How to Setup FTP Server using VSFTPD

How Do I Create An FTP Account Without A Control Panel?

This guide covers how to create FTP accounts using vsftpd, and this software can be installed on CentOS 6, CentOS 7, and Ubuntu.

Before installing any software, it's always best practice to ensure that your system is up to date.  Please see and follow the following guide to update your server. How to Update Your Server

How To Install vsftpd

CentOS 6/Redhat 6

Step 1 – First, install vsftpd. Do this by issuing the following command while logged in via SSH.

yum install vsftpd

Note: You'll be prompted to confirm the installation. If you'd like to avoid this, you can use the -y option.

Step 2 – FTP is technically now functional on the server. However it's advised to take the following security changes to the configuration file for vsftpd. (located at /etc/vsftpd/vsftpd.conf)

anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
allow_writeable_chroot=YES

Once you make these changes, you need to restart the vsftpd service:

service vsftpd restart

Step 3 – You should now set the vsftpd service to always start at boot using the following command:

chkconfig vsftpd on

Step 4 – The final step is allowing the default FTP port (21) through the firewall. Do this by using the following command:

iptables -A INPUT -p TCP -m TCP --dport 21 -j ACCEPT

Step 5 – Now restart the firewall using the following command:

service iptables restart

CentOS 7/Redhat 7

Step 1 – Install vsftpd. Do this by issuing the following command while logged in via SSH.

yum install vsftpd

You'll be prompted to confirm the installation by pressing "y," if you'd like to avoid this, you can use the -y option at the end of the command.

Step 2 – FTP is now functional on the server, however it's advised to make the following security changes to the configuration file for vsftpd. (located at /etc/vsftpd.conf)

anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
allow_writeable_chroot=YES

Once you make these changes, restart the vsftpd service using the following command:

systemctl restart vsftpd

Step 3 – You should now set the vsftpd service to always start at boot using the following command:

systemctl enable vsftpd

Step 4 – The final step is allowing the default FTP port (21) through the firewall. Do this by using the following command:

firewall-cmd --permanent --add-port=21/TCP

Step 5 – Now restart the firewall using the following command:

firewall-cmd --reload

Ubuntu/Debian

Step 1 – Install vsftpd. Do this by issuing the following command while logged in via SSH.

apt-get install vsftpd

You'll be prompted to confirm the installation. If you'd like to avoid this, you can use the -y option.

Step 2 – FTP is now functional on the server. However it's advised to take the following security changes to the configuration file for vsftpd. (located at /etc/vsftpd.conf)

anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
allow_writeable_chroot=YES

Once you've made these changes, you'll need to restart the vsftpd service using the following command:

service vsftpd restart

How To Add An FTP User

You can create a new user that can be used for FTP by using the add-user command. Please note that the specific syntx of this command prevents access to the bash shell for the created FTP user. This command will work for both CentOS/Redhat and Ubuntu/Debian. To add a new FTP user, issue the following command while logged in via SSH, replacing NewUserName with the username you'd like to use.

useradd -m NewUserName -s /usr/sbin/nologin

Once the user has been added, set their password using the following command, replacing username  with the name of the user:

passwd username

You'll be prompted to enter the password twice. However, the password won't be visible as you type it. Be careful.

You should now be able to access the server via FTP using the IP address of the server, the username and password that you created, and port 21. Please note that the user will only have access to their specific home directory.