VSFTPD and CentOS

This basic configuration allows only users with an account and a home directory to log in and use the resource. Although it must be said that if you have SSH up and running then you should use SFTP (which is pretty much FTP over SSH), as it provides a little bit more security.

1. Install vsftpd:
   
   sudo yum install vsftpd


2. Configure our firewall to allow incoming connections:
   
   sudo /sbin/iptables -I RH-Firewall-1-INPUT 4 -p tcp --dport 21 -m state --state NEW -j ACCEPT
sudo /sbin/iptables -I RH-Firewall-1-INPUT 5 -p tcp --dport 20 -m state --state NEW -j ACCEPT


3. Check to see if SELinux is up and running (an output of 0 means that it is):
   
   /usr/sbin/selinuxenabled; echo $?


4. If SELinux is up and running you need to disable it for the ftp protocol, or apply a policy to allow FTP to make changes to your local directory:
   
   sudo /usr/sbin/setsebool -P ftpd_disable_trans 1


5. Open up the vsftpd configuration file for editing:
   
   sudo vim /etc/vsftpd/vsftpd.conf


6. Make the following changes:
   
   anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES


7. Start VSFTPD:
   
   sudo /sbin/service vsftpd start


8. Turn on FTP on reboot:
   
   sudo /sbin/chkconfig --levels 235 vsftpd on

References:

• Fedora Forum post about how to set up SELinux policies for FTP
• nixCraft guide to setting up FTP on RedHat/CentOS
• IPTables guides are available from here and here
• Red Hat documentation manuals (good reference for ANYTHING)