setting up ftp via vsftpd in linux

The VSFTPD (Very Secure FTP Server Deamon) is one of the most commonly used FTP servers under Linux and comes with most Linux distributions.

This article will help you install and configure vsftpd in Linux. (sample OS used is a Red-hat based distribution)


* to create a secure ftp server
* to create an ftp user chrooted or jailed in a certain directory (sample use is an apache directory wherein you can limit users or your developers to just upload to a restricted folder)

procedures and actual simulation as follows:


#yum install vsftpd

Loaded plugins: refresh-packagekit
updates                                                  | 3.4 kB     00:00
updates/primary_db                                       | 4.0 MB     00:10
fedora                                                   | 2.8 kB     00:00
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
–> Running transaction check
—> Package vsftpd.i386 0:2.0.7-2.fc10 set to be updated
updates/filelists_db                                                                                   | 7.3 MB     00:18
fedora/filelists_db                                                                                    |  11 MB     00:24
–> Finished Dependency Resolution
Dependencies Resolved
Package                     Arch                      Version                             Repository                    Size
vsftpd                      i386                      2.0.7-2.fc10                        updates                      145 k

Transaction Summary
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 145 k
Is this ok [y/N]:y

Downloading Packages:
vsftpd-2.0.7-2.fc10.i386.rpm                                                                              | 145 kB     00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing     : vsftpd                                                                                                    1/1
vsftpd.i386 0:2.0.7-2.fc10

B. Edit configuration file (self-explanatory)

# vi /etc/vsftpd/vsftpd.conf

Here’s the important line that you need to modify:

# Turn off anonymous users

# Turn on local users

# Users should be able to write

# chroot everyone

#create userlist

C.  Create ftp acct (example create ftp user darwin)

# useradd -d /home/Sites/ -s /sbin/nologin darwin
# passwd darwin

D.    Add it on the vsftpd service userlist

# vi /etc/vsftpd/vsftpd.userlist

Add the ftp name pmorris, This will be the output once included:

# cat /etc/vsftpd/vsftpd.userlist

E. Add an FTP group e.g. ftpusers

#groupadd ftpusers

Example directory where we will jail the ftp users: /home/Sites

F. Change the ownership of the directory. e.g. root: ftpusers

/home/Sites folder ownership is currently set to root:ftpusers with permission 775 (meaning all FTP users should be in the GROUP “ftpusers”, and it has a GROUP read-write-execute) permission
drwxrwxr-x 13 root      ftpusers   4096 Jan 28 15:23 Sites

G. Add the ftpuser in the ftpusers group

#vi /etc/group

This will be the output once included:

Alternatively: you can use the command

#usermod -G ftpusers darwin

Using your favorite FTP client such as FileZilla FTP or via CLI , you can test the functionality by uploading, deleting or creating folders on it.

[root@darwin ~]# ftp ip.of.the.server
Connected to ip.of.the.server (ip.of.the.server).
220 (vsFTPd 2.0.5)
Name (ip.of.the.server:root): darwin
331 Please specify the password.
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> bin
200 Switching to Binary mode.
ftp> bye
221 Goodbye.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: