Forward from: https://linuxconfig.org/how-to-setup-vsftpd-ftp-file-server-on-redhat-7-linux
How to setup vsftpd FTP file Server on Redhat 7 Linux
In this short config we will install FTP file Server on RHEL7 Linux using vsftpd. We will stick to the default vsftpd configuration which enables user accounts on our existing RHEL7 Linux system to login via FTP from a remote location, list and transfer files. Let's begin by the installation:
To install FTP server on Redhat 7 Linux we can use either tftp-server or vsftpd daemon. In this guide we use vsftpd:
[root@rhel7 ~]# yum install vsftpd
Next, we can start the vsftpd service by using a service command:
[root@rhel7 ~]# service vsftpd start Redirecting to /bin/systemctl start vsftpd.service
To make the FTP service startup persistent after system reboot use:
[root@rhel7 ~]# systemctl enable vsftpd ln -s '/usr/lib/systemd/system/vsftpd.service' '/etc/systemd/system/multi-user.target.wants/vsftpd.service'
Check and see whether port 21 is open. Do not worry if you do not see IPv4 of this port open as its IPv6 bind.
[root@rhel7 ~]# netstat -tanp | grep LISTEN
We also need to open firewall port otherwise we will see a following error message when we try to connect:
ftp: connect: No route to host ftp>
To open a port 21 on Redhat 7 linux use the following commands. The port we remain open to public even after system restart:
[root@rhel7 ~]# firewall-cmd --zone=public --add-port=21/tcp --permanent success [root@rhel7 ~]# firewall-cmd --reload success
At this point we should be able to connect from a remote host where the IP address of our FTP service is 10.1.1.110:
$ ftp 10.1.1.110 Connected to 10.1.1.110 (10.1.1.110). 220 (vsFTPd 3.0.2) Name (10.1.1.110:lrendek): rhel7 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp>
The next configuration we need to perform is to enable iptables module ip_conntrack_ftp otherwise we will see a following error message query our FTP server after successful login:
ftp> ls 227 Entering Passive Mode (10,1,1,110,166,190). ftp: connect: No route to host ftp>
As a temporary solution we use modprobe to load the ip_conntrack_ftp module:
[root@rhel7 ~]# modprobe ip_conntrack_ftp
See this page for a more permanent solution on how to load ip_conntrack_ftp module after reboot.
The last configuration we need to perform is to enable selinux FTP context for user directories currently on the system otherwise we will not be able to read/write or transfer any files between FTP server and FTP client:
230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> put ftp-test.txt local: ftp-test.txt remote: ftp-test.txt 227 Entering Passive Mode (10,1,1,110,125,139). 553 Could not create file.
To enable selinux FTP home directory context to allow read and write commands. For this we use setsebool command:
[root@rhel7 ~]# setsebool -P ftp_home_dir=1
The above will set selinux FTP home directory context permanently -P after reboot.
ftp> put ftp-test.txt local: ftp-test.txt remote: ftp-test.txt 227 Entering Passive Mode (10,1,1,110,174,219). 150 Ok to send data. 226 Transfer complete.
Now you have your FTP server setup. For more configuration options see the main vsftpd FTP server configuration file/etc/vsftpd/vsftpd.conf. When making a changes to the configuration file make sure to apply them by restarting FTP service:
[root@rhel7 ~]# service vsftpd restart Redirecting to /bin/systemctl restart vsftpd.service