Serverspace Black Friday
JH
Joe Harris
October 19, 2020
Updated June 7, 2023

How to Configure FTP Access on CentOS 8

CentOS FTP Linux

An FTP server is useful for managing websites and sharing files. In this tutorial, we will configure FTP access on CentOS 8 using vsftpd.

Installing and configuring the FTP server

Let’s install the vsftpd package.

dnf install vsftpd

Now start the service.

systemctl start vsftpd

And add it to autorun.

systemctl enable vsftpd

Open the /etc/vsftpd/vsftpd.conf file.
Check these parameters to make sure they have the correct values. We currently prohibit anonymous login and allow it for local users. FTP recording is also allowed.

anonymous_enable=NO
local_enable=YES
write_enable=YES

Find and uncomment this line to restrict access to everything except the home directory.

chroot_local_user=YES

And add this line to the end of the file to grant access to change and write files via FTP.

allow_writeable_chroot=YES

Now save and close the file and open /etc/pam.d/vsftpd. Comment this line in it:

#auth required pam_shells.so

If you use firewalld add the FTP service to it.

firewall-cmd --permanent --add-service=ftp
firewall-cmd --reload

Restart the FTP service.

systemctl restart vsftpd

Creating a user for FTP access

Create a new user and set the password for it.

useradd newftpuser
passwd newftpuser

To prevent it from logging in via ssh, change its shell.

usermod --shell /sbin/nologin newftpuser

Using SSL/TLS for secure FTP

You can use SSL/TLS to encrypt your connection. For this purpose, you can use Let's Encrypt or a self-signed SSL certificate.
In the the /etc/vsftpd/vsftpd.conf file add the paths to the keys and enable ssl_enable option.

rsa_cert_file=/etc/letsencrypt/live/domain_name/fullchain.pem
rsa_private_key_file=/etc/letsencrypt/live/domain_name/privkey.pem
ssl_enable=YES

And restart the service.

systemctl restart vsftpd

Vote:
5 out of 5
Аverage rating : 5
Rated by: 2
1101 CT Amsterdam The Netherlands, Herikerbergweg 292
+31 20 262-58-98
700 300
ITGLOBAL.COM NL
700 300
We use cookies to make your experience on the Serverspace better. By continuing to browse our website, you agree to our
Use of Cookies and Privacy Policy.