View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions How do I setup FTP on CentOS 7
Log in to Ask a Question

How do I setup FTP on CentOS 7

Linode Staff

I want to run an FTP server on my Linode and open port 21 on my firewall to upload my web pages using an FTP client. How do I do this?

1 Reply

Linode Staff

Warning!

Using the FTP protocol is insecure. Anyone who as control of the network between you and your server will have access to your passwords used to login. Additionally any files transmitted over the network can be read and even changed in transit. For this reason, I strongly recommend that you use SFTP where possible. It which runs over an SSH connection and provides end to end encryption for both your credentials and your data.

Update your repositories and install your FTP server

sudo yum update
sudo yum install vsftpd

Start and configure your FTP server to run at boot time

sudo systemctl start vsftpd
sudo systemctl enable vsftpd

Understanding how FTP works

Using FTP uses separate channels for commands and data. In addition it has two modes, active and passive.

Active Mode

When using active mode, the

  • FTP client sets up the command channel by using a random port to connect to port 21 on the server.
  • The FTP client picks another random port and tells the FTP server to send data back on that port.
  • The FTP client then starts listening for the data on that port.
  • The FTP server sets up a data channel back to the client from port 20 to the port that the client said it was listening on.

If your local firewall does not allow incoming connections, you will not be able to use active mode FTP.

Passive Mode

Passive mode relies on the client to setup both channels

  • The FTP client sets up command channel from a random port to port 21 on the FTP server.
  • The FTP client then sets up the data channel from another random port to port 20 on the server.

Allowing your Linode to keep track of FTP connections

sudo modprobe ip_conntrack_ftp
sudo nano /etc/sysconfig/iptables-conf

Look for a the line that has IPTABLES_MODULES=, change it to say:

IPTABLES_MODULES="ip_conntrack_ftp"

Restart your iptables

systemctl restart iptables

Setting up your firewall

This article explains the firewall rules needed: https://stackoverflow.com/questions/26659223/appropriate-iptables-rules-for-an-ftp-server-in-active-passive-mode

Setting up your FTP users and permissions

This article goes fairly in depth on how to configure permissions and vsftpd settings: https://www.tecmint.com/install-ftp-server-in-centos-7/

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct