Configuring vsftpd FTP-server for authenticated users on CentOs 5.x February 11, 2011Posted by Tournas Dimitrios in Linux.
This article assumes that you are familiar with the concepts of FTP . Actually installing and enabling the vsftpd package is “out of the box ” , but by default it is configured to have un-authenticated transactions . Users can log-in with the default username “anonymous” and a random password . If the server is accessible from a hostile network (internet) , this default configuration is a high risk , because unknown persons can upload files ( illegal software , images , music) for the world to download .
Configuring the FTP server for authenticated log-in is simple , so let see how to do it in 7 steps . In this example we will set up a group of trusted users with username and password .
- Disable anonymous FTP : Comment out the “anonymous_enable ” directive line in the vsftpd.conf file ( /etc/vsftpd/vsftpd.conf) .
#Allow anonymous FTP?
- Enable individual logins by making sure you have the “local_enable” directive line like uncomented in the vsftpd.conf file
#Uncomment this to allow local users to log in.
- Restart vsftpd for the configurations to take action .
service vsftpd restart
- Create a user group and directory . In this case , use /home/ftp-users and user group name of ftp-users for the remote users .
- Add users , and make their default directory /home/ftp-users
useradd -g ftp-users -d /home/ftp-users user1
useradd -g ftp-users -d /home/ftp-users user2
useradd -g ftp-users -d /home/ftp-users user3
- Copy files to be downloaded by your users into the /home/ftp-users directory
- Change the permissions of the files in the /home/ftp-users for read only access by the group
chown root:ftp-users /home/ftp-users/*
chmod 740 /home/ftp-users/*
Users should now be able to log in via FTP to the server using their new usernames and passwords. If you absolutely don’t wnat any FTP users to be able to write to any directory , then you should set the “write_enable ” directive line in your vsftpd.conf file to NO
Of course remember to restart the server ,so that the configuration file changes to take plase .
- must read the ” man vsftpd.conf “