Installing a FTP server on a Red Hat Linux, Fedora or CentOS system is not a difficult task. However, it does take more than one command due to security issues with SELinux and iptables. With the correct instructions, it should take a Linux system administrator only a few minutes to get FTP server up and running.
Installing vsftpd Server Software with Yum
The first step to installing a FTP server on a Fedora or Red Hat system is to install the software. That's very easy with the yum program. To install the ftp server software, type in the following as root:
yum install vsftpd
Follow the prompts and answer yes when prompted to download the software. yum is used to install all software and their dependencies on Red Hat based systems. After installing vsftpd with yum, start the FTP server by typing in the following two commands as root:
service vsftpd start
chkconfig vsftpd on
The first command starts the FTP server. The second command tells the system to start vsftpd at boot. There is a configuration file called either /etc/vsftpd.conf or /etc/vsftpd/vsftpd.conf that can be modified to change the settings of the FTP server (eg. enable anonoymous FTP access).
Configuring SELinux and FTP
On many Linux systems, SELinux (Secured Linux) is enabled which will cause FTP not to work out of the box. To configure SELinux to allow FTP, display SELinux's current configuration for FTP by typing in the following as root:
getsebool -a | grep ftp
A list of SELinux ftp related settings will be displayed. Depending on the needs of the FTP server, enable only those services that are necessary to make the ftp server work. For example, if allow_ftpd_full_access needs to be turned on, type in the following as root:
setsebool allow_ftpd_full_access 1
Another workaround is to disable SELinux altogether, but that's a very drastic step just to make FTP server software work. In most cases, it's very easy to make SELinux and FTP work together.
Configuring Iptables and FTP
Finally, the iptables firewall that's installed in most Fedora, RedHat and CentOS systems needs to be configured to allow ftp. In order to do this, the iptables configuration file /etc/sysconfig/iptables needs to be modified. As root, edit /etc/sysconfig/iptables and add the following:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
This statement tells the firewall to enable port 21 tcp protocol, which is what FTP uses. The easiest way to add this statement is to copy and paste a previous statement in /etc/sysconfig/iptables that looks exactly the same with the exception of the port number. After the file has been modified properly it's time to enable the new firewall rules by restarting the firewall as root with the following command:
service iptables restart
After the firewall has been restarted, it's time to test the FTP server. From another host on the network, connect to the Linux FTP server using a ftp client. After connecting, upload or download a file as necessary to test the FTP service. If everything works fine, then the configuration of the FTP server is complete.
