edit-icon download-icon

FTP setup

Last Updated: Feb 06, 2018

Introduction

FTP is an acronym for File Transfer Protocol which is used for controlling two-way file transfer over the Internet. It is also an application. There are various FTP applications based on different operating systems, but all these applications utilize the same protocol for transferring files.Computers provide file storage and access services on the Internet through FTP. An FTP server is a server that supports FTP. FTP provides storage and transfer services.Download and Upload Downloading files is tantamount to duplicating files from the remote host to the client; and uploading files is duplicating files from the client to the remote host. In Internet language, a user can upload to and download from a remote host via a client program.

Working principles

FTP utilizes a client/server model (C/S architecture) to build a connection between a client and a server via TCP. Unlike most other application protocols, FTP builds two communication links: a control link and a data link, between a client and a server respectively. The control link is responsible for sending and receiving FTP commands during FTP sessions, and the data link is responsible for transferring data.An FTP session includes two channels: a control channel and a data channel. FTP has two working modes: the active mode and the passive mode. When in active mode, the server connects to the client actively. When in passive mode, the server waits for client connections.(For both active mode and passive mode, the control channel is built first, the difference lies in the transfer methods.)

FTP installation and configuration

Preparations

Vsftpd is a light, safe and easy-to-use FTP server in Linux, and is the most popular FTP server across all Linux releases.

  1. Install vsftpd through yum

    yum install -y vsftpd

Image 20

The following image indicates successful installation.

Image 21

  1. Related configuration files:

    cd /etc/vsftpd

Image 22

/etc/vsftpd/vsftpd.conf //Main configuration file, which is the core configuration file

/etc/vsftpd/ftpusers //Blacklist, which prevents users on it from accessing the FTP server

/etc/vsftpd/user_list //Whitelist, which allows users on it to access the FTP server

  1. Start service

systemctl enable vsftpd.service //Set automatically start on startup

systemctl start vsftpd.service //Start FTP service

netstat -antup | grep ftp //View FTP service port

Image 23

Login FTP server.

Image 24

Basic configuration of anonymous FTP

With anonymous FTP, a user can log in to the FTP without entering a user name and password. Anonymous FTP is enabled by default after installing vsftpd, a user can log in to the FTP server anonymously without further configuration.

Anonymous FTP configuration is set in /etc/vsftpd/vsftpd.conf.

anonymous_enable=YES //YES by default

Image 25

At this time, all users can log in to the FTP server anonymously. They can view and download directories and files in the root folder, but cannot upload files or create directories.

We can install lftp to test.

  1. yum -y install lftp //Install lftp

Image 26

When lftp connects to the FTP server from a public IP address, you can only view and download files, but you cannot upload files.

  1. lftp public ip address #connect to FTP server
  2. cd pub/ #switch to pub directory
  3. put /etc/issue #upload files
  4. get test.1 #download files

Image 27

Additional anonymous FTP configuration

For safety reasons, in vsftpd, users are not allowed to perform modifying operations such as uploading files or creating directories through anonymous FTP, but the vsftpd.conf configuration file can be modified to grant additional permissions.

Allow uploading files through anonymous FTP.

Modify /etc/vsftpd/vsftpd.conf

write_enable=YES

anon_upload_enable=YES

Image 28

  1. Change permissions of the /var/ftp/pub directory, granting write permission to FTP users, and reload the configuration file.

    chmod o+w /var/ftp/pub/ #change permissions of the /var/ftp/pub systemctl restart vsftpd.service #restart FTP service

Image 29

  1. Test

Image 30

Configure local user login

Local user login refers to logging in to the FTP server with the Linux user name and password. Only anonymous FTP login is supported after vsftp is installed, if a user tries to log in to the server with the Linux user name, vsftp will deny access.

  1. Create user ftptest

    useradd ftptest #Create user ftptest passwd ftptest #Set user password of ftptest

Image 31

  1. Modify /etc/vsftpd/vsftpd.conf

anonymous enable=NO

local_enable=YES

Image 32

  1. Connect to the FTP server through lftp

Image 33

Additional vsftpd.conf parameters are briefly introduced.

  1. cat /etc/vsftpd/vsftpd.conf

User Login Control

Parameter Description
anonymous_enable=YES Anonymous users are accepted
no_anon_password=YES Password is not requested when anonymous users log in
anon_root=(none) Anonymous user root
local_enable=YES Anonymous users are accepted
local_root=(none) Local root user

User Permission Control

Parameter Description
write_enable=YES upload is enabled (global control)
local_umask=022 umask for local user to upload files
file_open_mode=0666 Use umask for uploaded file permissions
anon_upload_enable=NO upload is enabled for anonymous users
anon_mkdir_write_enable=NO creating directories is enabled for anonymous users
anon_other_write_enable=NO modifying and deleting are enabled for anonymous users

  chown_username=lightwiter   owner user name of uploaded files    

Thank you! We've received your feedback.