FTP (File Transfer Protocol) is the most common method of uploading files to a server. A wide array of FTP servers, such as vsftpd, and clients exist for every platform.
- These instructions are intended specifically for installing the VSFTP server on Fedora 23. If you’re on a different operating system, check out our guides for installing vsftpd on Fedora 22, CentOS 7, and Ubuntu 15.04.
- We’ll be logging into a Liquid Web Self Managed Fedora 23 server as root.
Step #1: Install vsftpd
Warning: FTP is an insecure protocol. Data is not encrypted, and all transmissions (including usernames, passwords, commands, and the data itself) are in clear text. Consider securing your FTP connection with SSL/TLS.
As a matter of best practice we’ll first update our packages:
dnf -y update
Now we’ll install vsftpd and any required packages:
dnf -y install vsftpd
Step #2: Configure vsftpd
First, we’ll edit the configuration file for vsftpd:
Now, to prevent anonymous FTP access, we’ll change the anonymous_enable setting to “NO”:
We do want to allow local users to log in, so we’ll change the local_enable setting to “YES”:
If you want local users to be able to write to a directory, you’ll also need to change the write_enable setting to “YES”:
For our purposes, we want local users to be ‘jailed’ with no access to any other part of the server. To accomplish that, we simply uncomment the chroot_local_user setting by removing the preceding “#”, so that:
Now save and exit the file with the command:
At this point, we’ll restart the vsftpd service with the new configuration:
systemctl restart vsftpd
Finally, we’ll set the vsftpd service to start at boot:
systemctl enable vsftpd
That should produce output similar to the following:
[root@host ~]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service
Step #3: Allow vsftpd Through the Firewall
Allow the default FTP port, port 21, through firewalld:
firewall-cmd --permanent --add-port=21/tcp
And reload the firewall:
There are a few common vsftpd errors that we’ve already solved for you! Check out the following if you run into issues:
Error: 500 OOPS: vsftpd: refusing to run with writable root inside chroot() [SOLVED]
Error: 500 OOPS: priv_sock_get_cmd [SOLVED]
Error: 500 OOPS: priv_sock_get_int [SOLVED]