Hackonology Forums
Installation script for FTP Server on centos - Printable Version

+- Hackonology Forums (https://hackonology.com/forum)
+-- Forum: Technology & Configuration (https://hackonology.com/forum/forumdisplay.php?fid=3)
+--- Forum: Configuration Scripts (https://hackonology.com/forum/forumdisplay.php?fid=6)
+--- Thread: Installation script for FTP Server on centos (/showthread.php?tid=127)



Installation script for FTP Server on centos - SysAdmin - 11-04-2020

                                                                            Install FTP Server on CentOS 7

#Install FTP Service with VSFTPD
#Start by updating the package manager:
sudo yum update

#Install VSFTPD software with the following command:
sudo yum install vsftpd

#Start the service and set it to launch when the system boots with the following:
sudo systemctl start vsftpd
sudo systemctl enable vsftpd

#Next, create a rule for your firewall to allow FTP traffic on Port 21:
sudo firewall-cmd --zone=public --permanent --add-port=21/tcp
sudo firewall-cmd --zone=public --permanent --add-service=ftp
sudo firewall-cmd –-reload

# Once vsftpd is installed, configure the firewall to allow traffic on Port 21.
# Note: If you use a different firewall application, refer to the documentation to configure it correctly for Port 21. Also, some FTP clients use Port 20, so  # you may wish to include that rule as well. Simply copy the first line, and replace 21 with 20.

# Step 2: Configuring VSFTPD
# The behavior of the FTP service on your server is determined by the /etc/vsftpd/vsftpd.conf configuration file.

#Before starting, create a copy of the default configuration file:
sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.default

#Next, edit the configuration file with the following command:
sudo nano /etc/vsftpd/vsftpd.conf
:'
anonymous_enable=NO # Set your FTP server to disable anonymous users and allow local users
local_enable=YES # to allow access on local
write_enable=YES # allow a logged-in user to upload files to your FTP server

# Note: By default, this line starts with a # sign to indicate it’s a comment. Commenting is a useful way to turn commands on and off. The # sign can also be
# used to make notes in the file without the system interpreting them as instructions.

chroot_local_user=YES #Limit FTP users to their own home directory. This is often called jail or chroot jail.
allow_writeable_chroot=YES

# Note: for test purposes, the allow_writeable_chroot=YES option will create a functioning FTP server that you can test and use. Some administrators advocate
# the use of the user_sub_token option for better security.

userlist_enable=YES # To allow user list
userlist_file=/etc/vsftpd/user_list # Path the authentication User
userlist_deny=NO # To enable User list
#local_root=/var/www/ftp1 # If you want to give access of /var/www/ftp1 directory only

#Once you’re finished editing the configuration file, save your changes. Restart the vsftpd service to apply changes:

sudo systemctl restart vsftpd

#Step 3: Create a New FTP User

#To create a new FTP user enter the following:
sudo adduser testuser
sudo passwd testuser

#Add the new user to the userlist:
echo testuser | sudo tee –a /etc/vsftpd/user_list

#Create a directory for the new user, and adjust permissions:
sudo mkdir –p /home/testuser/ftp/upload
sudo chmod 550 /home/testuser/ftp
sudo chmod 750 /home/testuser/ftp/upload
sudo chown –R testuser: /home/testuser/ftp

#Now, you can log in to your FTP server with the user you created:
#ftp 192.168.0.1
#ftp localhost
#ftp your.ftp.server.com
#ftp://ServerIP:21


## Error:
#semanage fcontext -a -t public_content_rw_t /var/ftp
#restorecon -Rvv /var/ftp
#setsebool -P ftp_home_dir 1
#setsebool -P ftpd_full_access 1