FTP or File Transfer Protocol is a standard networking protocol used to transfer files between client and server. FTP is often secured with the SSL/TLS(FTPS) for the secure transmission of data or replaced with SSH File Transfer Protocol(SFTP).
VSFTPD stands for “Very Secure File Transfer Protocol Daemon” which is a type of FTP server that is comparatively more secure. So it is a popular choice for Linux users.
As I already discussed how to set up the FTP server on Ubuntu Linux.
Today in this article, we are going to discuss steps to set up an FTP server in Fedora Linux.
How to install vsftpd in Fedora
Before installing a package on your system make sure the Fedora package repository is updated –
sudo dnf update
Now to install vsftpd in Fedora run –
sudo dnf install vsftpd
If it asks for your confirmation type y and then hit the Enter key.
You can verify the installation by using the given command –
vsftpd -v
Start and enable vsftpd
Once the package is installed on your system use the given command to start the FTP server on your system –
sudo systemctl start vsftpd
Next, enable vsftpd so that it boots automatically when the system restart –
sudo systemctl enable vsftpd
Check the status of vsftpd
Use the following command to check the status of the FTP server –
sudo systemctl status vsftpd
Configuring the vsftpd server on Fedora
You can configure the vsftpd server by editing /etc/vsftpd/vsftpd.conf
file. For the secure implementation of the vsftpd server, we have to add/modify some options inside the vsftpd configuration file.
Backup the existing configuration
Before making any changes to the configuration file, It is good to take the backup of the original file.
Use the following command –
sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.orig
Editing the configuration file
Open the configuration file in a text editor by using the following command –
sudo nano /etc/vsftpd/vsftpd.conf
Modify the file values as given below. This will be sufficient for a basic FTP server, you can modify it later as per your needs –
listen=NO
listen_ipv6=YES
anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
pam_service_name=vsftpd
no_anon_password=YES
pasv_min_port=40000
pasv_max_port=40001
Adjust the firewall settings
You need to adjust the firewall settings you can do this by running –
sudo firewall-cmd --add-service=ftp --perm
sudo firewall-cmd --add-port=40000-40001/tcp --perm
sudo firewall-cmd --reload
Restart the vsftpd server
Once you are done with the configuration press Ctrl+s to save and Ctrl+x to exit from the editor. Use the following command to restart your FTP server so that all changes take place –
sudo systemctl restart vsftpd
Secure FTP Server with TLS
TLS or Transport Layer Security is a security protocol it is designed to facilitate privacy and data security in communications over the internet. By default, FTP is not encrypted, the data transmitted can be intercepted so we need to use TLS with FTP.
Let’s create a certificate by using the OpenSSL tool.
First Create the following directory to store the SSL/TLS certificate and key files –
sudo mkdir -p /etc/ssl/vsftpd
Now generate a self-signed SSL/TLS certificate and private key using the given command –
sudo openssl req -x509 -nodes -keyout /etc/ssl/vsftpd/vsftpd.pem -out /etc/ssl/vsftpd/vsftpd.pem -days 365 -newkey rsa:2048
This will ask for the given information –
Open the vsftpd configuration file by using –
sudo nano /etc/vsftpd/vsftpd.conf
Here add or modify the given lines –
# Enable SSL
ssl_enable=YES
ssl_tlsv1_2=YES
ssl_sslv2=NO
ssl_sslv3=NO
#Add rsa certificate file
rsa_cert_file=/etc/ssl/vsftpd/vsftpd.pem
rsa_private_key_file=/etc/ssl/vsftpd/vsftpd.pem
# Disable anonymous user from using the SSL
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
require_ssl_reuse=NO
ssl_ciphers=HIGH
Save the file by pressing Ctrl+s and exit from the editor by pressing Ctrl+x.
Now you need to restart the FTP server to make changes effective –
sudo systemctl restart vsftpd
Accessing FTP server
Now your FTP server is ready you can access it by using an FTP client. For example in Filezilla enter the hostname or IP address of the server, username, and password and click on Quickconnect to connect with the server.
While connecting first it will display a window of an unknown certificate click on the checkbox of always trust certificate in future sessions and then click on ok.
Now the TLS is configured with the FTP server you can communicate with the FTP server securely.
Conclusion
Now I hope you have successfully set up the FTP server on your Fedora system. If you have a query or feedback then write us in the comments below.