KEMBAR78
FTP Server Setup Guide Linux | PDF | File Transfer Protocol | Cyberwarfare
Scribd
Upload
333 views4 pages

FTP Server Setup Guide Linux

1. The document describes the steps to configure an FTP server with both anonymous and authenticated user access on a CentOS system. Key steps include enabling the vsftpd service, configuring the firewall, creating users and groups, and setting permissions on the FTP directory. 2. Authentication is implemented by creating FTP users, assigning them to the ftpusers group, and restricting anonymous access. Additional security is provided by implementing a chroot jail and access control list. 3. Testing confirms anonymous access is blocked while authenticated users can log in with their credentials and are restricted to their home directories.

Uploaded by

ziblur
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
333 views4 pages

FTP Server Setup Guide Linux

1. The document describes the steps to configure an FTP server with both anonymous and authenticated user access on a CentOS system. Key steps include enabling the vsftpd service, configuring the firewall, creating users and groups, and setting permissions on the FTP directory. 2. Authentication is implemented by creating FTP users, assigning them to the ftpusers group, and restricting anonymous access. Additional security is provided by implementing a chroot jail and access control list. 3. Testing confirms anonymous access is blocked while authenticated users can log in with their credentials and are restricted to their home directories.

Uploaded by

ziblur
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

Reference Table:

----------------
FTP - File Transfer Protocol
FTP - FTP is a Application layer protocol which use to transfer files between
clients and server.
Port: 20 (Data),21 (Control)
Protocol: TCP
Packages: vsftpd
Daemon: vsftpd
Configuration file: /etc/vsftpd/vsftpd.conf
Directory location: /var/ftp/pub/*

FTP Server Types:


=================
1) Normal FTP (Anonymous User)
2) Authentication based

FTP user:
=========
1) Anononymous user: guest user (no password)
2) Authentication FTP user: FTP group user
3) local user (local user of server crated by root)

Step 01: Set Hostname


=====================
[root@localhost ~]# hostnamectl set-hostname ftpX.example.com
[root@localhost ~]# bash

Step 02: Set Static IP Address


==============================
[root@ftpX ~]# nmtui -> select Interface -> Manual -> 172.25.11.200+X/25, GW, DNS
etc.

Step 03: (RPM check)


=====================
[root@ftpX ~]# rpm -qa | grep vsftpd
[root@ftpX ~]# yum install vsftpd -y
[root@ftpX ~]# rpm -qa | grep vsftpd

Step 04: Configure Anonymous FTP Server


=======================================
[root@ftpX ~]# cd /var/ftp
[root@ftpX ~]# mkdir download movie software
[root@ftpX ~]# touch file1 file2

Anonymous Enable
----------------
[root@ftpX ~]# vim /etc/vsftpd/vsftpd.conf
:set nu

12 anonymous_enable=YES ; NO => YES

Service Restart
---------------
[root@ftpX ~]# systemctl restart vsftpd.service
[root@ftpX ~]# systemctl enable vsftpd.service

Step 05: Firewall and SElinux Security Allow


============================================
[root@ftpX ~]# systemtld restart firewalld
[root@ftpX ~]# systemtld enable firewalld
[root@ftpX ~]# firewall-cmd --permanent --add-service=ftp
[root@ftpX ~]# firewall-cmd --reload
[root@ftpX ~]# setenforce 0

Step 06: Anonymous Testing


==========================
=> Now Open your browser from Host Machine
=> Type: ftp://172.25.11.200+x

FTP Access:
-------------
1) Web Based: ftp://ftp.example.com or ftp://172.25.11.200+X
2) Command Based: # ftp 172.25.11.200+X
3) Software Based: Filezilla, FTPPRO
username: anonymous
passwword: *******
port: 21

Command Mode: Anonymous Login (Client)


-------------------------------------
[root@ftpX ~]# yum install ftp -y
[root@ftpX ~]# ftp 172.25.11.200+x ; X is server IP
Connected to 172.25.11.200+x (172.25.11.200+x).
220 (vsFTPd 2.2.2)
Name (172.25.11.200+x:root): anonymous
password: ***** (any)

ftp> help
ftp> dir
ftp> cd pub
ftp> ls
ftp> bye

Step 07: User Authentic Based FTP Server:


=========================================
[root@ftpX ~]# cd /
[root@ftpX ~]# mkdir ftpdir
[root@ftpX ~]# touch ftpdir/file{1..10}
[root@ftpX ~]# groupadd ftpusers
[root@ftpX ~]# chgrp ftpusers ftpdir -R
[root@ftpX ~]# chmod 750 -R ftpdir ; see below permisison

[root@ftpX ~]# useradd -G ftpusers -d /ftpdir sakib


[root@ftpX ~]# useradd -G ftpusers -d /ftpdir tamim
[root@ftpX ~]# useradd -G ftpusers -d /ftpdir shamim

[root@ftpX ~]# cat /etc/group


ftpusers:1003:sakib,tamim,shamim

[root@ftpX ~]# passwd sakib


[root@ftpX ~]# passwd tamim
[root@ftpX ~]# passwd shakil

Disable Anonymous Access:


-------------------------
[root@ftpX ~]# vim /etc/vsftpd/vsftpd.conf
:set nu

12 anonymous_enable=NO ; NO => YES

[root@ftpX ~]# systemctl restart vsftpd.service

Testing User Aurhentication:


----------------------------
Try with Web Browser: ftp://172.25.11.200+x
user: tamim
pass: ******

Step 08: Chroot Jail Enable:


============================
[root@ftpX ~]# vim /etc/vsftpd/vsftpd.conf

102 #chroot_list_enable=YES ; before


102 chroot_list_enable=YES ; after

104 #chroot_list_file=/etc/vsftpd/chroot_list ; before


104 chroot_list_file=/etc/vsftpd/chroot_list ; after

[root@ftpX ~]# vim /etc/vsftpd/chroot_list ;new file


sakib
tamim
shahin

[root@ftpX ~]# systemctl restart vsftpd.service

Return to Host's Browser:


-------------------------
Try with Web Browser: ftp://172.25.11.200+x

Step 09: User Login Access Control Protect:


===========================================
[root@ftpX ~]# vim /etc/vsftpd/ftpusers
tamim ; append this user

[root@ftpX ~]# systemctl restart vsftpd.service

Return to Host's Browser:


-------------------------
Try with Web Browser: ftp://172.25.11.200+x

=================== Thank you ==================

You might also like