CentOS server – Vsftpd Howto

Leave a reply

To set up your CentOS as a secure FTP server, follow the next couple steps

Install VSFTPD with

yum install vsftpd

Turn on vsftpd auto start with

(CentOS 6.x)

chkconfig --level 235 vsftpd on

(CentOS 7.x)

systemctl vsftpd enable

Open vsftpd.conf

nano /etc/vsftpd/vsftpd.conf

and edit the next:

1. Change anonymous_enable=YES to anonymous_enable=NO

2. Uncomment chroot_local_user=YES line (In CentOS 5.x you will need to add this line)

3. Change the default port number from 21 to XXXXX (where XXXXX is above 1024) with listen_port=XXXXX

It this line doesn’t exist, paste it to the end of the file. Be sure that port XXXXX is accessible.

4. The vsftpd version that comes with Centos 7 does not permit  chrooted local users to write by default. To “fix” this, you’ll need to add the next line:

allow_writeable_chroot=YES

Restart vsftpd with service vsftpd restart. Please keep in mind that changing default port number doesn’t mean that your server is 100% secured. It will help you to avoid random dictionary attacks and your log files will be much smaller. Good password is a MUST.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.