedora 23 server as root.

Step #1: Install vsftpd

Warning: FTP is an insecure protocol. Data is not encrypted, and all transmissions (including usernames, passwords, commands, and the data itself) are in clear text. Consider securing your FTP connection with SSL/TLS.

As a matter of best practice we’ll first update our packages:

dnf -y update

Now we’ll install vsftpd and any required packages:

dnf -y install vsftpd

Step #2: Configure vsftpd

First, we’ll edit the configuration file for vsftpd:

vim /etc/vsftpd/vsftpd.conf

In vim, you can press “a” to enter text insertion mode, and hit the escape key (Esc) on your keyboard to return to command mode. For a refresher on editing files with vim, see New User Tutorial: Overview of the Vim Text Editor. If vim is not installed on your OS, you can follow our tutorial on installing vim at How to Install VIM (Visual editor IMproved) on Fedora 23.

Now, to prevent anonymous FTP access, we’ll change the anonymous_enable setting to “NO”:

anonymous_enable=NO

We do want to allow local users to log in, so we’ll change the local_enable setting to “YES”:

local_enable=YES

If you want local users to be able to write to a directory, you’ll also need to change the write_enable setting to “YES”:

write_enable=YES

For our purposes, we want local users to be ‘jailed’ with no access to any other part of the server. To accomplish that, we simply uncomment the chroot_local_user setting by removing the preceding “#”, so that:

#chroot_local_user=YES

becomes

chroot_local_user=YES

Now save and exit the file with the command:

:wq

At this point, we’ll restart the vsftpd service with the new configuration:

systemctl restart vsftpd

Finally, we’ll set the vsftpd service to start at boot:

systemctl enable vsftpd

That should produce output similar to the following:

[root@host ~]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service

Step #3: Allow vsftpd Through the Firewall

Allow the default FTP port, port 21, through firewalld:

firewall-cmd --permanent --add-port=21/tcp

And reload the firewall:

firewall-cmd --reload

Possible Errors

There are a few common vsftpd errors that we’ve already solved for you! Check out the following if you run into issues:
Error: 500 OOPS: vsftpd: refusing to run with writable root inside chroot() [SOLVED]
Error: 500 OOPS: priv_sock_get_cmd [SOLVED]
Error: 500 OOPS: priv_sock_get_int [SOLVED]
 

Be Sociable, Share!
Here's $75, Launch a New VPS Today. Find out why 30,000 customers have chosen our Best-in-Class Performance & 24x7 Heroic Support.