Tag Archives: vsftp in linux

FTP server configuration steps in RHEL 6

Step by step configuration guide for setting up the FTP server in RHEL6. FTP server is useful for small scale file sharing between cross-OS platforms.

FTP (file transfer protocol) is one of the famous methods to get centralized file storage on a low scale. FTP server implementation mainly is done to enable users to upload files in a centralized location. Many vendors have their FTP servers running where sysadmins upload logs when any case investigation is in progress with the vendor. This is almost a common thing in the life of sysadmin working in Corporate infrastructure.

In this post, we are going to see step by step configuring the FTP server in the RHEL server. Setting up FTP server can be staged in below parts :

  1. Installing necessary packages
  2. Starting up services
  3. Setting up users
  4. Testing

1. Installing necessary packages :

We need to have a very secure ftp, rpcbind and xinetd services installed on the server. You can check them if they are installed using the below command :

# rpm -qa | grep -i vsftpd
vsftpd-2.2.2-21.el6.x86_64

# rpm -qa | grep -i xinetd
xinetd-2.3.14-40.el6.x86_64

# rpm -qa | grep -i rpcbind
rpcbind-0.2.0-12.el6.x86_64

If they are not installed, install them with below command (Make sure you have YUM configured on your server.):

#  yum install vsftpd rpcbind xinetd y
Loaded plugins: amazon-id, rhui-lb, security
Setting up Install Process
No package y available.
Resolving Dependencies
--> Running transaction check
---> Package rpcbind.x86_64 0:0.2.0-11.el6 will be updated
---> Package rpcbind.x86_64 0:0.2.0-12.el6 will be an update
---> Package vsftpd.x86_64 0:2.2.2-21.el6 will be installed
---> Package xinetd.x86_64 2:2.3.14-40.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=================================================================================================================================================================================
 Package                           Arch                             Version                                     Repository                                                  Size
=================================================================================================================================================================================
Installing:
 vsftpd                            x86_64                           2.2.2-21.el6                                rhui-REGION-rhel-server-releases                           155 k
 xinetd                            x86_64                           2:2.3.14-40.el6                             rhui-REGION-rhel-server-releases                           122 k
Updating:
 rpcbind                           x86_64                           0.2.0-12.el6                                rhui-REGION-rhel-server-releases                            51 k

Transaction Summary
=================================================================================================================================================================================
Install       2 Package(s)
Upgrade       1 Package(s)

Total download size: 328 k
Is this ok [y/N]: y
Downloading Packages:
(1/3): rpcbind-0.2.0-12.el6.x86_64.rpm                                                                                                                    |  51 kB     00:00
(2/3): vsftpd-2.2.2-21.el6.x86_64.rpm                                                                                                                     | 155 kB     00:00
(3/3): xinetd-2.3.14-40.el6.x86_64.rpm                                                                                                                    | 122 kB     00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                            1.1 MB/s | 328 kB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : 2:xinetd-2.3.14-40.el6.x86_64                                                                                                                                 1/4
  Installing : vsftpd-2.2.2-21.el6.x86_64                                                                                                                                    2/4
  Updating   : rpcbind-0.2.0-12.el6.x86_64                                                                                                                                   3/4
  Cleanup    : rpcbind-0.2.0-11.el6.x86_64                                                                                                                                   4/4
  Verifying  : rpcbind-0.2.0-12.el6.x86_64                                                                                                                                   1/4
  Verifying  : vsftpd-2.2.2-21.el6.x86_64                                                                                                                                    2/4
  Verifying  : 2:xinetd-2.3.14-40.el6.x86_64                                                                                                                                 3/4
  Verifying  : rpcbind-0.2.0-11.el6.x86_64                                                                                                                                   4/4

Installed:
  vsftpd.x86_64 0:2.2.2-21.el6                                                           xinetd.x86_64 2:2.3.14-40.el6

Updated:
  rpcbind.x86_64 0:0.2.0-12.el6

Complete!

Once installed, make them start at every boot with chkconfig configurations.

2. Starting up service :

After installation is over, stop iptables firewall and turn SELinux into permissive mode, to ensure FTP functions well.

# service  iptables  stop
ip6tables: Setting chains to policy ACCEPT: filter         [  OK  ]
ip6tables: Flushing firewall rules:                        [  OK  ]
ip6tables: Unloading modules:                              [  OK  ]
# setenforce 0

Now start services one by one and check if they are running.

# service vsftpd start
Starting vsftpd for vsftpd:    [ OK ]
# service xinetd start
Starting xinetd:               [ OK ]
# service rpcbind status
rpcbind (pid 4855) is running...

3. Setting up users:

Users which are listed in file /etc/vsftpd/ftpusers are not allowed to access FTP server. Hence if you want to disable FTP access of any user, you need to put that username in this file. For security reasons, the root account is by default exist in this file i.e. not allowed to FTP.

# cat  /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown

For testing, create a new user on the system. Login to the server from a new terminal with this new user. Create some test files in its home directory.

Bonus tip: You can even edit the welcome banner message the user sees after logging into FTP server. Edit “ftpd_banner=Welcome to blah FTP service.” line under /etc/vsftpd/vsftpd.conf file.

4. Testing:

Now, access the FTP server from a windows machine using the command prompt. Once successfully logged in using the above-created test user, you will be able to see the file created in the above step and even you will be able to download it!

C:/> ftp 10.10.15.2
Connected to 10.10.15.2.
220 (vsFTPd 2.2.2)
User (10.10.15.2:(none)): testuser
Password:
230 Login successful.
ftp>
ftp>dir
200 PORT command successful. Consider using PASV.
-rw-rw-r--      1   501   502     42 Jan 18 12:08  file1
226 Directory send OK.
ftp: 63 bytes received in 0.00Seconds 63000.00Kbytes/sec.

You can run get, put FTP commands, and verify full functionality! You have successfully configured a secure FTP server on Linux!