Installing and configuring VsFTPd (Very Secure FTP Daemon) on Fedora Linux involves several steps. This article will guide you through the process, ensuring that you have a secure and efficient FTP server up and running.
VsFTPd is known for its security and speed, making it a popular choice for setting up an FTP server on Linux systems. It supports both anonymous and authenticated FTP access and can be configured for high performance and security.
Pre-requisites
- A system running Fedora Linux
- Sudo privileges or access to the root user
Installation of VsFTPd
1. Update System Packages:
Begin by updating your system’s package index to ensure you have access to the latest software versions.
sudo dnf update
2. Install VsFTPd:
Install VsFTPd using Fedora’s package manager, DNF (Dandified YUM).
sudo dnf install vsftpd
Configuring VsFTPd
3. Edit Configuration File:
The main configuration file for VsFTPd is located at /etc/vsftpd/vsftpd.conf. Open this file with a text editor of your choice.
sudo nano /etc/vsftpd/vsftpd.conf
4. Set Basic Configuration:
- Disable anonymous FTP to enhance security (anonymous_enable=NO).
anonymous_enable=NO
- Enable local user login (local_enable=YES).
local_enable=YES
- Permit write operations if necessary (write_enable=YES).
write_enable=YES
5. Configure User Isolation (optional):
To enhance security, you can isolate users to their home directory. Add chroot_local_user=YES to the configuration file.
chroot_local_user=YES
6. Firewall Configuration:
If you have a firewall enabled, allow FTP traffic through it.
sudo firewall-cmd --zone=public --add-service=ftp --permanent
sudo firewall-cmd --reload
7. SELinux Considerations:
Fedora comes with SELinux enabled by default. You might need to adjust SELinux policies for VsFTPd to function correctly.
Starting and Testing VsFTPd
8. Start VsFTPd Service:
Enable and start the VsFTPd service.
sudo systemctl enable vsftpd
sudo systemctl start vsftpd
9. Testing FTP Access:
Test the FTP server using an FTP client or command-line utility.
ftp localhost
You can also try a graphical client like Filezilla, etc:
Additional Tips
- Regularly update your system and VsFTPd to get security patches.
- Consider using FTPS (FTP over SSL/TLS) for enhanced security.
- Monitor FTP logs for any unusual activity.
- Backup your configuration files before making significant changes.
Conclusion
You have successfully installed and configured a VsFTPd server on Fedora Linux. This setup provides a secure and efficient environment for file transfer. Remember to regularly check for security updates and maintain the server for optimal performance.
By following these steps and best practices, you can maintain a secure and reliable FTP server on your Fedora system.
4 Comments
Thank you so much!!!
God bless you.
What was teh username and password then . Do we need to create linux users ?
Please complete the info 😉
Hi Rahul
I was following your steps in configuring the VsFTPD with SSL in one of the RHEL 6.4 servers. However, I get the following error when I issue the command:
[root@Cent ~]#openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ssl/vsftpd/vsftpd-private.pem -out /etc/ssl/vsftpd/vsftpd-cert.pem
Generating a 2048 bit RSA private key
….+++
.+++
writing new private key to ‘/etc/ssl/vsftpd/vsftpd-private.pem’
/etc/ssl/vsftpd/vsftpd-private.pem: No such file or directory
140154870036296:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen(‘/etc/ssl/vsftpd/vsftpd-private.pem’,’w’)
140154870036296:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
Would greatly appreciate your response on this.
Regards
Jo
Hi Jo,
It looks /etc/ssl/vsftpd is not created. I have made some changes in the path of certificates in this article. Hope it will work fine now.