如何在CentOS中设置FTP服务器

安装vsftpd并启动服务；2. 配置/etc/vsftpd/vsftpd.conf禁用匿名登录、启用本地用户写入和chroot锁定；3. 创建专用FTP用户并可选限制其仅FTP访问；4. 开放防火墙FTP服务及被动模式端口；5. 从客户端测试连接并根据需要调整SELinux策略，即可搭建一个安全可用的FTP服务器，适合内部或遗留应用使用，建议避免暴露在公网并考虑升级到FTPS以增强安全性。

Setting up an FTP server on CentOS is straightforward — especially if you're using vsftpd (Very Secure FTP Daemon), which is the default and most secure option. Here's how to do it step by step:

✅ 1. Install vsftpd

First, update your system and install vsftpd:

sudo yum update -y
sudo yum install vsftpd -y

Start and enable the service:

sudo systemctl start vsftpd
sudo systemctl enable vsftpd

Check status:

sudo systemctl status vsftpd

✅ 2. Configure vsftpd (/etc/vsftpd/vsftpd.conf)

Make a backup of the original config:

sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.orig

Now edit the config file:

sudo nano /etc/vsftpd/vsftpd.conf

Key settings to change or confirm:

• anonymous_enable=NO → Disable anonymous access (secure by default)
• local_enable=YES → Allow local system users to log in
• write_enable=YES → Allow file uploads/modifications
• chroot_local_user=YES → Lock users to their home directories
• allow_writeable_chroot=YES → Required if chroot directory is writable (common in CentOS 7 )

Optional but useful:

• pasv_enable=YES
• pasv_min_port=40000
• pasv_max_port=40100
  → These set up passive mode (needed for firewalls/NAT)

Save and exit (Ctrl O, Enter, Ctrl X in nano).

Restart vsftpd:

sudo systemctl restart vsftpd

✅ 3. Create an FTP User (Optional but Recommended)

Don’t use root. Create a dedicated user:

sudo adduser ftpuser
sudo passwd ftpuser

Set permissions if needed:

sudo chown ftpuser:ftpuser /home/ftpuser
sudo chmod 755 /home/ftpuser

? Tip: You can restrict this user to only FTP access by setting their shell to /sbin/nologin:

sudo usermod -s /sbin/nologin ftpuser

✅ 4. Configure Firewall

If using firewalld (default in CentOS):

sudo firewall-cmd --permanent --add-service=ftp
sudo firewall-cmd --permanent --add-port=40000-40100/tcp  # for passive mode
sudo firewall-cmd --reload

If using iptables, adjust accordingly — but firewalld is standard now.

✅ 5. Test the FTP Server

From another machine, test with:

ftp your-server-ip

Or use an FTP client like FileZilla — just enter:

• Host: your-server-IP
• Username: ftpuser
• Password: [your-password]
• Port: 21

If passive mode is set, make sure your client supports it (FileZilla does by default).

✅ Bonus: SELinux (if enabled)

CentOS often has SELinux enabled. If FTP login fails, try:

sudo setsebool -P ftp_home_dir on

Check SELinux status:

sestatus

That’s it!
You now have a working, secure FTP server on CentOS using vsftpd. It’s not the most modern protocol (SFTP/FTPS are better for security), but FTP still has its place — especially for legacy apps or internal networks.

Just remember:

• Use strong passwords
• Avoid exposing FTP to the public internet unless necessary
• Consider using FTPS (FTP over SSL) for better security

Basically done — no magic, just solid config.

以上是如何在CentOS中设置FTP服务器的详细内容。更多信息请关注PHP中文网其他相关文章！