When installing vsftpd on CentOS (currently 6.5) some adjustments need to be made to the iptables configuration, as well as to SELinux.
Installing vsftpd
First, install vsftpd :
# yum -y install vsftpd
Edit the configuration file, which is located at /etc/vsftpd/vsftpd.conf ie, disable anonymous login :
anonymous_enable=NO
chroot users to their home directory :
chroot_local_user=YES
For all configuration parameters, be sure to check out
# man vsftpd.conf
##Configuring system
Right now, you could start vsftpd if you wanted to, but when iptables is enabled, connections from clients won’t be possible just yet.
To alter the iptables configuration in a persistent way, we will use the system-config-firewall-tui tool. If it is not yet installed :
# yum -y install system-config-firewall-tui
Now start the tool and enable ftp as follows
Start vsftpd and test
To start vsftpd right now :
# service vsftpd start
and to make vsftpd start at boot :
# chkconfig vsftpd on
vsftpd is default configured to allow ftp login with linux system accounts. Try logging in to vsftpd from a client.
When you get following error
500 OOPS: cannot change directory:/home/system
You need to set following SELinux parameter :
# setsebool -P ftp_home_dir=1