File Transfer Protocol (FTP) is a commonly used method of downloading and uploading files between systems on a network. FTP sites are typically public sites that allow anonymous users to log in and download software and documentation without needing a user account on the remote system.
The FTP server daemon included with CentOS / RHEL is called “very secure FTP” or vsftpd. To install the vsftpd package:
# yum install vsftpd
Configuration Files
The following configuration files are installed with the package:
- /etc/vsftpd/vsftpd.conf: The main configuration file for vsftpd
- /etc/vsftpd/ftpusers: A list of users not allowed to log in to vsftpd
- /etc/vsftpd/user_list: This file contains users who are denied access when the userlist_deny directive is set to YES (default) in /etc/vsftpd/vsftpd.conf or users who are allowed access when userlist_deny is set to NO.
- /var/ftp: The directory containing files served by vsftpd. It also contains the /var/ftp/pub directory for anonymous users.
Configuration parameters in /etc/vsftpd/vsftpd.conf
The vsftpd service allows local and anonymous users to log in without any additional configuration. When a user logs in, they can download files from the /var/ftp directory on the vsftpd server and upload files by default. These and other options are configured in /etc/vsftpd/vsftpd.conf. The following lists some of the more common configuration parameters:
| Parameter | Purpose |
|---|---|
| userlist_enable | This setting causes vsftpd to read /etc/vsftpd/user_list and use that as a list of users to allow or not allow on the server. |
| userlist_deny | When set to yes, vsftpd blocks all users in the user_list. When set to no, it allows only users in the user_list. |
| local_enable | This setting allows users in /etc/passwd to log in with their accounts. |
| anonymous_enable | This setting allows anonymous connections to the server. |
| no_anon_password | This setting allows anonymous connections without a password (otherwise, users must provide an email address as a password). |
| write_enable | When set to yes, this setting allows users to upload files to the server and create directories. |
| anon_mkdir_write_enable | When set to yes, this setting allows anonymous users to create directories. |
| anon_other_write_enable | When set to yes, this setting allows anonymous users to make other changes to the file system, such as deleting, renaming, and modifying existing files. |
| anon_upload_enable | This setting allows anonymous users to upload files to the server. |
| ascii_download_enable | This setting allows conversion of text files transferred from the server to other operating systems. This can be a good idea if you are transferring text files from UNIX systems to Mac OS or Windows. |
| ascii_upload_enable | This setting allows conversion of text files uploaded to the server. |
| xferlog_enable | This setting activates logging of uploads and downloads. |
| xferlog_file | This setting names the upload/download log file. The default is /var/log/vsftpd.log. |