How to Set Up Safe FTP in Linux

                      File Transfer Protocol (FTP) is one of the oldest and most popular ways to share files between computers and servers. In terms of the Internet, this happens transparently on websites where you download software or files. FTP is available both under Windows and Linux.

 What is VSFTPD?

The vsftp daemon runs in the background and allows you or users you designate, to copy files to and from your Linux boxes, using username and password as login credentials. This ability is open to individuals or groups you may want to establish.

VSFTPD features include:

1. Virtual IP configurations
2. Virtual users
3. Standalone or inetd operation
4. Powerful per-user configurability
5. Bandwidth throttling
6. Per-source-IP configurability
7. Per-source-IP limits
8. IPv6
9. Encryption support through SSL integration

How To Install VSFTP

The daemon is included in most versions of Linux. If you are using a Debian based distribution like Mint or Ubuntu, open a terminal window and type: sudo apt-get install vsftpd
If you are using a Red Hat based disto, open a terminal window and type: sudo yum install vsftp

How To Configure VSFTP

To configure vsftp, open the vsftpd.conf file in the /etc directory. For instance, if you were using gedit as your text editor, you would type: sudo gedit /etc/vsftpd.conf

First, for a secure setup, you’ll want to disable anonymous access to your ftp server. Change this line: anonymous_enable=YES to anonymous_enable=NO

With anonymous access disabled, you’ll want to allow local users to log in, by uncommenting the following line: #local_enable=YES to local_enable=YES (simply remove the # sign).

Allow write access by uncommenting this line: #write_enable=YES to write_enable=YES
Save and close the file.

Setup an FTP user account:

sudo mkdir -p /home/ftp/ftpuser
sudo useradd ftpuser -d /home/ftp/ftpuser -s /bin/false
sudo passwd ftpuser

Restart your ftp server:

Debian: sudo etc/init.d/vsftpd restart

Red Hat: sudo service vsftpd restart

Test:

net stat -a | grep ftp

Run at the command Line:

ftp ip address or host name: ftp 100.00.00.00

Other VSFTP Configuration Options

There are many other options you can add to this file:

• Limiting the maximum number of client connections (max_clients)
• Limiting the number of connections by source IP address (max_per_ip)
• Setting the maximum rate of data transfer per anonymous login (anon_max_rate)
• Setting the maximum rate of data transfer per non-anonymous login (local_max_rate)

VSFTP Considerations and Resources

Potential issues are often as simple as username and password entry errors. But because firewalls are designed to limit access to certain ports, this is a good area to investigate if you experience issues with your installation