Skip to main content
JUANING .dev

Install and enable FTP access on an AWS EC2 instance with Linux CentOS 7

Leer en Español

I’ll guide you through the quickest and easiest way to set up FTP access on an EC2 instance with CentOS 7 distribution on AWS (Amazon Web Services). We’re going to use VSFTPD (Very Secure FTP Daemon), so the first step is to install it.

VSFTPD Installation and Configuration

Step 1: Install VSFTPD

  1. Update the package manager: 

    sudo yum update

  2. Install the VSFTP software: 

    sudo yum install vsftpd

  3. Start the service: 

    sudo systemctl start vsftpd

  4. Configure the service to start automatically when the server loads: 

    sudo systemctl enable vsftpd

User Creation and Permission Configuration

Step 2: Create a new FTP user

  1. The following command creates the new user: 

    sudo adduser ftpuser

  2. Assign a password for the user: 

    sudo passwd ftpuser

  3. Add the new user to the VSFTP user list: 

    echo "ftpuser" | sudo tee -a /etc/vsftpd/user_list

Step 3: Configure VSFTPD

  1. First, create a backup copy of the configuration file: 

    sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.default

  2. Open the configuration file with vim: 

    sudo vi /etc/vsftpd/vsftpd.conf

  3. Look for the following variables in the file and update them as shown below:
    Note: Some variables may not exist, just add them at the end of the file. 

    anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
allow_writeable_chroot=YES
userlist_enable=YES
userlist_file=/etc/vsftpd/user_list
userlist_deny=NO

  4. Restart the service: 

    sudo systemctl restart vsftpd

Step 4: Create a folder for the new user

  1. Create the folder within the user’s root directory: 

    sudo mkdir -p /home/ftpuser/ftp/upload

  2. Set the access permissions as follows: 

    sudo chmod -R 755 /home/ftpuser/ftp
sudo chown -R ftpuser: /home/ftpuser/ftp

Enable Password Authentication for the FTP User

Step 5: Enable Password Authentication in SSH for the FTP User

  1. Edit the sshd_config file: 

    sudo vi /etc/ssh/sshd_config

  2. Add the following lines at the end of the file: 

    Match User ftpuser
  PasswordAuthentication yes
  ChrootDirectory /home/ftpuser/ftp

  3. Restart the service: 

    sudo service sshd restart

https://www.juaning.dev/post/2022/2022-11-24-install-and-enable-ftp-access-in-aws-ec2-instance-with-linux-centos-7/
comments powered by Disqus