search by tags

for the user

adventures into the land of the command line

setting up an ftp server

on the server

install vsftp server and then edit the config file

$ sudo yum -y install vsftp
$ sudo vim /etc/vsftpd/vsftpd.conf

copy this into the config file


optional if using passive (PASV)


start the ftp server, make it persistent on reboots & set its directory permissions

$ sudo service vsftpd start
$ chkconfig vsftpd on
$ sudo mkdir /home/ftp
$ sudo chmod root:root /home/ftp
$ sudo chown 755 /home/ftp

create a user with its home directory as the ftp directory so that it will be able to access it from a client

$ sudo useradd --home /home/ftp ftpuser

useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.

$ sudo passwd ftpuser

Changing password for user ftpuser.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

log into the server as the ftpuser and you will go to your home directory

user:~/ $ ssh [email protected]

ftpuser:~/ $ pwd

on the client

i’m using filezilla as an example, but it doesn’t matter which one you want to use.

set transfer setting to “active” in

file > site manager > transfer settings > transfer mode

set your active PORT on your security group or firewall to allow incoming connections on ports 20, 21 (for the ftp connection) & 192 (for active transfer mode)

you should be able to list the directory and be chrooted to it as your root directory. according to permissions of the folder set on the server, this will limit whether you can read or write to the folder.

active vs pasv mode

ACTIVE = server initiated data connection

the client connects from command port N to the server’s command port 21 and tells the server what its data port will be (N+1). the server responds to the command port N from command port 21 with an ACK. the server initiates a data connection from its data port 20, to the data port that the client told it about before (N+1). the client’s data port N+1 responds to the server with an ACK

PASV= client initiated data connection

the client connects from command port N to the server’s command port 21 and tells the server PASV. the server replies with an available port from a range defined in the config file’s directives pasv_min_port and pasv_max_port. this tells the client which port the server is listening to for the data connection. the client initiates the data connection from its data port to the data port the server told it about before. the server sends back an ACK to the client’s data port