How to Install, Configure and Secure FTP Server in RHEL 8

FTP (stands for “File Transfer Protocol”) is a standard and old network protocol used for the transfer of files between a client and server on a computer network. It is built on a client-server model architecture, which offers access to files and directories via an FTP client, to upload files to the server as well as download files from it.

In our previous article, we have explained how to install, configure and secure FTP Server in CentOS/RHEL 7 for the transfer of computer files between a client and server on a computer network.

In this article, we will describe how to install, configure and secure an FTP server on RHEL 8 for basic file sharing between computers.

Install FTP Server on RHEL 8

1. To install secure FTP package, use the following dnf command.

# dnf install vsftpd
Install VsFTP in RHEL 8
Install VsFTP in RHEL 8

2. When the installation is complete, you need to start the vsftpd service for the meantime, enable it to start automatically at system boot and then verify the status using the following systemctl commands.

# systemctl start vsftpd
# systemctl enable vsftpd
# systemctl status vsftpd
Start and Verify FTP Service
Start and Verify FTP Service

3. Next, you need to open FTP port 21 on the system firewall to allow access to FTP services from external systems.

# firewall-cmd --zone=public --permanent --add-port=21/tcp
# firewall-cmd --zone=public --permanent --add-port=45073/tcp
# firewall-cmd --reload

Configure FTP Server on RHEL 8

4. To configure an FTP server, you need to take the backup of the main FTP configuration file /etc/vsftpd/vsftpd.conf using the following copy command.

# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.orig

5. Then open the configuration file using your favorite command line editor.

# vi /etc/vsftpd/vsftpd.conf

Set the following parameters with these corresponding values (see man vsftpd.conf for meanings of the configuration parameters):


6. Next, you need to configure FTP to allow/deny users access to FTP services based on the user list file /etc/vsftpd.userlist.

By default, users listed in /etc/vsftpd.userlist file are denied access with the userlist_deny option set to YES, if userlist_enable=YES, it enables access.

But, setting the parameter userlist_deny=NO alters the setting, meaning that only users explicitly listed in userlist_file=/etc/vsftpd.userlist will be permitted to log in.

Therefore, add the following lines in your vsftpd.conf configuration file (or if there already exist, uncomment them and set their values as shown):

userlist_enable=YES                   # allow access to list of usernames from the userlist_file
userlist_file=/etc/vsftpd.userlist    # stores usernames.

7. Now add the following lines in your vsftpd.conf configuration file to restrict FTP users to their Home directories.

chroot_local_user=YES		#means local users will be placed in a chroot jail, their home directory after login by default settings.

Save the changes in the file and close it.

8. Set the following SELinux boolean rule to enable FTP to read/write files of user’s home directory.

# semanage boolean -m ftpd_full_access --on

9. Finally restart the vsftpd service to affect all the changes we made so far above:

# systemctl restart vsftpd

Testing FTP Server on RHEL 8

10. To test if the above FTP setup is running fine, start by creating an FTP user with useradd command and create a password for that user.

# useradd -m -c "Tecmint HowTos" -s /bin/bash tecmint
# passwd tecmint

11. Then add the user tecmint to the file /etc/vsftpd.userlist using the echo command as follows.

# echo "tecmint" | tee -a /etc/vsftpd.userlist
# cat /etc/vsftpd.userlist

12. Then create the alternative local root directory for the user (tecmint, yours is probably different) and set the appropriate permissions on this directory.

# mkdir -p /home/tecmint/ftp
# chown nobody:nobody /home/tecmint/ftp
# chmod a-w /home/tecmint/ftp

13. Next, create a directory inside the local root location, where user’s will keep his/her files.

# mkdir /home/tecmint/ftp/files
# chown tecmint:tecmint /home/tecmint/ftp/files
# chmod 0700 /home/tecmint/ftp/files/

14. Now connect to the FTP server using any FTP client as follows.

# ftp [email protected]
Sample Output
Connected to
220 Welcome to FTP service.
331 Please specify the password.
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls

That’s it! In this article, we described how to install, configure as well as secure an FTP server in RHEL 8. In our next article, we will show how to secure FTP server using SSL/TLS connections. Until then, stay with us.

Tutorial Feedback...
Was this article helpful? If you don't find this article helpful or found some outdated info, issue or a typo, do post your valuable feedback or suggestions in the comments to help improve this article...

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

Got something to say? Join the discussion.

Have a question or suggestion? Please leave a comment to start the discussion. Please keep in mind that all comments are moderated and your email address will NOT be published.