Configure FTP Server

[1] Install and Configure Vsftpd.

[[email protected] ~]# dnf install vsftpd -y
[[email protected] ~]# vi /etc/vsftpd/vsftpd.conf

# line 12: make sure value is [NO] (no anonymous)
anonymous_enable=NO

# line 83,84: uncomment ( allow ascii mode )
ascii_upload_enable=YES
ascii_download_enable=YES

# line 101,102: uncomment ( enable chroot )
chroot_local_user=YES
chroot_list_enable=YES

# line 104: uncomment ( chroot list file )
chroot_list_file=/etc/vsftpd/chroot_list

# line 110: uncomment
ls_recurse_enable=YES

# line 115: change (if listening IPv4 only)
# if listning IPv4 and IPv6 both, specify [NO]
listen=YES

# line 124: change (if listening IPv6 only)
# if listning IPv4 and IPv6 both, specify [YES]
listen_ipv6=NO

# add to the end
# specify root directory (if don't specify, users' home directory become FTP home directory)
local_root=public_html

# use local time
use_localtime=YES

# turn off for seccomp filter (if cannot login, add this line)
seccomp_sandbox=NO

[[email protected] ~]# vi /etc/vsftpd/chroot_list

# add users you allow to move over their home directory
future

[[email protected] ~]# systemctl start vsftpd
[[email protected] ~]# systemctl enable vsftpd
Created symlink /etc/systemd/system/multi-user.target.wants/vsftpd.service β†’ /usr/lib/systemd/system/vsftpd.service.

[2] If Firewalld is running, allow FTP service.

[[email protected] ~]# vi /etc/vsftpd/vsftpd.conf

# add to the end
# fix PASV ports to allow FTP access with PASV
pasv_enable=YES
pasv_min_port=21000
pasv_max_port=21010

[[email protected] ~]# systemctl restart vsftpd
[[email protected] ~]# firewall-cmd --permanent --add-service=ftp
success
[[email protected] ~]# firewall-cmd --permanent --add-port=21000-21010/tcp
success
[[email protected] ~]# firewall-cmd --reload
success

[3] If SELinux is enabled, change Boolean setting.

[[email protected] ~]# setsebool -P ftpd_full_access on