Setting up vsftpd on CentOS

Joris's picture
Tue, 02/04/2014 - 16:00 -- Joris

When installing vsftpd on CentOS (currently 6.5) some adjustments need to be made to the iptables configuration, as well as to SELinux.

Installing vsftpd

First, install vsftpd :

# yum -y install vsftpd

Edit the configuration file, which is located at /etc/vsftpd/vsftpd.conf ie, disable anonymous login :

anonymous_enable=NO

chroot users to their home directory :

chroot_local_user=YES

For all configuration parameters, be sure to check out

# man vsftpd.conf

Configuring system

Right now, you could start vsftpd if you wanted to, but when iptables is enabled, connections from clients won't be possible just yet.

To alter the iptables configuration in a persistent way, we will use the system-config-firewall-tui tool. If it is not yet installed :

# yum -y install system-config-firewall-tui

Now start the tool and enable ftp as follows

Start vsftpd and test

To start vsftpd right now :

# service vsftpd start 

and to make vsftpd start at boot :

# chkconfig vsftpd on

vsftpd is default configured to allow ftp login with linux system accounts. Try logging in to vsftpd from a client.

When you get following error

500 OOPS: cannot change directory:/home/system

You need to set following SELinux parameter :

# setsebool -P ftp_home_dir=1