Step by step configuration guide for setting up FTP server in RHEL6. FTP server is useful for small scale file sharing between cross OS platforms.
FTP (file transfer protocol) is one of the famous method to get centralized file storage on low scale. FTP server implementation mainly done to enable users upload files in centralized location. Many vendors has their FTP servers running where sysadmins upload logs when any case investigation is in progress with vendor. This is almost common thing in life of sysadmin working in Corporate infrastructure.
In this post we are going to see step by step configuring FTP server in RHEL server. Setting up FTP server can be staged in below parts :
- Installing necessary packages
- Starting up services
- Setting up users
- Testing
1. Installing necessary packages :
We need to have very secure ftp, rpcbind and xinetd services installed on server. You can check them if they are installed using below command :
1 2 3 4 5 6 7 8 9 10 | # rpm -qa | grep -i vsftpd vsftpd-2.2.2-21.el6.x86_64 # rpm -qa | grep -i xinetd xinetd-2.3.14-40.el6.x86_64 # rpm -qa | grep -i rpcbind rpcbind-0.2.0-12.el6.x86_64 |
If they are not installed, install them with below command (Make sure you have YUM configured on your server.):
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 | # yum install vsftpd rpcbind xinetd y Loaded plugins: amazon-id, rhui-lb, security Setting up Install Process No package y available. Resolving Dependencies --> Running transaction check ---> Package rpcbind.x86_64 0:0.2.0-11.el6 will be updated ---> Package rpcbind.x86_64 0:0.2.0-12.el6 will be an update ---> Package vsftpd.x86_64 0:2.2.2-21.el6 will be installed ---> Package xinetd.x86_64 2:2.3.14-40.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================================================================================================================= Package Arch Version Repository Size ================================================================================================================================================================================= Installing: vsftpd x86_64 2.2.2-21.el6 rhui-REGION-rhel-server-releases 155 k xinetd x86_64 2:2.3.14-40.el6 rhui-REGION-rhel-server-releases 122 k Updating: rpcbind x86_64 0.2.0-12.el6 rhui-REGION-rhel-server-releases 51 k Transaction Summary ================================================================================================================================================================================= Install 2 Package(s) Upgrade 1 Package(s) Total download size: 328 k Is this ok [y/N]: y Downloading Packages: (1/3): rpcbind-0.2.0-12.el6.x86_64.rpm | 51 kB 00:00 (2/3): vsftpd-2.2.2-21.el6.x86_64.rpm | 155 kB 00:00 (3/3): xinetd-2.3.14-40.el6.x86_64.rpm | 122 kB 00:00 --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 1.1 MB/s | 328 kB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : 2:xinetd-2.3.14-40.el6.x86_64 1/4 Installing : vsftpd-2.2.2-21.el6.x86_64 2/4 Updating : rpcbind-0.2.0-12.el6.x86_64 3/4 Cleanup : rpcbind-0.2.0-11.el6.x86_64 4/4 Verifying : rpcbind-0.2.0-12.el6.x86_64 1/4 Verifying : vsftpd-2.2.2-21.el6.x86_64 2/4 Verifying : 2:xinetd-2.3.14-40.el6.x86_64 3/4 Verifying : rpcbind-0.2.0-11.el6.x86_64 4/4 Installed: vsftpd.x86_64 0:2.2.2-21.el6 xinetd.x86_64 2:2.3.14-40.el6 Updated: rpcbind.x86_64 0:0.2.0-12.el6 Complete! |
Once installed, make them start at every boot with chkconfig configurations.
2. Starting up service :
After installation is over, stop iptables firewall and turn SELinux into permissive mode, to ensure FTP functions well.
1 2 3 4 5 6 7 8 | # service ip6tables stop ip6tables: Setting chains to policy ACCEPT: filter [ OK ] ip6tables: Flushing firewall rules: [ OK ] ip6tables: Unloading modules: [ OK ] # setenforce 0 |
Now start services one by one and check if they are running.
An error has occurred. Please try again later. |
3. Setting up users:
Users which are listed in file /etc/vsftpd/ftpusers are not allowed to access ftp server. Hence if you want to disable ftp access of any user, you need to put that username in this file. For security reason, root account is by default exist in this file i.e. not allowed to ftp.
1 2 3 4 5 6 7 8 9 10 11 | # cat /etc/vsftpd/ftpusers # Users that are not allowed to login via ftp root bin daemon adm lp sync shutdown |
For testing, create new user on system. Login to server from new terminal with this new user. Create some test files in its home directory.
Bonus tip : You can even edit welcome banner message user sees after logging into ftp server. Edit “ftpd_banner=Welcome to blah FTP service.” line under /etc/vsftpd/vsftpd.conf file.
4. Testing:
Now, access FTP server from windows machine using command prompt. Once successful logged in using above created test user, you will be able to see file created in above step and even you will be able to download it!
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | C:/> ftp 10.10.15.2 Connected to 10.10.15.2. 220 (vsFTPd 2.2.2) User (10.10.15.2:(none)): testuser Password: 230 Login successful. ftp> ftp>dir 200 PORT command successful. Consider using PASV. -rw-rw-r-- 1 501 502 42 Jan 18 12:08 file1 226 Directory send OK. ftp: 63 bytes received in 0.00Seconds 63000.00Kbytes/sec. |
You can run get, put ftp commands and verify full functionality! You have successfully configured secure FTP server on Linux!
Got any feedback? Comment here!