Step by step configuration guide for setting up the FTP server in RHEL6. FTP server is useful for small scale file sharing between cross-OS platforms.
FTP (file transfer protocol) is one of the famous methods to get centralized file storage on a low scale. FTP server implementation mainly is done to enable users to upload files in a centralized location. Many vendors have their FTP servers running where sysadmins upload logs when any case investigation is in progress with the vendor. This is almost a common thing in the life of sysadmin working in Corporate infrastructure.
In this post, we are going to see step by step configuring the FTP server in the RHEL server. Setting up FTP server can be staged in below parts :
- Installing necessary packages
- Starting up services
- Setting up users
- Testing
1. Installing necessary packages :
We need to have a very secure ftp, rpcbind and xinetd services installed on the server. You can check them if they are installed using the below command :
# rpm -qa | grep -i vsftpd vsftpd-2.2.2-21.el6.x86_64 # rpm -qa | grep -i xinetd xinetd-2.3.14-40.el6.x86_64 # rpm -qa | grep -i rpcbind rpcbind-0.2.0-12.el6.x86_64
If they are not installed, install them with below command (Make sure you have YUM configured on your server.):
# yum install vsftpd rpcbind xinetd y Loaded plugins: amazon-id, rhui-lb, security Setting up Install Process No package y available. Resolving Dependencies --> Running transaction check ---> Package rpcbind.x86_64 0:0.2.0-11.el6 will be updated ---> Package rpcbind.x86_64 0:0.2.0-12.el6 will be an update ---> Package vsftpd.x86_64 0:2.2.2-21.el6 will be installed ---> Package xinetd.x86_64 2:2.3.14-40.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================================================================================================================= Package Arch Version Repository Size ================================================================================================================================================================================= Installing: vsftpd x86_64 2.2.2-21.el6 rhui-REGION-rhel-server-releases 155 k xinetd x86_64 2:2.3.14-40.el6 rhui-REGION-rhel-server-releases 122 k Updating: rpcbind x86_64 0.2.0-12.el6 rhui-REGION-rhel-server-releases 51 k Transaction Summary ================================================================================================================================================================================= Install 2 Package(s) Upgrade 1 Package(s) Total download size: 328 k Is this ok [y/N]: y Downloading Packages: (1/3): rpcbind-0.2.0-12.el6.x86_64.rpm | 51 kB 00:00 (2/3): vsftpd-2.2.2-21.el6.x86_64.rpm | 155 kB 00:00 (3/3): xinetd-2.3.14-40.el6.x86_64.rpm | 122 kB 00:00 --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 1.1 MB/s | 328 kB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : 2:xinetd-2.3.14-40.el6.x86_64 1/4 Installing : vsftpd-2.2.2-21.el6.x86_64 2/4 Updating : rpcbind-0.2.0-12.el6.x86_64 3/4 Cleanup : rpcbind-0.2.0-11.el6.x86_64 4/4 Verifying : rpcbind-0.2.0-12.el6.x86_64 1/4 Verifying : vsftpd-2.2.2-21.el6.x86_64 2/4 Verifying : 2:xinetd-2.3.14-40.el6.x86_64 3/4 Verifying : rpcbind-0.2.0-11.el6.x86_64 4/4 Installed: vsftpd.x86_64 0:2.2.2-21.el6 xinetd.x86_64 2:2.3.14-40.el6 Updated: rpcbind.x86_64 0:0.2.0-12.el6 Complete!
Once installed, make them start at every boot with chkconfig configurations.
2. Starting up service :
After installation is over, stop iptables firewall and turn SELinux into permissive mode, to ensure FTP functions well.
# service iptables stop ip6tables: Setting chains to policy ACCEPT: filter [ OK ] ip6tables: Flushing firewall rules: [ OK ] ip6tables: Unloading modules: [ OK ] # setenforce 0
Now start services one by one and check if they are running.
# service vsftpd start Starting vsftpd for vsftpd: [ OK ] # service xinetd start Starting xinetd: [ OK ] # service rpcbind status rpcbind (pid 4855) is running...
3. Setting up users:
Users which are listed in file /etc/vsftpd/ftpusers are not allowed to access FTP server. Hence if you want to disable FTP access of any user, you need to put that username in this file. For security reasons, the root account is by default exist in this file i.e. not allowed to FTP.
# cat /etc/vsftpd/ftpusers # Users that are not allowed to login via ftp root bin daemon adm lp sync shutdown
For testing, create a new user on the system. Login to the server from a new terminal with this new user. Create some test files in its home directory.
Bonus tip: You can even edit the welcome banner message the user sees after logging into FTP server. Edit “ftpd_banner=Welcome to blah FTP service.” line under
/etc/vsftpd/vsftpd.conffile.
4. Testing:
Now, access the FTP server from a windows machine using the command prompt. Once successfully logged in using the above-created test user, you will be able to see the file created in the above step and even you will be able to download it!
C:/> ftp 10.10.15.2 Connected to 10.10.15.2. 220 (vsFTPd 2.2.2) User (10.10.15.2:(none)): testuser Password: 230 Login successful. ftp> ftp>dir 200 PORT command successful. Consider using PASV. -rw-rw-r-- 1 501 502 42 Jan 18 12:08 file1 226 Directory send OK. ftp: 63 bytes received in 0.00Seconds 63000.00Kbytes/sec.
You can run get, put FTP commands, and verify full functionality! You have successfully configured a secure FTP server on Linux!
Share Your Comments & Feedback: