CentOS Enable FTP feature

1. Install VSFTPD components , after installation, there are/etc/vsftpd/vsftpd.conf files for configuration, and a new FTP user and FTP group, pointing to the home directory is/var/ftp, Default is Nologin (cannot log on to system)

1. Yum-y Install VSFTPD

You can use the following command to view the user

1. cat/etc/passwd

The default FTP service is not started and is started with the following command

1. Service VSFTPD Start

2. Install the FTP client component (to verify VSFTPD)

1. Yum-y Install FTP

Execute command to try to log in

1. FTP localhost

Enter user name FTP, password (because the default is to allow anonymous)

A successful login means that the FTP service is available.

However, the external network is not accessible, so continue to configure.

3. Cancel Anonymous Login

1. Vi/etc/vsftpd/vsftpd.conf

Change the anonymous_enable=yes of the first line to No

Restart

1. Service VSFTPD Restart

4. Create a new user (Ftpuser is a user name, you can do it casually)

1. Useradd Ftpuser

Change Password (enter two times)

1. passwd Ftpuser

Such a user built, you can use this login, remember to use ordinary login do not use Anonymous. The default path after logging in is/home/ftpuser.

5. Open 21 ports

Because the FTP default port is 21, and the CentOS default is not enabled, so to modify the Iptables file

1. Vi/etc/sysconfig/iptables

On the line there is 22-j ACCEPT below another line input is similar to that row, just change 22 to 21, then: Wq save.

Also run, restart Iptables

1. Service Iptables Restart

Outside the network is can access up, but found unable to return to the directory, also upload not, because SELinux mischief.

6. Modifying SELinux

1. getsebool-a | grep FTP

Execute the above command, and then return the result to see that both lines are off, representing, no open extranet access

1. ....

2. Allow_ftpd_full_access off

3. ....

4. ....

5. Ftp_home_dir off

Just turn it on.

Perform

1. Setsebool-p allow_ftpd_full_access 1

2. Setsebool-p Ftp_home_dir off 1

and restart the vsftpd.

1. Service VSFTPD Restart

This should be no problem (if, or not, see if the FTP client tool with the Passive mode access, such as the hint entering Passive mode, is Passive mode, the default is not, because the FTP Passive mode is blocked by iptables, the following will talk about how to open, if you do not bother to open, see if you have the client FTP port mode options, or the passive mode option to remove. If the client is still not working, see if the host computer on the client has a firewall turned on.

7. Turn on Passive mode

The default is on, but to specify a port range, open the vsftpd.conf file, and add the following

1. pasv_min_port=30000
2. pasv_max_port=30999

Indicates that the port range is 30000~30999, this can be changed arbitrarily.

Restart the vsftpd after the change.

Because this port range is specified, the Iptables also opens the range accordingly, so open the Iptables file as above

Also in 21 up and down on the other side of the line, the more similar, just 21 to 30,000:30,999, then: Wq save, restart the next iptables. So it's done.

Original link: http://my.oschina.net/idiotsky/blog/303545

CentOS Enable FTP feature