• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

CentOS / RHEL : How to allow or deny Users to login to VSFTP Server

by admin

After installation and start of the VSFTPD service, two files are created in the /etc/vsftpd/ directory: “ftpusers” and “user_list“. These files are used to allow or deny login attempts. The behavior of ftpusers and user_list is configurable in the vsftpd.conf file using the userlist_deny option. The vsftpd.conf file also offers the option of adding a third, custom file.

userlist_file=/etc/vsftpd/[custom_file]

The chart below specifies file behavior when using the custom file in addition to the two default files.

userlist_deny setting ftpusers user_list custom_file
userlist_deny=NO deny before password deny before password allow
userlist_deny=YES deny after password allow deny before password
no setting deny after password deny after password deny before password

Lets see few examples of allowing and denying users to login to VSFTP server.

Allow all of the VSFTP Server local users to login

1. Make sure the file /etc/vsftpd/ftpusers and /etc/vsftpd/user_list do not include the users whom you want to allow VSFTP login access.

# cat /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
# cat /etc/vsftpd/user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody

2. Verify that you do not have the userlist_deny parameter included in the file /etc/vsftpd/vsftpd.conf.

# cat /etc/vsftpd/vsftpd.conf  | grep userlist_deny
#

3. Verify with one of the users.

# ftp vsftpsrv
Connected to vsftpsrv (192.168.149.10).
220 (vsFTPd 2.0.5)
Name (192.168.149.10:root): user
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

Allow few of the VSFTP Server local users to login

1. Under default VSFTP configuration, edit/add “userlist_deny” argument to “NO” in VSFTP Server configuration file /etc/vsftpd/vsftpd.conf:

# vi /etc/vsftpd/vsftpd.conf
userlist_deny=NO

2. Edit file /etc/vsftpd/user_list to include allowed local users, add users user01 and user02.

# cat /etc/vsftpd/user_list
user01
user02

3. Restart vsftpd service on VSFTP Server.

[root@vsftpsrv ~]# service vsftpd restart
Shutting down vsftpd:                                      [  OK  ]
Starting vsftpd for vsftpd:                                [  OK  ]

4. Test with one of allowed users, user user01 is able to login.

# ftp vsftpsrv
Connected to vsftpsrv (192.168.149.10).
220 (vsFTPd 2.0.5)
Name (192.168.149.10:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

5. Test with a user which is not listed in /etc/vsftpd/user_list. Check for user “user03” which is NOT included in the user_list file.

# ftp vsftpsrv
Connected to vsftpsrv (192.168.149.10).
220 (vsFTPd 2.0.5)
Name (192.168.149.10:root): user03
530 Permission denied.
Login failed.
ftp>
Error “530: permission denied” when user logs in to vsftpd server via ftp

Filed Under: CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. inxi Command Examples in Linux
  2. kpackagetool5: command not found
  3. How to make a LED flash with the Raspberry Pi
  4. “Failed to Synchronize Cache For Repo ‘repo_name’, Ignoring This Repo” – CentOS/RHEL 8 error
  5. iptables Command Examples in Linux
  6. How to Delete ASM Disk on Multipath Device in CentOS/RHEL
  7. What is ioremap()
  8. zcat Command Examples in Linux
  9. How to Manage Zimbra Account Status from CLI
  10. How to split iso or file using ‘split’ command in Linux

You May Also Like

Primary Sidebar

Recent Posts

  • qm Command Examples in Linux
  • qm wait Command Examples in Linux
  • qm start Command Examples in Linux
  • qm snapshot Command Examples in Linux

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright