File Transfer Protocol (FTP) is a widely-used standard network protocol for transferring files between a client and a server over a network. In this comprehensive guide, we will walk you through the steps on how to install FTP server on Oracle Linux.
Before we start, make sure you have a fully updated Oracle Linux system. If you haven’t already, take a look at our previous articles on how to build a file server on Oracle Linux and how to disable root login on Oracle Linux to get your system ready.
How to Install FTP Server on Oracle Linux
Installing FTP Server on Linux
vsftpd (Very Secure FTP Daemon) is a popular and secure FTP server for Linux. To install vsftpd on Oracle Linux, open a terminal and enter the following command:
sudo yum install -y vsftpdConfigure FTP Server on Oracle Linux
After the installation is complete, you need to configure vsftpd to match your needs. To do this, open the configuration file with your favorite text editor, such as vim:
sudo vim /etc/vsftpd/vsftpd.confIn the configuration file, make the following changes:
- Set anonymous_enable to
NOto disable anonymous access:
anonymous_enable=NOEnable local users to access their home directories by setting chroot_local_user to YES:
chroot_local_user=YESConfigure the pasv_min_port and pasv_max_port to define a passive port range:
pasv_min_port=40000
pasv_max_port=45000Enable logging of user login and file transfer actions by adding the following lines:
dual_log_enable=YES log_ftp_protocol=YES
Save the changes and exit the text editor.
Set up User Accounts and Directories
To enhance security, it’s a good idea to create a separate user for FTP access. Execute the following command to add a new user (replace {username} with your desired username):
sudo useradd -m {username}Next, set a password for the new user:
sudo passwd {username}Create a directory for the user to upload files:
sudo mkdir /home/{username}/ftpChange ownership of the directory to the new user and group:
sudo chown {username}:{username} /home/{username}/ftpConfigure the Firewall
To allow FTP traffic through the firewall, add the necessary rules by executing the following commands:
sudo firewall-cmd --permanent --add-service=ftp
sudo firewall-cmd --permanent --add-port=40000-45000/tcpReload the firewall to apply the new rules:
sudo firewall-cmd --reloadEnable and Start the vsftpd Service
Enable the vsftpd service to start automatically at boot:
sudo systemctl enable vsftpdStart the vsftpd service:
sudo systemctl start vsftpdTest the FTP Server
To test the FTP server, you can use an FTP client such as FileZilla or connect from the command line using the ftp command. To connect from the command line, execute the following command (replace {username} with the FTP user you created and {server_ip} with the IP address of your Oracle Linux server):
ftp {username}@{server_ip}When prompted, enter the password for the FTP user. Once connected, you can use FTP commands such as put, get, ls, and cd to interact with the server.
If you encounter any issues, refer to the vsftpd logs located at /var/log/vsftpd.log for troubleshooting.
Secure the FTP Server with SSL/TLS (Optional)
To further secure your FTP server, you can encrypt the communication between the client and the server using SSL/TLS. To do this, you will first need to install OpenSSL:
sudo yum install -y opensslNext, generate a new SSL certificate and key by executing the following command (replace {your_domain} with your domain name):
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/vsftpd/{your_domain}.key -out /etc/vsftpd/{your_domain}.crtNow, edit the vsftpd configuration file:
sudo vim /etc/vsftpd/vsftpd.confAdd the following lines at the end of the file to enable SSL/TLS support (replace {your_domain} with your domain name):
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/{your_domain}.crt
rsa_private_key_file=/etc/vsftpd/{your_domain}.keySave the changes and exit the text editor. Restart the vsftpd service to apply the new settings:
sudo systemctl restart vsftpdNow, your FTP server is secured with SSL/TLS encryption. Ensure that your FTP clients are configured to use explicit FTP over TLS when connecting to the server.
Conclusion
Congratulations! You have successfully installed and configured an FTP server on Oracle Linux. By following these steps, you’ve created a secure environment for transferring files between your clients and the server.
If you’re looking to further enhance your Oracle Linux server’s security, consider implementing two-factor authentication (2FA) or installing Fail2Ban to protect against brute force attacks. Additionally, you can explore our other guides for more Oracle Linux tutorials and tips, such as how to install OpenVPN server or how to install Ruby.
