To install
yum install vsftpd ftp
after installing edit the configuration file with
vim /etc/vsftpd/vsftpd.conf
For basic secured FTP these are the necessary actions you should follow.
Disable Anonymous login If you want with placing
anonymous_enable=NO
or comment #anonymous_enable=YES.
If you want to restrict users to their home directory Then uncomment
chroot_local_users=YES
For most of the times we generally consider FTP users home directory as their directory. But we can add custom directory location if you want.
syntax:
useradd -d /path/path <username>
ex:
useradd -d /ftp/raja raja passwd raja
so right now raja user we use to login into FTP and its in a custom directory.
If you want to add vsftpd service as autostart from next restart then you better add it startup list with
chkconfig --levels 235 vsftpd on
there 2,3,5 are runlevels
If you want to start FTP service i.e vsftpd then
service vsftpd start
in the same way restart ,stop,status are as follow
service vsftpd restart service vsftpd stop service vsftpd status
Sometimes we may need to store the local server log time in your log of FTP , so write this line at the end of the configuration file I have mentioned above
use_localtime=YES
Now due to security reasons no one will use default FTP port 21 as their port for service. We can change it.
Open the configuration file of vsftpd and mention at line as
listen_port=2121
then save and close it.
after that restart vsftpd service. But you wont be able to connect . why means here you have changed default port, so automatically you have to update the same port in your IPTables.
open IPtables with
vim /etc/sysconfig/iptables
and write a line like
-A INPUT -p tcp -m state --state NEW -m tcp --dport 2121 -j ACCEPT
Then restart iptables with
service iptables restart
so It will now accepts remote FTP connections through that port.
Here you have to add Boolean to selinux to get allow from it. I have set selinux to permissive from enforcing with
setenforce 0
then check with
getenforce
Now I am going to tell you about how to share single FTP directory for multiple users.
This is pretty simple I am introducing ACL's here. Many people do in their own way and this is mine.
add user first with
useradd -d /ftp/raja raja2
then
setfacl -m u:raja2:rwx /ftp/raja
so for users Raja and Raja2 we are giving same directory for sharing.
How to login ?
If you ware using default port of FTP i.e 21 then assume like your FTP server IP as 192.168.1.1
then in terminal like
ftp 192.168.1.1
then give username and password.
make sure you have followed selinux thing before this to have proper connectivity.
If you have changed default port , the way of connecting will be different a little but , assume your new port is 4545 then you can connect with
ftp 192.168.1.1 4545
Let me give time to arrange this post with proper format.
But I am sure , It is clear enough to read and let me know If I am missing anything I will add it.
No comments:
Post a Comment