Linux FTP Server Setup
In this page we will discuss about how to setup FTP server.
The File Transfer Protocol (FTP) is used as one of the most common means of copying files between servers over the Internet.
FTP server using the default Very Secure FTP Daemon (VSFTPD)
FTP uses port TCP port 20 for data channel, by using port 20 FTP server transfers data between the client and server.
FTP server uses TCP port 21 for Control Channel, FTP server uses port 21 to send the responses to those command sent by you.
If rpms of FTP server have been installed at time of installation of linux then no need to install.
[root@localhost~]# rpm -ivh --aid vsftpd-*
To know what RPM installed in my system use command as shown in figure
LINUX FTP rpm
Starting or stopping vsftpd service
[root@ server ~]# service vsftpd start
[root@ server ~]# service vsftpd stop
[root@ server ~]# service vsftpd restart
[root@ server ~]# /etc/init.d/vsftpd start
[root@ server ~]# /etc/init.d/vsftpd stop
[root@ server ~]# /etc/init.d/vsftpd restart
If you want service remain in effect after rebooting,
[root@ server ~]# chkconfig vsftpd on
[root@localhost~]# chkconfig vsftpd on
chkconfig command ensure that vsftpd starts automatically on your next reboot.
By enabling the vsFTPd service, you can almost instantly have an FTP service running with
the default values (set in the /etc/vsftpd/vsftpd.conf file).
Testing the Status of VSFTPD
In order to test vsFTPD is running or not, you can check with the netstat command.
# netstat -a | grep ftp
Start another computer connect to this computer, give the ip address of class C of host id 192.168.0.X
e.g. I give ip to my another pc is 192.168.0.6
This is pc become client computer. Now open the web browser of client computer.
What happen? Nothing
Ok stop your firewall And ftp server
Definitely you would see like this
LINUX FTP running
Properties of file /etc/vsftpd/vsftpd.conf
Now we modify some configuration.
Open the file
If anonymous_enable =yes
LINUX FTP anonymous user
The anonymous_enable line lets users log in anonymously using either the anonymous or
ftp user name.
Anonymous access is on by default, so you must set
to disable it.
Now see what happen
LINUX FTP user login
Make an user raj
Login in the prompt as shown in above figure
After giving the name raj and password
You may got this screen
LINUX FTP user directory access
By ftp server you can access /var/ftp/pub
So here we have to change the directory.
So open the file /etc/passwd
Change the path of home directory
As shown in figure below.
LINUX FTP changing user directory
Now login again
Every time you make the changes in related server, have to restart the service of corresponding server.
Hope you can access the directory of as define in the /etc/passwd
If any user misuse their account you can denied their access
Open the file
Make an entry at the last
I want to deny user raj
LINUX FTP denied permissions list
Now check login again
You would see
LINUX FTP denied permissions
Jailing of FTP server
The root directory (chroot) for anonymous users is /var/ftp
. The root directory for regular
users is the (/
), although their current directory after connecting to
FTP is /home/user
, where user is the user name. So an anonymous user is restricted to downloads
from the /var/ftp
directory structure, while a regular user potentially has access to the whole file system.
You can use the chroot_local_user
option to change the root directory for regular users
so that they are restricted to their home directory. To restrict all regular users to their home
Directory when using vsFTPd
, uncomment the line in the vsftpd.conf
LINUX FTP chroot list
What can be done with jailing or chroot
Consider chroot options are disabled
When you access your directory you can go higher directory in this way you can see the all directory structure of server.
LINUX FTP jailing
Client can read any file.
And this is very vulnerable for server. That’s why we use jailing just enabling jailing or chroot
. We can restrict the access of /
Logging vsFTPd activities
Logging is enabled in vsFTPd by default, and the activities of your vsFTPd
site are written to
file. The following options enable logging and change the log file
LINUX Logging vsFTPd activities
Just uncomment these lines
Highlighted in red rectangle
You can turn off logging if you like by changing YES to NO. (Note, however, that logging
enables you to watch for potential break-ins, so turning it off is not recommended.) Or you can
change the location of the log file by changing the value of the xferlog_file
Take a look of
LINUX FTP /var/log/vsftpd.log
It shows client raj's login time, date, client ip address ,access directory and file
Some more options you can try for Linux FTP
The following timeouts are set by default in vsFTPd.
The idle_session_timeout=600 option causes the FTP session to be dropped if the user has
been inactive for more than 10 minutes (600 seconds). The data_connection_timeout
value sets the amount of time, during which no progress occurs, that the server will wait before
dropping the connection (the default here is 120 seconds).
You may decide to limit the amount of users that connect to your server at any time, and how many simultaneous connections can be maintained from each IP address.
There are lot of things you can try for FTP server.