FTP Server
File Transfer Protocol is a way of transferring files over the Internet from one computer to another. You can connect to a FTP server, browse directories and transfer files. Red Hat Linux comes with different or updated version of FTP daemon with each release. Newer versions of Red Hat no longer support the wu-ftpd, instead vsftpd had been used.
Vsftpd FTP server
-
vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It is secure, extremely fast and trusted solution. Vsftpd can be downloadable from http://vsftpd.beasts.org/
-
By default, Vsftpd is not configured to start everytime the server reboot. To enable this, use chkconfig to configure the run level of this service.
chkconfig –level 2 vsftpd on
chkconfig –level 3 vsftpd on
chkconfig –level 4 vsftpd on
chkconfig –level 5 vsftpd on -
vi /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
tcp_wrappers=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
pasv_min_port=10100
pasv_max_port=10199 -
touch /etc/vsftpd.chroot_list
vi /etc/vsftpd.chroot_list, this is a list of local user that will be chroot() jail. For new FTP account, please remember to add the username in this list.
-
Restart vsftpd service, /etc/rc.d/init.d/vsftpd restart
-
Update iptables to allow passive connection to port 10100-10199
vi /etc/sysconfig/iptables, append the new rules in appropriate line
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 10100:10199 -j ACCEPT
Restart iptables, /etc/rc.d/init.d/iptables restart
-
Setup new FTP account:
- groupadd <group>
- useradd <username> -M -g <group>
- passwd <username>
- mkdir /home/<username>
- mkdir /home/<username>/web
- mkdir /home/<username>/web/stats
- chown -R <username >.site /home/<username>
- vi /etc/vsftpd.chroot_list, and add <username> in new line
- /etc/rc.d/init.d/vsftpd restart