RHCE Series: FTP

  • Configure anonymous-only download.

Install vsftpd:

yum -y install vsftpd

vsftpd is configured to allow anonymous downloads by default. So you’ll need to disable non-anonymous logins.


We need to change the highlighted options to NO.

Open the firewall and make persistent at boot.

iptables -I INPUT -p tcp –dport 21 -j ACCEPT
service iptables save

Start vsftpd and make it persistent at boot:

service vsftpd start
chkconfig vsftpd on

Let’s test out the anonymous ftp. I created a 10MB file in /var/ftp/pub.


What happened above is that by default the ftp server uses passive ftp mode and the firewall is blocking the > 1024 port that the connection is trying to open.

What we’ll need to do is enable ftp connection tracking and make it persistent at boot.


To make the changes persistent, you’ll need to add an entry in /etc/sysconfig/iptables-config:


October 26, 2012

Posted In: FTP, Linux, RHCE Study Notes, vsftpd