Lets start with the installation :
sudo dnf install vsftpd
Then enable it :
sudo systemctl enable vsftpd --now
Now check is it is running :
sudo systemctl status vsftpd
If not then start it :
sudo systemctl start vsftpd
The vsftpd server settings are stored in the /etc/vsftpd/vsftpd.conf configuration file. Most of the settings are well documented inside the file. For all available options, visit the official vsftpd page. To edit the file :
sudo nano /etc/vsftpd/vsftpd.conf
anonymous_enable=NO local_enable=YES
To enable upload :
write_enable=YES
To limit the ftp user to the home directory only :
chroot_local_user=YES
To allow the user to upload files to his home directory :
allow_writeable_chroot=YES
You can set the passive port like in this example:
pasv_min_port=30000 pasv_max_port=31000
if you need the ftp to be secure with certificate :
rsa_cert_file=/etc/vsftpd/vsftpd.pem rsa_private_key_file=/etc/vsftpd/vsftpd.pem ssl_enable=YES
this could be an example /etc/vsftpd/vsftpd.conf
anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_std_format=YES chroot_local_user=YES listen=NO listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES userlist_file=/etc/vsftpd/user_list userlist_deny=NO tcp_wrappers=YES user_sub_token=$USER local_root=/home/$USER/ftp pasv_min_port=30000 pasv_max_port=31000 rsa_cert_file=/etc/vsftpd/vsftpd.pem rsa_private_key_file=/etc/vsftpd/vsftpd.pem ssl_enable=YES
Restart the ftp :
sudo systemctl restart vsftpd
For firewall access and SElinux permission use :
setsebool -P allow_ftpd_full_access=1 sudo firewall-cmd --zone=public --permanent --add-service=ftp sudo firewall-cmd --permanent --add-port=30000-31000/tcp firewall-cmd --reload
Now to add user for the FTP :
sudo adduser newftpuser
If you want many users it smart to use list, add the user to a list:
echo "newftpuser" | sudo tee -a /etc/vsftpd/user_list
You can create specific directory for the users :
sudo mkdir -p /home/newftpuser/ftp/upload sudo chmod 550 /home/newftpuser/ftp sudo chmod 750 /home/newftpuser/ftp/upload sudo chown -R newftpuser: /home/newftpuser/ftp
You can also limit this user to ftp access only and not shell :
echo -e '#!/bin/sh\necho "This account is limited to FTP access only."' | sudo tee -a /bin/ftponly sudo chmod a+x /bin/ftponly echo "/bin/ftponly" | sudo tee -a /etc/shells sudo usermod newftpuser -s /bin/ftponly
More information you can find here