FTP is faster than SFTP but the catch is plain ftp is not recommended for important data transfers between ftp server and client over public internet .
But still one may want to configure FTP server for transferring trivial data such as surveillance camera live recordings . Since live cctv camera recording needs faster transfer rate , we may opt to install FTP for CCTV Live recording .
Here is the list of commands in sequence to install VSFTD on cent OS 8 .
Disable selinux .Though it is not recommended, To me it seems fine disabling selinux on this ftp server.
vi /etc/sysconfig/selinux
and change SELINUX=enforcing to SELINUX=disabled
Install vsftpd
sudo dnf install vsftpd
Start vsftpd
sudo systemctl start vsftpd
We can check the status of vsftpd with following command . And it should return the status like Active: active (running)
sudo systemctl status vsftpd
Now we can add user with
sudo adduser ftpuser
sudo passwd ftpuser
We need a home directory for the user and also ftp directory where we want to keep files
sudo mkdir -p /home/ftpuser/video
Change permissions of directory
sudo chmod -R 750 /home/ftpuser/video/
Change owner of the directory
sudo chown -R ftpuser /home/ftpuser//video/
We will add ftpuser to the list
sudo bash -c 'echo ftpuser >> /etc/vsftpd/user_list'
Now we will make some changes to vsftpd configuration file . and make sure to add or modify lines like below
vi /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
allow_writeable_chroot=YES
pasv_min_port=40000
pasv_max_port=42000
userlist_file=/etc/vsftpd/user_list
userlist_deny=NO
Restart ftp service and test it
sudo systemctl restart vsftpd
Dont forget to allow 20,21 and 40000 to 42000 tcp ports in firewall like below.
sudo firewall-cmd --permanent --add-port=20-21/tcp
sudo firewall-cmd --permanent --add-port=40000-42000/tcp
Remember We are not using any ssl connections.If you want to enable SSL, use below commands
Generate certificate and key pair for ftp service
sudo openssl req -x509 -nodes -days 1825 -newkey rsa:2048 -keyout /etc/ftp_key.pem -out /etc/vsftpd/ftp_cert.pem
now add certificate and key path in configuration and restart vsftpd
rsa_cert_file=/etc/vsftpd/ftp_cert.pem
rsa_private_key_file=/etc/ftp_key.pem
ssl_enable=YES
restart the service now
sudo systemctl restart vsftpd
But still one may want to configure FTP server for transferring trivial data such as surveillance camera live recordings . Since live cctv camera recording needs faster transfer rate , we may opt to install FTP for CCTV Live recording .
Here is the list of commands in sequence to install VSFTD on cent OS 8 .
Disable selinux .Though it is not recommended, To me it seems fine disabling selinux on this ftp server.
vi /etc/sysconfig/selinux
and change SELINUX=enforcing to SELINUX=disabled
Install vsftpd
sudo dnf install vsftpd
Start vsftpd
sudo systemctl start vsftpd
We can check the status of vsftpd with following command . And it should return the status like Active: active (running)
sudo systemctl status vsftpd
Now we can add user with
sudo adduser ftpuser
sudo passwd ftpuser
We need a home directory for the user and also ftp directory where we want to keep files
sudo mkdir -p /home/ftpuser/video
Change permissions of directory
sudo chmod -R 750 /home/ftpuser/video/
Change owner of the directory
sudo chown -R ftpuser /home/ftpuser//video/
We will add ftpuser to the list
sudo bash -c 'echo ftpuser >> /etc/vsftpd/user_list'
Now we will make some changes to vsftpd configuration file . and make sure to add or modify lines like below
vi /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
allow_writeable_chroot=YES
pasv_min_port=40000
pasv_max_port=42000
userlist_file=/etc/vsftpd/user_list
userlist_deny=NO
Restart ftp service and test it
sudo systemctl restart vsftpd
Dont forget to allow 20,21 and 40000 to 42000 tcp ports in firewall like below.
sudo firewall-cmd --permanent --add-port=20-21/tcp
sudo firewall-cmd --permanent --add-port=40000-42000/tcp
Remember We are not using any ssl connections.If you want to enable SSL, use below commands
Generate certificate and key pair for ftp service
sudo openssl req -x509 -nodes -days 1825 -newkey rsa:2048 -keyout /etc/ftp_key.pem -out /etc/vsftpd/ftp_cert.pem
now add certificate and key path in configuration and restart vsftpd
rsa_cert_file=/etc/vsftpd/ftp_cert.pem
rsa_private_key_file=/etc/ftp_key.pem
ssl_enable=YES
restart the service now
sudo systemctl restart vsftpd
Last edited: