Step by step configuration guide for setting up the FTP server in RHEL6. FTP server is useful for small scale file sharing between cross-OS platforms.
FTP (file transfer protocol) is one of the famous methods to get centralized file storage on a low scale. FTP server implementation mainly is done to enable users to upload files in a centralized location. Many vendors have their FTP servers running where sysadmins upload logs when any case investigation is in progress with the vendor. This is almost a common thing in the life of sysadmin working in Corporate infrastructure.
In this post, we are going to see step by step configuring the FTP server in the RHEL server. Setting up FTP server can be staged in below parts :
- Installing necessary packages
- Starting up services
- Setting up users
- Testing
1. Installing necessary packages :
We need to have a very secure ftp
, rpcbind
and xinetd
services installed on the server. You can check them if they are installed using the below command :
# rpm -qa | grep -i vsftpd
vsftpd-2.2.2-21.el6.x86_64
# rpm -qa | grep -i xinetd
xinetd-2.3.14-40.el6.x86_64
# rpm -qa | grep -i rpcbind
rpcbind-0.2.0-12.el6.x86_64
If they are not installed, install them with below command (Make sure you have YUM configured on your server.):
# yum install vsftpd rpcbind xinetd y
Loaded plugins: amazon-id, rhui-lb, security
Setting up Install Process
No package y available.
Resolving Dependencies
--> Running transaction check
---> Package rpcbind.x86_64 0:0.2.0-11.el6 will be updated
---> Package rpcbind.x86_64 0:0.2.0-12.el6 will be an update
---> Package vsftpd.x86_64 0:2.2.2-21.el6 will be installed
---> Package xinetd.x86_64 2:2.3.14-40.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=================================================================================================================================================================================
Package Arch Version Repository Size
=================================================================================================================================================================================
Installing:
vsftpd x86_64 2.2.2-21.el6 rhui-REGION-rhel-server-releases 155 k
xinetd x86_64 2:2.3.14-40.el6 rhui-REGION-rhel-server-releases 122 k
Updating:
rpcbind x86_64 0.2.0-12.el6 rhui-REGION-rhel-server-releases 51 k
Transaction Summary
=================================================================================================================================================================================
Install 2 Package(s)
Upgrade 1 Package(s)
Total download size: 328 k
Is this ok [y/N]: y
Downloading Packages:
(1/3): rpcbind-0.2.0-12.el6.x86_64.rpm | 51 kB 00:00
(2/3): vsftpd-2.2.2-21.el6.x86_64.rpm | 155 kB 00:00
(3/3): xinetd-2.3.14-40.el6.x86_64.rpm | 122 kB 00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 1.1 MB/s | 328 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : 2:xinetd-2.3.14-40.el6.x86_64 1/4
Installing : vsftpd-2.2.2-21.el6.x86_64 2/4
Updating : rpcbind-0.2.0-12.el6.x86_64 3/4
Cleanup : rpcbind-0.2.0-11.el6.x86_64 4/4
Verifying : rpcbind-0.2.0-12.el6.x86_64 1/4
Verifying : vsftpd-2.2.2-21.el6.x86_64 2/4
Verifying : 2:xinetd-2.3.14-40.el6.x86_64 3/4
Verifying : rpcbind-0.2.0-11.el6.x86_64 4/4
Installed:
vsftpd.x86_64 0:2.2.2-21.el6 xinetd.x86_64 2:2.3.14-40.el6
Updated:
rpcbind.x86_64 0:0.2.0-12.el6
Complete!
Once installed, make them start at every boot with chkconfig configurations.
2. Starting up service :
After installation is over, stop iptables firewall and turn SELinux into permissive mode, to ensure FTP functions well.
# service iptables stop
ip6tables: Setting chains to policy ACCEPT: filter [ OK ]
ip6tables: Flushing firewall rules: [ OK ]
ip6tables: Unloading modules: [ OK ]
# setenforce 0
Now start services one by one and check if they are running.
# service vsftpd start
Starting vsftpd for vsftpd: [ OK ]
# service xinetd start
Starting xinetd: [ OK ]
# service rpcbind status
rpcbind (pid 4855) is running...
3. Setting up users:
Users which are listed in file /etc/vsftpd/ftpusers
are not allowed to access FTP server. Hence if you want to disable FTP access of any user, you need to put that username in this file. For security reasons, the root account is by default exist in this file i.e. not allowed to FTP.
# cat /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown
For testing, create a new user on the system. Login to the server from a new terminal with this new user. Create some test files in its home directory.
Bonus tip: You can even edit the welcome banner message the user sees after logging into FTP server. Edit “ftpd_banner=Welcome to blah FTP service.” line under
/etc/vsftpd/vsftpd.conf
file.
4. Testing:
Now, access the FTP server from a windows machine using the command prompt. Once successfully logged in using the above-created test user, you will be able to see the file created in the above step and even you will be able to download it!
C:/> ftp 10.10.15.2
Connected to 10.10.15.2.
220 (vsFTPd 2.2.2)
User (10.10.15.2:(none)): testuser
Password:
230 Login successful.
ftp>
ftp>dir
200 PORT command successful. Consider using PASV.
-rw-rw-r-- 1 501 502 42 Jan 18 12:08 file1
226 Directory send OK.
ftp: 63 bytes received in 0.00Seconds 63000.00Kbytes/sec.
You can run get, put FTP commands, and verify full functionality! You have successfully configured a secure FTP server on Linux!