Set Up FTP Service on Linux

BCC BCC

  • API Reference
    • Appendix
    • Automatic Snapshot Policy Related Interfaces
      • Bind automatic snapshot policy
      • Create automatic snapshot policy
      • Delete automatic snapshot policy
      • Query details of automatic snapshot policy
      • Query the list of automatic snapshot policies
      • Unbind automatic snapshot policy
      • Update automatic snapshot policy
    • Cluster Management Related Interfaces
      • Create EHC Cluster
      • Delete EHC Cluster
      • EHC Cluster List
      • Modify EHC Cluster
    • Common Request Headers and Response Headers
    • Dedicated Cluster Related Interfaces
      • Canceling Dedicated Cluster Auto-Renewal
      • Create a dedicated cluster
      • Dedicated Cluster Renewal
      • Dedicated Cluster Tag Binding
      • Dedicated Cluster Tag Unbinding
      • Enabling Dedicated Cluster Auto-Renewal
      • Querying Dedicated Cluster Details
      • Querying Dedicated Cluster List
      • Resizing Dedicated Cluster
    • Deployment Group Related Interfaces
      • Adjust Deployment Group
      • Create Deployment Group
      • Delete Deployment Group
      • Get Deployment Group Details
      • Modify deployment group
      • Query the deployment group list
      • Remove Instance from Deployment Group
    • Disk Related Interfaces
      • Attach a CDS disk
      • Bind a tag to a disk
      • Cancel Auto-renewal
      • Create a CDS disk
      • Detach a CDS disk
      • Disk Expansion and Type Change
      • Enable auto-renewal
      • Get Purchasable Disk Information
      • Modify disk properties
      • Query CDS Price
      • Query disk details
      • Query the disk list
      • Release a CDS disk (new)
      • Release a CDS disk
      • Rename a disk
      • Renew a disk
      • Roll back disk data
      • Shift charge for disks
      • Unbind a tag from a disk
    • Error response
    • General Description
    • Image Related Interfaces
      • Bind a tag to an image
      • Cancel cross-region replication of custom images
      • Create a custom image
      • Delete a custom image
      • Import an image
      • Modify Custom Image Name
      • Query available public image based on instance specifications
      • Query image details
      • Query List of Users with Shared Image Access
      • Query OS information based on instance IDs in batch
      • Query the image list
      • Replicate a custom image across regions
      • Share a custom image
      • Unbind a tag from an image
      • Unshare a custom image
    • Instance Related Interfaces
      • Add an instance to a security group
      • Add IPv6
      • Batch Adding Secondary IP Addresses for Primary Network Interface Card
      • Batch Convert to Postpay
      • Batch Unsubscribe Prepaid Instances
      • Billing Change - Convert to Subscription
      • Bind a role
      • Bind a tag to an instance
      • Change the instance subnet
      • Change the instance VPC
      • Convert to prepay in batch
      • Create an instance (by specifying instance package specifications)
      • Create automatic renewal rules
      • Create instance
      • Delete automatic renewal rules
      • Delete secondary IP address from the primary network interface card in batch
      • Early Release of Prepaid Instances
      • Enter rescue mode
      • Exit rescue mode
      • Instance Resizing (By Specifying Instance Package Specification)
      • Modify instance attributes
      • Modify instance description
      • Modify instance hostname
      • Modify the instance password
      • Query Instance List by Instance ID
      • Query instance list
      • Query Multiple Instance Details
      • Query recycle bin instance list
      • Query resizing specifications
      • Query the custom data of the instance
      • Query the details of a specified instance
      • Query the list of BCC instances eligible for no charge for stopped instances
      • Query the VNC address of the instance
      • Reboot an instance
      • Reinstall an instance
      • Reinstall OS for Instances (Batch Reinstallation)
      • Release instances in batch
      • Release IPv6
      • Release Postpay Instances (Release via POST Request)
      • Release recycle bin instances
      • Remove an instance from a security group
      • Remove the relationship between an instance and its deployment group
      • Renew an instance
      • Resize instances in batches
      • Resuming Billing for BCC in Recycle Bin
      • Retrieve a list of instance roles
      • Retrieve network interface card information for an instance
      • Set Auto-release of Spot Instance EIP
      • Set Instance Deletion Protection
      • Setting Auto-Release for Postpay
      • Start an instance
      • Starting Instances (Batch Start)
      • Stop an instance
      • Stopping Instances (Batch Stop)
      • Unbind a role
      • Unbind a tag from an instance
    • Key Pair Related Interfaces
      • Bind a key pair
      • Change description of key pair
      • Create a key pair
      • Delete a key pair
      • Import a key pair
      • Query key pair details
      • Query the key pair list
      • Rename a key pair
      • Unbind a key pair
    • Maintenance platform APIs
      • Maintenance Records Related Interfaces
      • Maintenance Task Related Interfaces
      • Pre-authorization Related Interfaces
    • Other APIs
      • Query instance package price
      • Query instance package specifications (new)
      • Querying Availability Zones By Package Specification
    • Overview
    • Region and Availability Zone Related Interfaces
      • Query list of availability zones
      • Retrieve the Domain Name List API
    • Reserved Instance Related Interfaces
      • Accept Reserved Instance Transfer
      • Adjust reserved instance
      • Bind Tag to Reserved Instance
      • Create Auto-renewal Rule for Reserved Instance
      • Create reserved instances
      • Disable Auto-renewal Rule for Reserved Instance
      • Initiate Reserved Instance Transfer
      • Query Reserved Instance
      • Reject Reserved Instance Transfer
      • Renew reserved instances
      • Reserved Instance Inbound List
      • Reserved Instance Outbound List
      • Revoke Reserved Instance Transfer
      • Unbind Tag from Reserved Instance
    • Security Group Related Interfaces
      • Authorize security group rules
      • Create a security group
      • Delete a security group
      • Delete security group rules
      • Instance associating with security group
      • Query the security group list
      • Replace security group for instance
      • Revoke security group rules
      • Unbind security group from instance
      • Update security group rules
    • Service domain
    • Snapshot Related Interfaces
      • Bind a tag to a snapshot chain
      • Create a snapshot
      • Delete a snapshot
      • Query snapshot chain list
      • Query snapshot details
      • Query the snapshot list
      • Replicate a snapshot across regions
      • Unbind a tag from a snapshot chain
    • Spot Instance Related Interfaces
      • Cancel Spot Instance Order
      • Create spot instances
      • Query Spot Instance Packages
      • Query Spot Price
  • Cloud Assistant API and SDK Reference
    • Python SDK
      • Batch Retrieval of bsm-agent State within Instances
      • CaClient
      • Command Interface
      • Historical records
      • Initialization
      • Install SDK
      • Log API
  • Cloud Assistant API Reference
    • Batch Retrieve Instance BSM-Agent Status
    • Command Interface
    • Common Request and Response Headers
    • Error response
    • General Description
    • Historical records
    • Log API
    • Service domain
  • FAQs
    • Billing class
    • Common Questions Overview
    • Images
    • Instances
    • Network class
    • Performance
    • Reserved Instance
    • Security class
    • Snapshots
    • Storage class
    • Virtual machine operation and maintenance class
  • Fault handling
    • GPU Instance Downtime Troubleshooting
    • Linux Baidu Cloud Compute Entering Single User Mode to Reset Paasword Reports Error-Authentication token lock busy
    • Linux Baidu Cloud Compute Entering Single User Mode to Reset Paasword Reports Error-Authentication token manipulation error
    • Linux Baidu Cloud Compute Entering Single User Mode to Reset Root Paasword
    • Linux Baidu Cloud Compute Execution Yum Update Reports Dependency Conflict
    • Linux Baidu Cloud Compute Setting Login Method
    • Unable to Remotely Connect to Linux Instance
    • Unable to Remotely Connect to Windows Instance
    • Windows Server Cannot Ping
  • Function Release Records
  • Go-SDK
    • Automatic snapshot policy
    • Availability zone
    • Dedicated CDS Cluster
    • Deployment group
    • Disk
    • Elastic high-performance computing cluster
    • Image
    • Initialization
    • Instance
    • Key pair
    • Overview
    • Region
    • Reserved Instance
    • Security group
    • Snapshot
  • Java-SDK
    • Automatic snapshot policy
    • Availability zone
    • BCC instance
    • BccClient
    • Deployment group
    • Disk
    • Exception handling
    • Image
    • Install the SDK Package
    • Key pair
    • Log
    • Overview
    • Quick Start
    • Region
    • Reserved Instance
    • Security group
    • Snapshot
    • Version Change Records
  • Operation guide
    • Deployment group
      • Adjust Deployment Group for Existing Instances
      • Create BCC Instance within Deployment Group
      • Create Deployment Group
      • Delete Deployment Group
      • Modify Deployment Group Information
      • Overview of deployment policy
      • Remove BCC Instance from Deployment Group
    • Elastic high-performance computing cluster
      • Create Elastic High-performance Computing Cluster
      • Overview of elastic hyper-computing cluster
    • Image
      • Baidu AI Cloud Image Service Agreement
      • Create a custom image
      • Creating Linux Image Based on Local System
      • Cross-region image replication
      • Data and Personal Information Protection Statement
      • Delete a custom image
      • How to Set Network Adapter Multi-Queue Properties
      • Image List
      • Image Overview
      • Image Quick Guide
      • Import Custom Image
        • Checking Network Configuration
        • Checking Virtio Driver
        • Creating Instance Using Imported Custom Image
        • Detecting Image Using Image Detection Tool
        • Image format check
        • Image Format Conversion
        • Image Import Restrictions
        • Import Overview
        • Install cloudbase-init
        • Installing Virtio Driver
        • System Optimization Operations (Linux)
      • OS Official End of Maintenance Plan
      • Public Image Release Records
        • 2023 BCC Public Image Release Records
        • 2023 EBC Public Image Release Records
        • 2024 BCC Public Image Release Records
        • 2024 EBC Public Image Release Records
        • 2025 BCC Public Image Release Records
      • Reinstall OS
      • Share a custom image
      • Windows Image Creation
    • Instance
      • Batch Sequential Naming
      • Change Availability Zone
      • Change Charge Type
        • Postpay to Subscription
        • Subscription to Postpay
      • Change Instance Configuration
      • Create instance
        • Create Instance Navigation
        • Create Instance via Custom Image
        • Create Instance via Purchase Page
        • Create Instances with Launch Templates
        • Purchase Instance with Same Configuration
      • Cross-AZ migration
      • Functional restrictions
      • Instance Overview
      • Modify instance name
      • Postpay Instance No Charge for Stopped Instances
      • Reboot an instance
      • Reclaim instance
      • Release an instance
      • Renew an instance
      • Reset password
      • Set IAM Role
      • Sign in to instance
        • Log in to Linux Instance
          • Connect to Baidu Cloud Compute Using SmartTerm
          • Connect to Linux instance using user name-password certification
          • Log in to Linux Instance Using SSH Key on Linux or Mac
          • Log in to Linux Instance Using SSH Key via SecureCRT
          • Remotely sign in to Baidu Cloud Computer via VNC
          • Sign in to Linux instances via SSH key in Putty
          • Sign in to Linux instances via SSH key in Xshell
        • Log in to Windows Instance
          • Remotely sign in to Baidu Cloud Computer via VNC
          • Sign in to Windows instance via remote desktop
        • Login Method Overview
      • Spot instances
        • Create spot instances
        • What Is Spot Instance
      • Start an instance
      • Stop an instance
        • Elastic Baremetal Instance and Elastic High-performance Computing Cluster Instance Halt Capability Configuration Instructions
        • Stop an instance
      • View instance
    • Launch Template
    • Network
      • Bind and Unbind EIP
      • Change Internal IP
      • Change subnet
      • Change VPC
      • Configure Dual Network Interface Card External Network Access for Windows Baidu Cloud Compute
      • Configure IPv6 Address
      • Elastic network interface
        • Configure elastic network interface
        • Create elastic network interface
        • Elastic Network Interface Overview
        • Mount elastic network interface
      • Elastic RDMA Network Interface
        • Elastic RDMA Network Interface Overview
        • Instructions for use
    • Operations and Monitor
      • Cloud Assistant
        • Cloud Assistant Overview
        • Cloud Assistant Usage Notes
        • Create command
        • FAQs
        • Historical records
        • Identity and access management
        • Instance list
        • My commands
        • Public commands
        • Upload files
      • Evacuate Faulty Instance
      • Instance Health Check
      • Maintenance Platform
        • Maintenance Platform Access Instructions
        • Maintenance Platform Overview
        • Maintenance Records Query
        • Maintenance Task
        • Pre-authorization Rule Settings
      • Monitor and Alarm
      • Self-Service Diagnostic Tool
        • Application Performance Diagnostic Tool Btune
        • Self-Service Diagnostic Tool Overview
      • Use Rescue Mode
    • Reserved Instance
      • FAQ
      • Introduction to reserved instance
      • Renew reserved instances
      • Reserved Instance AZ Change
      • Reserved Instance Cross-Account Transfer
      • Reserved Instance EHC Cluster Change
      • Reserved Instance Purchase
    • Resource Assessment
    • Security
      • Identity and access management
        • Identity and access management
        • Price Permission Control
      • Key pair
        • Bind SSH Key Pair
        • Create SSH Key Pair
        • Delete SSH Key Pair
        • SSH Key Pair Overview
        • Unbind SSH Key Pair
      • Security group
        • Associate with security group
        • Copy security group
        • Create a security group
        • Delete a security group
        • Disassociate security group
        • Edit security group
        • Security group overview
    • Server Migration
      • Migration Operation Steps
      • Server Migration Operation Process
      • Server Migration Overview
    • Snapshot
      • Automatic snapshot
      • Create disk snapshot
      • Delete a snapshot
      • Rollback snapshot
      • Snapshot Overview
    • Storage
      • Overview
      • System disk expansion
    • Tag Management
      • Configure Tag
      • Tag Management Overview
      • View Resource Bill Based on Tag
  • Operations Reference
    • Linux Operations Reference
      • Baidu Cloud Compute Delete or Modify File Prompting File System Read-Only
      • CentOS 7 Install Docker
      • Configure Linux Analysis Tools atop and kdump
      • Enter Single User Mode
        • CentOS 6 Enter Single User
        • CentOS 7 Enter Single User
        • CentOS 8 Enter Single User
        • FreeBSD 11 Single User Modify Password SOP
        • opensuse42
          • 3 Enter Single User
        • Ubuntu Enter Single User
        • OpenSUSE 42_3 Enter Single User
      • How to Enable or Disable Intel CPU Vulnerability Patch in Linux Image
      • How to Handle System Boot Exception Caused by fstab Configuration
      • How to Resolve Unable to Log in to Linux BCC Instance via SSH
      • Linux BCC Instance Insufficient Space Issue Resolution
      • Linux BCC Instance Lagging Issue
      • Linux Format and Mount Instance Mount Local Disk
      • Linux Modify Default Remote Connection Port
      • Linux Server CPU and Memory Full Issue Troubleshooting
      • Linux System Install Graphical Interface and Remote Connection
        • CentOS
          • CentOS 8 Install Graphical Interface and Connect Using VNC Viewer
          • CentOS6
            • 5 Install KDE Desktop Graphical Interface and Connect Using VNC Viewer
          • CentOS7
            • 2 Install GNOME Graphical Interface and Connect Using VNC Viewer
          • Install GNOME GUI on CentOS 7_2 and Connect via VNC Viewer
          • Install GUI on CentOS 8 and Connect via VNC Viewer
          • Install KDE Desktop GUI on CentOS 6_5 and Connect via VNC Viewer
        • opensuse
          • opensuse42
            • 3 Install Graphical Interface and Connect Using VNC Viewer
          • Install GUI on OpenSUSE 42_3 and Connect via VNC Viewer
        • Ubuntu
          • Ubuntu14
            • 04 Install Graphical Interface and Connect Using VNC Viewer
          • Ubuntu18
            • 04 Install Graphical Interface and Connect Using VNC Viewer
          • Install GUI on Ubuntu 14_04 and Connect via VNC Viewer
          • Install GUI on Ubuntu 18_04 and Connect via VNC Viewer
      • Performance test
        • Linux CPU Performance Test
        • Linux Disk IO Performance Test
        • Linux Network Performance Test
      • Ubunut16_04 Subscription Extended Security Maintenance (ESM)
    • Server configuration
      • Debian 9 Software Source Configuration Update
      • Linux PIP Configuration with Baidu Source
      • Online Instance with OFED Driver Kernel Replacement Solution
      • Windows PIP Configuration with Baidu Source
    • Windows Operations Reference
      • Blue Screen Crash General Handling Method
      • Configure Multi-User Access to Windows Server
      • Connecting to Windows Server Using Xshell
      • Data Disk Not Displayed After Server Reboot
      • Desktop and Application Color Turning Black Handling Method
      • Local Playback of Sound from Windows Server
      • Performance Resources
      • Remote Connection to Windows Unable to Use Clipboard
      • System Activation
      • System Black Screen Handling Method
      • Tutorial on Disabling Windows Firewall
      • Windows Allow Single User to Connect Multiple Sessions Method
      • Windows automatic update-related configuration
      • Windows BCC Instance Achieve SID Uniqueness After Joining Domain
      • Windows BCC Instance Lagging Issue
      • Windows CPU and Memory Full Troubleshooting Steps
      • Windows Delete Hardware Reserved Memory
      • Windows Instance Disk Space Insufficient Cleanup Tutorial
      • Windows Modify Default Remote Connection Port
      • Windows Quick Login
      • Windows Server Disable IE Enhanced Security Configuration Tutorial
      • Windows Set Only Allow Local & Fixed IP Access Remote Port
      • Windows Virtual Machine Auto Login Failure Handling Method
  • Product Description
    • Application scenarios
    • Correspondence Between Original and New Model Names
    • Discontinued Instance Specifications
    • Models and Their Regions
    • Product advantages
    • Usage restrictions
    • What Is Baidu Cloud Compute BCC
    • Instance specification
  • Product pricing
    • Billing overview
    • Charge type
      • Postpay Pricing
      • Reserved instances
      • Subscription (Prepay) Pricing
      • Reserved Instance
    • Refund policy
  • Python-SDK
    • BccClient
    • Disk
    • Image
    • Initialization
    • Install the SDK Package
    • Instance
    • Overview
    • Region
    • Reserved Instance
    • Security group
    • Snapshot
    • Version Change Records
  • Python3-SDK
    • Automatic snapshot policy
    • BccClient
    • Dedicated CDS Cluster
    • Deployment group
    • Disk
    • Image
    • Initialization
    • Install the SDK Package
    • Instance
    • Key pair
    • Overview
    • Region
    • Reserved Instance
    • Security group
    • Snapshot
  • Quick Start
    • Baidu Cloud Compute Security Description
    • Quick Configuration of Linux Baidu Cloud Compute
    • Quick Configuration of Windows Baidu Cloud Compute
  • Resources
    • Baidu AI Cloud Image Service Agreement
    • Image Quick Guide
  • Service Level Agreement (SLA)
    • Baidu Intelligent Cloud Baidu Cloud Compute Trusted Cloud
    • BCC Service Level Agreement SLA (V3_0)
  • Tag Service API Reference
    • Appendix 1
    • Domain name
    • General Description
    • Interface List
      • Create tag
      • Delete tag
      • Tag List
      • View resources bound to a tag
    • Introduction
  • Transfer
    • Site Offline Migration Solution
    • Site Smooth Migration Solution
  • Typical Practices
    • Connecting to Windows Server Using Xshell
    • Environment Setup
      • Manual Deployment of SQL Server 2008 R2 Express Edition
      • One-Click Setup for Linux Palworld Server
      • One-Click Setup for Windows Palworld Server
      • Set Up FTP Service on Linux
      • Setting Up Baota on Linux
      • Setting Up Baota on Windows
      • Tutorial on Setting Up IIS and FTP on Windows
      • Typical Practice for Setting Up Access VPN
      • Installing MySQL 8_0 Using Yum on CentOS 7 yum
    • Set Up FTP Service on Linux
    • Tag Management Practice
    • Tutorial on Disabling IE Enhanced Security Configuration on Windows Server 2008
    • Tutorial on Disabling Windows Firewall
    • Website Building Tutorial
      • Building a Website Using IIS Service on Windows 2008 and Windows 2012
      • Deploy SSL Certificate on Baidu Cloud Compute - Apache
      • Deploy SSL Certificate on Baidu Cloud Compute - IIS
      • Deploy SSL Certificate on Baidu Cloud Compute - Nginx
      • Deploy SSL Certificate on Baidu Cloud Compute - Tomcat
      • Installing and Configuring Apache Environment on Windows
      • Installing and Configuring Nginx Environment on Windows
      • CentOS-7_2 LNMP Environment Deployment
      • Deploy LAMP Environment on CentOS-7_2
  • Video Zone
    • Fault handling
    • Operation guide
      • Basic Functions
      • Environment Setup
      • Network Related
      • Operations Reference
      • Paasword Function
    • Operation guide
    • Product introduction
All documents
menu
No results found, please re-enter

BCC BCC

  • API Reference
    • Appendix
    • Automatic Snapshot Policy Related Interfaces
      • Bind automatic snapshot policy
      • Create automatic snapshot policy
      • Delete automatic snapshot policy
      • Query details of automatic snapshot policy
      • Query the list of automatic snapshot policies
      • Unbind automatic snapshot policy
      • Update automatic snapshot policy
    • Cluster Management Related Interfaces
      • Create EHC Cluster
      • Delete EHC Cluster
      • EHC Cluster List
      • Modify EHC Cluster
    • Common Request Headers and Response Headers
    • Dedicated Cluster Related Interfaces
      • Canceling Dedicated Cluster Auto-Renewal
      • Create a dedicated cluster
      • Dedicated Cluster Renewal
      • Dedicated Cluster Tag Binding
      • Dedicated Cluster Tag Unbinding
      • Enabling Dedicated Cluster Auto-Renewal
      • Querying Dedicated Cluster Details
      • Querying Dedicated Cluster List
      • Resizing Dedicated Cluster
    • Deployment Group Related Interfaces
      • Adjust Deployment Group
      • Create Deployment Group
      • Delete Deployment Group
      • Get Deployment Group Details
      • Modify deployment group
      • Query the deployment group list
      • Remove Instance from Deployment Group
    • Disk Related Interfaces
      • Attach a CDS disk
      • Bind a tag to a disk
      • Cancel Auto-renewal
      • Create a CDS disk
      • Detach a CDS disk
      • Disk Expansion and Type Change
      • Enable auto-renewal
      • Get Purchasable Disk Information
      • Modify disk properties
      • Query CDS Price
      • Query disk details
      • Query the disk list
      • Release a CDS disk (new)
      • Release a CDS disk
      • Rename a disk
      • Renew a disk
      • Roll back disk data
      • Shift charge for disks
      • Unbind a tag from a disk
    • Error response
    • General Description
    • Image Related Interfaces
      • Bind a tag to an image
      • Cancel cross-region replication of custom images
      • Create a custom image
      • Delete a custom image
      • Import an image
      • Modify Custom Image Name
      • Query available public image based on instance specifications
      • Query image details
      • Query List of Users with Shared Image Access
      • Query OS information based on instance IDs in batch
      • Query the image list
      • Replicate a custom image across regions
      • Share a custom image
      • Unbind a tag from an image
      • Unshare a custom image
    • Instance Related Interfaces
      • Add an instance to a security group
      • Add IPv6
      • Batch Adding Secondary IP Addresses for Primary Network Interface Card
      • Batch Convert to Postpay
      • Batch Unsubscribe Prepaid Instances
      • Billing Change - Convert to Subscription
      • Bind a role
      • Bind a tag to an instance
      • Change the instance subnet
      • Change the instance VPC
      • Convert to prepay in batch
      • Create an instance (by specifying instance package specifications)
      • Create automatic renewal rules
      • Create instance
      • Delete automatic renewal rules
      • Delete secondary IP address from the primary network interface card in batch
      • Early Release of Prepaid Instances
      • Enter rescue mode
      • Exit rescue mode
      • Instance Resizing (By Specifying Instance Package Specification)
      • Modify instance attributes
      • Modify instance description
      • Modify instance hostname
      • Modify the instance password
      • Query Instance List by Instance ID
      • Query instance list
      • Query Multiple Instance Details
      • Query recycle bin instance list
      • Query resizing specifications
      • Query the custom data of the instance
      • Query the details of a specified instance
      • Query the list of BCC instances eligible for no charge for stopped instances
      • Query the VNC address of the instance
      • Reboot an instance
      • Reinstall an instance
      • Reinstall OS for Instances (Batch Reinstallation)
      • Release instances in batch
      • Release IPv6
      • Release Postpay Instances (Release via POST Request)
      • Release recycle bin instances
      • Remove an instance from a security group
      • Remove the relationship between an instance and its deployment group
      • Renew an instance
      • Resize instances in batches
      • Resuming Billing for BCC in Recycle Bin
      • Retrieve a list of instance roles
      • Retrieve network interface card information for an instance
      • Set Auto-release of Spot Instance EIP
      • Set Instance Deletion Protection
      • Setting Auto-Release for Postpay
      • Start an instance
      • Starting Instances (Batch Start)
      • Stop an instance
      • Stopping Instances (Batch Stop)
      • Unbind a role
      • Unbind a tag from an instance
    • Key Pair Related Interfaces
      • Bind a key pair
      • Change description of key pair
      • Create a key pair
      • Delete a key pair
      • Import a key pair
      • Query key pair details
      • Query the key pair list
      • Rename a key pair
      • Unbind a key pair
    • Maintenance platform APIs
      • Maintenance Records Related Interfaces
      • Maintenance Task Related Interfaces
      • Pre-authorization Related Interfaces
    • Other APIs
      • Query instance package price
      • Query instance package specifications (new)
      • Querying Availability Zones By Package Specification
    • Overview
    • Region and Availability Zone Related Interfaces
      • Query list of availability zones
      • Retrieve the Domain Name List API
    • Reserved Instance Related Interfaces
      • Accept Reserved Instance Transfer
      • Adjust reserved instance
      • Bind Tag to Reserved Instance
      • Create Auto-renewal Rule for Reserved Instance
      • Create reserved instances
      • Disable Auto-renewal Rule for Reserved Instance
      • Initiate Reserved Instance Transfer
      • Query Reserved Instance
      • Reject Reserved Instance Transfer
      • Renew reserved instances
      • Reserved Instance Inbound List
      • Reserved Instance Outbound List
      • Revoke Reserved Instance Transfer
      • Unbind Tag from Reserved Instance
    • Security Group Related Interfaces
      • Authorize security group rules
      • Create a security group
      • Delete a security group
      • Delete security group rules
      • Instance associating with security group
      • Query the security group list
      • Replace security group for instance
      • Revoke security group rules
      • Unbind security group from instance
      • Update security group rules
    • Service domain
    • Snapshot Related Interfaces
      • Bind a tag to a snapshot chain
      • Create a snapshot
      • Delete a snapshot
      • Query snapshot chain list
      • Query snapshot details
      • Query the snapshot list
      • Replicate a snapshot across regions
      • Unbind a tag from a snapshot chain
    • Spot Instance Related Interfaces
      • Cancel Spot Instance Order
      • Create spot instances
      • Query Spot Instance Packages
      • Query Spot Price
  • Cloud Assistant API and SDK Reference
    • Python SDK
      • Batch Retrieval of bsm-agent State within Instances
      • CaClient
      • Command Interface
      • Historical records
      • Initialization
      • Install SDK
      • Log API
  • Cloud Assistant API Reference
    • Batch Retrieve Instance BSM-Agent Status
    • Command Interface
    • Common Request and Response Headers
    • Error response
    • General Description
    • Historical records
    • Log API
    • Service domain
  • FAQs
    • Billing class
    • Common Questions Overview
    • Images
    • Instances
    • Network class
    • Performance
    • Reserved Instance
    • Security class
    • Snapshots
    • Storage class
    • Virtual machine operation and maintenance class
  • Fault handling
    • GPU Instance Downtime Troubleshooting
    • Linux Baidu Cloud Compute Entering Single User Mode to Reset Paasword Reports Error-Authentication token lock busy
    • Linux Baidu Cloud Compute Entering Single User Mode to Reset Paasword Reports Error-Authentication token manipulation error
    • Linux Baidu Cloud Compute Entering Single User Mode to Reset Root Paasword
    • Linux Baidu Cloud Compute Execution Yum Update Reports Dependency Conflict
    • Linux Baidu Cloud Compute Setting Login Method
    • Unable to Remotely Connect to Linux Instance
    • Unable to Remotely Connect to Windows Instance
    • Windows Server Cannot Ping
  • Function Release Records
  • Go-SDK
    • Automatic snapshot policy
    • Availability zone
    • Dedicated CDS Cluster
    • Deployment group
    • Disk
    • Elastic high-performance computing cluster
    • Image
    • Initialization
    • Instance
    • Key pair
    • Overview
    • Region
    • Reserved Instance
    • Security group
    • Snapshot
  • Java-SDK
    • Automatic snapshot policy
    • Availability zone
    • BCC instance
    • BccClient
    • Deployment group
    • Disk
    • Exception handling
    • Image
    • Install the SDK Package
    • Key pair
    • Log
    • Overview
    • Quick Start
    • Region
    • Reserved Instance
    • Security group
    • Snapshot
    • Version Change Records
  • Operation guide
    • Deployment group
      • Adjust Deployment Group for Existing Instances
      • Create BCC Instance within Deployment Group
      • Create Deployment Group
      • Delete Deployment Group
      • Modify Deployment Group Information
      • Overview of deployment policy
      • Remove BCC Instance from Deployment Group
    • Elastic high-performance computing cluster
      • Create Elastic High-performance Computing Cluster
      • Overview of elastic hyper-computing cluster
    • Image
      • Baidu AI Cloud Image Service Agreement
      • Create a custom image
      • Creating Linux Image Based on Local System
      • Cross-region image replication
      • Data and Personal Information Protection Statement
      • Delete a custom image
      • How to Set Network Adapter Multi-Queue Properties
      • Image List
      • Image Overview
      • Image Quick Guide
      • Import Custom Image
        • Checking Network Configuration
        • Checking Virtio Driver
        • Creating Instance Using Imported Custom Image
        • Detecting Image Using Image Detection Tool
        • Image format check
        • Image Format Conversion
        • Image Import Restrictions
        • Import Overview
        • Install cloudbase-init
        • Installing Virtio Driver
        • System Optimization Operations (Linux)
      • OS Official End of Maintenance Plan
      • Public Image Release Records
        • 2023 BCC Public Image Release Records
        • 2023 EBC Public Image Release Records
        • 2024 BCC Public Image Release Records
        • 2024 EBC Public Image Release Records
        • 2025 BCC Public Image Release Records
      • Reinstall OS
      • Share a custom image
      • Windows Image Creation
    • Instance
      • Batch Sequential Naming
      • Change Availability Zone
      • Change Charge Type
        • Postpay to Subscription
        • Subscription to Postpay
      • Change Instance Configuration
      • Create instance
        • Create Instance Navigation
        • Create Instance via Custom Image
        • Create Instance via Purchase Page
        • Create Instances with Launch Templates
        • Purchase Instance with Same Configuration
      • Cross-AZ migration
      • Functional restrictions
      • Instance Overview
      • Modify instance name
      • Postpay Instance No Charge for Stopped Instances
      • Reboot an instance
      • Reclaim instance
      • Release an instance
      • Renew an instance
      • Reset password
      • Set IAM Role
      • Sign in to instance
        • Log in to Linux Instance
          • Connect to Baidu Cloud Compute Using SmartTerm
          • Connect to Linux instance using user name-password certification
          • Log in to Linux Instance Using SSH Key on Linux or Mac
          • Log in to Linux Instance Using SSH Key via SecureCRT
          • Remotely sign in to Baidu Cloud Computer via VNC
          • Sign in to Linux instances via SSH key in Putty
          • Sign in to Linux instances via SSH key in Xshell
        • Log in to Windows Instance
          • Remotely sign in to Baidu Cloud Computer via VNC
          • Sign in to Windows instance via remote desktop
        • Login Method Overview
      • Spot instances
        • Create spot instances
        • What Is Spot Instance
      • Start an instance
      • Stop an instance
        • Elastic Baremetal Instance and Elastic High-performance Computing Cluster Instance Halt Capability Configuration Instructions
        • Stop an instance
      • View instance
    • Launch Template
    • Network
      • Bind and Unbind EIP
      • Change Internal IP
      • Change subnet
      • Change VPC
      • Configure Dual Network Interface Card External Network Access for Windows Baidu Cloud Compute
      • Configure IPv6 Address
      • Elastic network interface
        • Configure elastic network interface
        • Create elastic network interface
        • Elastic Network Interface Overview
        • Mount elastic network interface
      • Elastic RDMA Network Interface
        • Elastic RDMA Network Interface Overview
        • Instructions for use
    • Operations and Monitor
      • Cloud Assistant
        • Cloud Assistant Overview
        • Cloud Assistant Usage Notes
        • Create command
        • FAQs
        • Historical records
        • Identity and access management
        • Instance list
        • My commands
        • Public commands
        • Upload files
      • Evacuate Faulty Instance
      • Instance Health Check
      • Maintenance Platform
        • Maintenance Platform Access Instructions
        • Maintenance Platform Overview
        • Maintenance Records Query
        • Maintenance Task
        • Pre-authorization Rule Settings
      • Monitor and Alarm
      • Self-Service Diagnostic Tool
        • Application Performance Diagnostic Tool Btune
        • Self-Service Diagnostic Tool Overview
      • Use Rescue Mode
    • Reserved Instance
      • FAQ
      • Introduction to reserved instance
      • Renew reserved instances
      • Reserved Instance AZ Change
      • Reserved Instance Cross-Account Transfer
      • Reserved Instance EHC Cluster Change
      • Reserved Instance Purchase
    • Resource Assessment
    • Security
      • Identity and access management
        • Identity and access management
        • Price Permission Control
      • Key pair
        • Bind SSH Key Pair
        • Create SSH Key Pair
        • Delete SSH Key Pair
        • SSH Key Pair Overview
        • Unbind SSH Key Pair
      • Security group
        • Associate with security group
        • Copy security group
        • Create a security group
        • Delete a security group
        • Disassociate security group
        • Edit security group
        • Security group overview
    • Server Migration
      • Migration Operation Steps
      • Server Migration Operation Process
      • Server Migration Overview
    • Snapshot
      • Automatic snapshot
      • Create disk snapshot
      • Delete a snapshot
      • Rollback snapshot
      • Snapshot Overview
    • Storage
      • Overview
      • System disk expansion
    • Tag Management
      • Configure Tag
      • Tag Management Overview
      • View Resource Bill Based on Tag
  • Operations Reference
    • Linux Operations Reference
      • Baidu Cloud Compute Delete or Modify File Prompting File System Read-Only
      • CentOS 7 Install Docker
      • Configure Linux Analysis Tools atop and kdump
      • Enter Single User Mode
        • CentOS 6 Enter Single User
        • CentOS 7 Enter Single User
        • CentOS 8 Enter Single User
        • FreeBSD 11 Single User Modify Password SOP
        • opensuse42
          • 3 Enter Single User
        • Ubuntu Enter Single User
        • OpenSUSE 42_3 Enter Single User
      • How to Enable or Disable Intel CPU Vulnerability Patch in Linux Image
      • How to Handle System Boot Exception Caused by fstab Configuration
      • How to Resolve Unable to Log in to Linux BCC Instance via SSH
      • Linux BCC Instance Insufficient Space Issue Resolution
      • Linux BCC Instance Lagging Issue
      • Linux Format and Mount Instance Mount Local Disk
      • Linux Modify Default Remote Connection Port
      • Linux Server CPU and Memory Full Issue Troubleshooting
      • Linux System Install Graphical Interface and Remote Connection
        • CentOS
          • CentOS 8 Install Graphical Interface and Connect Using VNC Viewer
          • CentOS6
            • 5 Install KDE Desktop Graphical Interface and Connect Using VNC Viewer
          • CentOS7
            • 2 Install GNOME Graphical Interface and Connect Using VNC Viewer
          • Install GNOME GUI on CentOS 7_2 and Connect via VNC Viewer
          • Install GUI on CentOS 8 and Connect via VNC Viewer
          • Install KDE Desktop GUI on CentOS 6_5 and Connect via VNC Viewer
        • opensuse
          • opensuse42
            • 3 Install Graphical Interface and Connect Using VNC Viewer
          • Install GUI on OpenSUSE 42_3 and Connect via VNC Viewer
        • Ubuntu
          • Ubuntu14
            • 04 Install Graphical Interface and Connect Using VNC Viewer
          • Ubuntu18
            • 04 Install Graphical Interface and Connect Using VNC Viewer
          • Install GUI on Ubuntu 14_04 and Connect via VNC Viewer
          • Install GUI on Ubuntu 18_04 and Connect via VNC Viewer
      • Performance test
        • Linux CPU Performance Test
        • Linux Disk IO Performance Test
        • Linux Network Performance Test
      • Ubunut16_04 Subscription Extended Security Maintenance (ESM)
    • Server configuration
      • Debian 9 Software Source Configuration Update
      • Linux PIP Configuration with Baidu Source
      • Online Instance with OFED Driver Kernel Replacement Solution
      • Windows PIP Configuration with Baidu Source
    • Windows Operations Reference
      • Blue Screen Crash General Handling Method
      • Configure Multi-User Access to Windows Server
      • Connecting to Windows Server Using Xshell
      • Data Disk Not Displayed After Server Reboot
      • Desktop and Application Color Turning Black Handling Method
      • Local Playback of Sound from Windows Server
      • Performance Resources
      • Remote Connection to Windows Unable to Use Clipboard
      • System Activation
      • System Black Screen Handling Method
      • Tutorial on Disabling Windows Firewall
      • Windows Allow Single User to Connect Multiple Sessions Method
      • Windows automatic update-related configuration
      • Windows BCC Instance Achieve SID Uniqueness After Joining Domain
      • Windows BCC Instance Lagging Issue
      • Windows CPU and Memory Full Troubleshooting Steps
      • Windows Delete Hardware Reserved Memory
      • Windows Instance Disk Space Insufficient Cleanup Tutorial
      • Windows Modify Default Remote Connection Port
      • Windows Quick Login
      • Windows Server Disable IE Enhanced Security Configuration Tutorial
      • Windows Set Only Allow Local & Fixed IP Access Remote Port
      • Windows Virtual Machine Auto Login Failure Handling Method
  • Product Description
    • Application scenarios
    • Correspondence Between Original and New Model Names
    • Discontinued Instance Specifications
    • Models and Their Regions
    • Product advantages
    • Usage restrictions
    • What Is Baidu Cloud Compute BCC
    • Instance specification
  • Product pricing
    • Billing overview
    • Charge type
      • Postpay Pricing
      • Reserved instances
      • Subscription (Prepay) Pricing
      • Reserved Instance
    • Refund policy
  • Python-SDK
    • BccClient
    • Disk
    • Image
    • Initialization
    • Install the SDK Package
    • Instance
    • Overview
    • Region
    • Reserved Instance
    • Security group
    • Snapshot
    • Version Change Records
  • Python3-SDK
    • Automatic snapshot policy
    • BccClient
    • Dedicated CDS Cluster
    • Deployment group
    • Disk
    • Image
    • Initialization
    • Install the SDK Package
    • Instance
    • Key pair
    • Overview
    • Region
    • Reserved Instance
    • Security group
    • Snapshot
  • Quick Start
    • Baidu Cloud Compute Security Description
    • Quick Configuration of Linux Baidu Cloud Compute
    • Quick Configuration of Windows Baidu Cloud Compute
  • Resources
    • Baidu AI Cloud Image Service Agreement
    • Image Quick Guide
  • Service Level Agreement (SLA)
    • Baidu Intelligent Cloud Baidu Cloud Compute Trusted Cloud
    • BCC Service Level Agreement SLA (V3_0)
  • Tag Service API Reference
    • Appendix 1
    • Domain name
    • General Description
    • Interface List
      • Create tag
      • Delete tag
      • Tag List
      • View resources bound to a tag
    • Introduction
  • Transfer
    • Site Offline Migration Solution
    • Site Smooth Migration Solution
  • Typical Practices
    • Connecting to Windows Server Using Xshell
    • Environment Setup
      • Manual Deployment of SQL Server 2008 R2 Express Edition
      • One-Click Setup for Linux Palworld Server
      • One-Click Setup for Windows Palworld Server
      • Set Up FTP Service on Linux
      • Setting Up Baota on Linux
      • Setting Up Baota on Windows
      • Tutorial on Setting Up IIS and FTP on Windows
      • Typical Practice for Setting Up Access VPN
      • Installing MySQL 8_0 Using Yum on CentOS 7 yum
    • Set Up FTP Service on Linux
    • Tag Management Practice
    • Tutorial on Disabling IE Enhanced Security Configuration on Windows Server 2008
    • Tutorial on Disabling Windows Firewall
    • Website Building Tutorial
      • Building a Website Using IIS Service on Windows 2008 and Windows 2012
      • Deploy SSL Certificate on Baidu Cloud Compute - Apache
      • Deploy SSL Certificate on Baidu Cloud Compute - IIS
      • Deploy SSL Certificate on Baidu Cloud Compute - Nginx
      • Deploy SSL Certificate on Baidu Cloud Compute - Tomcat
      • Installing and Configuring Apache Environment on Windows
      • Installing and Configuring Nginx Environment on Windows
      • CentOS-7_2 LNMP Environment Deployment
      • Deploy LAMP Environment on CentOS-7_2
  • Video Zone
    • Fault handling
    • Operation guide
      • Basic Functions
      • Environment Setup
      • Network Related
      • Operations Reference
      • Paasword Function
    • Operation guide
    • Product introduction
  • Document center
  • arrow
  • BCCBCC
  • arrow
  • Typical Practices
  • arrow
  • Set Up FTP Service on Linux
Table of contents on this page
  • Set up an FTP service on Centos
  • Step 1: Install vsftpd
  • Step 2: Configure vsftpd.
  • Method 1: Configure file upload permissions for anonymous users.
  • Method 2: Configure local user login
  • Step 3: Set security group
  • Step 4: Client testing
  • Set up an FTP service on ubuntu
  • Step 1: Install vsftpd
  • Step 2: Configure vsftpd.
  • Step 3: Set security group
  • Step 4: Client testing

Set Up FTP Service on Linux

Updated at:2025-10-20

Set up an FTP service on Centos

This tutorial takes the Baidu AI Cloud public images for CentOS 6.5 and CentOS 7.5 64-bit OSs as examples to explain how to install and configure vsftpd on a Linux instance.

  • Step 1: Install vsftpd.

  • Step 2: Configure vsftpd.

    • Method 1: Set up file upload permissions for anonymous users.
    • Method 2: Configure login access for local users.
  • Step 3: Configure the security group.
  • Step 4: Perform client testing.

Step 1: Install vsftpd

  1. Connect remotely and log in to the Linux instance.
  2. Use the command yum install -y vsftpd to install vsftpd.

  3. Execute the following commands to navigate to the /etc/vsftpd directory and list the files in this directory.

    cd /etc/vsftpd ls

image.png

Note:

  • The /etc/vsftpd/vsftpd.conf file serves as the main configuration file for vsftpd.
  • The /etc/vsftpd/user_list file acts as an allowlist. Users listed here are permitted to access the FTP server.
  • The /etc/vsftpd/ftpusers file functions as a blocklist. Users in this file are denied access to the FTP server.
  1. Execute the following commands to configure the FTP service to automatically start at system boot.

Centos6.5: chkconfig vsftpd on

Centos7.5: systemctl enable vsftpd.service

  1. Run the following commands to start the FTP service.

Centos6.5:/etc/init.d/vsftpd start

Centos7.5:systemctl start vsftpd.service

  1. Use the following commands to check the network ports the FTP service is listening on.

netstat -antup | grep ftp

Step 2: Configure vsftpd.

By default, after installation, vsftpd allows anonymous access to the FTP server. With anonymous access, users can log in to the FTP server without providing a username or password; however, they won't have permissions to modify or upload files.

This tutorial introduces two methods for configuring vsftpd and provides relevant parameter explanations for reference based on specific requirements.

  • Configure file upload permissions for anonymous users
  • Configure local user login

Method 1: Configure file upload permissions for anonymous users.

Anonymous FTP server access is an insecure mode that allows anyone to log in without password verification. It is typically used only for storing unimportant public files and is not recommended for production environments. If you need to configure permissions for anonymous users to upload files, follow these configuration steps:

  1. Modify /etc/vsftpd/vsftpd.conf.
    a. Run vim /etc/vsftpd/vsftpd.conf.
    b. Press the i button to enter edit mode.
    c. Modify the write permission to write_enable=YES.
    d. Modify the anonymous upload permission to anon_upload_enable=YES.
    e. Press the Esc key to exit edit mode, and then enter :wq to save and exit the file.

image.png

  1. Execute the following commands to modify the permissions of the /var/ftp/pub directory, grant write access to FTP users, and reload the configuration file.

Centos6.5:

Plain Text 
1chmod o+w /var/ftp/pub/
2/etc/init.d/vsftpd restart

image.png

CentOS7.5:

Plain Text 
1chmod o+w /var/ftp/pub/
2systemctl restart vsftpd.service

image.png

At this point, testing with FileZilla shows that normal connection to the FTP server can be achieved without requiring the account password (under anonymous access)

image.png

Method 2: Configure local user login

Local user login allows users to sign in to the FTP server using their Linux OS account and password.

By default, after installation, vsftpd supports only anonymous access to the FTP server. If you try to log in using a Linux OS account, the vsftpd service will deny access. Follow these steps to configure the vsftpd service to allow access using a Linux account and password.

  1. Execute the following command to create a Linux user for the FTP service, for example, a user named ftpbaidu.

useradd ftpbaidu

image.png

  1. Use the following command to set a password for the ftptest user.

passwd ftpbaidu

  1. Create a directory for use by the FTP service.

mkdir /var/ftp/baidu

  1. Change the owner of the /var/ftp/baidu directory to ftpbaidu.

chown -R ftpbaidu:ftpbaidu /var/ftp/baidu

  1. Execute the command vim /etc/vsftpd/vsftpd.conf to open the vsftpd.conf configuration file, and press the i key to enter edit mode.
  2. Update the vsftpd.conf configuration file as needed.

The FTP server can operate in either active mode or passive mode.

In the active mode, the client sends data port information to the server, and the server actively connects to the data port specified by the client for data transmission. The parameters for configuring FTP in active mode are as follows:

Plain Text 
1# Disable anonymous login to the FTP server
2anonymous_enable=NO
3 # Allow local users to sign in to the FTP server
4local_enable=YES
5 # Set the directory where local users will be located after login
6local_root=/var/ftp/baidu
7 # Limit all users to their home directories
8chroot_local_user=YES
9 # Enable an exception user list
10chroot_list_enable=YES
11 # Specify the exception user list; these users are not restricted to their home directories
12chroot_list_file=/etc/vsftpd/chroot_list
13
14 # Configure other parameters
15allow_writeable_chroot=YES
16local_umask=022
17dirmessage_enable=YES
18xferlog_enable=YES
19connect_from_port_20=YES
20xferlog_std_format=YES
21listen=YES
22pam_service_name=vsftpd
23userlist_enable=YES
24tcp_wrappers=YES

(1) Press the Esc key to leave edit mode, then enter :wq to save and close the file.

(2) Use the touch /etc/vsftpd/chroot_list command to create the chroot_list file and add the list of exception users who are not restricted to their home directories.

Note: The chroot_list file must exist even if there are no exception users; it can be empty.

(3) Press the Esc key to leave edit mode, then enter :wq to save and close the file.

(4) Execute the following command to restart the vsftpd service: /etc/init.d/vsftpd restart

This concludes the configuration for active mode.

In the passive mode, the server opens and sends data port information to the client, and the client connects to the data port opened by the server, which passively accepts the connection. In the passive mode, you need to configure the range of data ports that the server can open. The parameters for configuring FTP in passive mode are as follows:

Plain Text 
1# Disable anonymous login to the FTP server
2anonymous_enable=NO
3 # Allow local users to sign in to the FTP server
4local_enable=YES
5 # Set the directory where local users will be located after login
6local_root=/var/ftp/baidu
7 # Limit all users to their home directories
8chroot_local_user=YES
9 # Enable an exception user list
10chroot_list_enable=YES
11 # Specify the exception user list; these users are not restricted to their home directories
12chroot_list_file=/etc/vsftpd/chroot_list
13 # Enable passive mode
14pasv_enable=YES
15 # Public IP address of the FTP server
16 pasv_address=<Public IP address of the FTP server>
17 # Set the minimum value of the port range that can be used for data transmission in the passive mode
18pasv_min_port=50000
19 # Set the maximum value of the port range that can be used for data transmission in the passive mode
20pasv_max_port=50010
21 # Configure other parameters
22local_umask=022
23dirmessage_enable=YES
24xferlog_enable=YES
25xferlog_std_format=YES
26tcp_wrappers=YES
27allow_writeable_chroot=YES
28listen=YES
29listen_ipv6=NO
30pam_service_name=vsftpd
31userlist_enable=YES

Note: It is recommended to configure the port range in higher values, such as 50,000–50,010, to enhance the security of FTP server access.

(1) Press the Esc key to leave edit mode, then enter :wq to save and close the file.

(2) Use the touch /etc/vsftpd/chroot_list command to create the chroot_list file and add the list of exception users who are not restricted to their home directories.

Note: The chroot_list file must exist even if there are no exception users; it can be empty.

(3) Press the Esc key to leave edit mode, then enter :wq to save and close the file.

(4) Execute the following command to restart the vsftpd service: /etc/init.d/vsftpd restart

This concludes the configuration for passive mode.

Parameter description for the vsftpd.conf configuration file

Use the command cat /etc/vsftpd/vsftpd.conf to inspect the contents of the configuration file.

User login control:

Parameters Description
anonymous_enable=YES Accept anonymous users
no_anon_password=YES Do not ask for a password when anonymous users sign in
anon_root=(none) Home directory for anonymous users
local_enable=YES Accept local users
local_root=(none) Home directory for local users

User permission control:

Parameters Description
write_enable=YES Upload is possible (global control)
local_umask=022 umask for file uploads by local users
file_open_mode=0666 File upload permissions are used in conjunction with umask
anon_upload_enable=NO Anonymous users can upload files
anon_mkdir_write_enable=NO Anonymous users can create directories
anon_other_write_enable=NO Anonymous users can modify and delete files
chown_username=lightwiter Username for files uploaded by anonymous users

Step 3: Set security group

After setting up the FTP site, add inbound security group rules to allow the following FTP ports.

For FTP in active mode: Port 21.
For FTP in passive mode: Port 21, as well as all ports between the parameters pasv_min_port and pasv_max_port in the configuration file /etc/vsftpd/vsftpd.conf.

For specific steps on adding security group rules, please refer to [Add Security Group Rules](BCC/Operation guide/Security/Security group/Edit security group.md).

Step 4: Client testing

You can test access to the FTP server with an FTP client or a browser. This tutorial takes the FileZilla tool as an example:

image.png

Set up an FTP service on ubuntu

This tutorial uses the Baidu AI Cloud public image of Ubuntu 14.01 64-bit OS as an example to demonstrate how to install and configure vsftpd on a Linux instance.

  • Step 1: Install vsftpd

  • Step 2: Configure vsftpd.

    • Method 1: Configure file upload permissions for anonymous users.
    • Method 2: Configure local user login
  • Step 3: Set security group
  • Step 4: Client testing

Step 1: Install vsftpd

  1. Connect remotely and log in to the Linux instance.

Run the command sudo apt-get install vsftpd -y to install vsftpd.

image.png

  1. After installation, VSFTPD will start automatically and enable automatic startup at boot by default. You can see that the system is listening through the netstat command.

image.png

Step 2: Configure vsftpd.

vsftp can be divided into anonymous mode (no account credentials required for login) and local user mode

This tutorial introduces two methods for configuring vsftpd and provides relevant parameter explanations for reference based on specific requirements.

  • Anonymous mode
  • Local user mode

Method 1: Configure file upload permissions for anonymous users

Anonymous access to an FTP server is an insecure method that lets anyone log in without a password. This mode is typically used for storing unimportant public files and is not recommended for production environments. If you must allow anonymous users to upload and download files, follow these configuration steps:

  1. Execute the command: vim /etc/vsftpd.conf

image.png

a. Press the i button to enter edit mode. b. Modify the write permission to write_enable=YES. c. Modify the anonymous upload permission to anon_upload_enable=YES. d. Modify whether to allow anonymous login to anonymous_enable=YES e. Press the Esc key to exit edit mode, and then enter :wq to save and exit the file.

image.png

Create an FTP subdirectory.

Execute the command: sudo mkdir /srv/ftp/upload
The default root directory for the FTP set up on Ubuntu is /srv/ftp/, but anonymous users are not allowed to upload files to the root directory by default, so a subdirectory must be created for uploads.

image.png

Set the permissions of this directory to 755 and assign the appropriate group.

Execute the command: sudo chown root:ftp /srv/ftp/upload
Then execute: sudo chmod 755 /srv/ftp/upload

Restart the service to apply the changes.

Execute the command: sudo service vsftpd restart

Test the connection to ensure file uploads and downloads are functioning properly.

image.png

Method 2: Configure local user login

Local user login allows users to sign in to the FTP server using their Linux OS account and password.

Follow these steps to configure the vsftpd service for FTP server access using a Linux account and password.

  1. Execute the following command to create a Linux user for the FTP service, for example, a user named ftpbaidu.

sudo useradd ftpbaidu

image.png

  1. Use the following command to set a password for the ftptest user.

sudo passwd ftpbaidu

Run the commands below to create a file directory for the FTP service.

sudo mkdir /srv/ftp/baidu

Run the commands below to change the ownership of the /srv/ftp/baidu directory to ftpbaidu.

sudo chown -R ftpbaidu:ftpbaidu /srv/ftp/baidu

Enter the command vim /etc/vsftpd.conf to open the vsftpd.conf configuration file, then press i to switch to edit mode.

  1. Update the vsftpd.conf configuration file as needed.

The FTP server can operate in either active mode or passive mode.

Configure active mode: In the active mode, the client sends data port information to the server, and the server actively connects to the data port specified by the client for data transmission. The parameters for configuring FTP in active mode are as follows:

Plain Text 
1# Disable anonymous login to the FTP server
2anonymous_enable=NO
3 # Allow local users to sign in to the FTP server
4local_enable=YES
5 # Set the directory where local users will be located after login
6local_root=/var/ftp/baidu
7 # Limit all users to their home directories
8chroot_local_user=YES
9 # Enable an exception user list
10chroot_list_enable=YES
11 # Specify the exception user list; these users are not restricted to their home directories
12 chroot_list_file=/etc/chroot_list # Writable permission for home directory allow_writeable_chroot=YES
13 # Configure other parameters
14allow_writeable_chroot=YES
15local_umask=022
16dirmessage_enable=YES
17xferlog_enable=YES
18connect_from_port_20=YES
19xferlog_std_format=YES
20listen=YES
21pam_service_name=vsftpd
22userlist_enable=YES
23tcp_wrappers=YES

(1) Press the Esc key to exit edit mode, and then press key :wq to save and exit the file. (2) Run the touch /etc/chroot_list command to create the chroot_list file and write the list of exception users who are not restricted to accessing only their home directories. Note: The chroot_list file must exist even if there are no exception users; it can be empty

(3) Press the Esc key to leave edit mode, then enter :wq to save and close the file.

Run the command sudo service vsftpd restart to restart the vsftpd service.

The above is the configuration method for active mode

Configure passive mode, In the passive mode, the server opens and sends data port information to the client, and the client connects to the data port opened by the server, which passively accepts the connection. In the passive mode, you need to configure the range of data ports that the server can open. The parameters for configuring FTP in passive mode are as follows:

Plain Text 
1# Disable anonymous login to the FTP server
2anonymous_enable=NO
3 # Allow local users to sign in to the FTP server
4local_enable=YES
5 # Set the directory where local users will be located after login
6local_root=/var/ftp/baidu
7 # Limit all users to their home directories
8chroot_local_user=YES
9 # Enable an exception user list
10chroot_list_enable=YES
11 # Specify the exception user list; these users are not restricted to their home directories
12chroot_list_file=/etc/chroot_list
13 # Enable passive mode
14pasv_enable=YES
15 # Public IP address of the FTP server
16 pasv_address=<Public IP address of the FTP server>
17 # Set the minimum value of the port range that can be used for data transmission in the passive mode
18pasv_min_port=50000
19 # Set the maximum value of the port range that can be used for data transmission in passive mode pasv_max_port=50010 # Writable permission for home directory allow_writeable_chroot=YES
20pasv_max_port=50010
21 # Configure other parameters
22local_umask=022
23dirmessage_enable=YES
24xferlog_enable=YES
25xferlog_std_format=YES
26tcp_wrappers=YES
27allow_writeable_chroot=YES
28listen=YES
29listen_ipv6=NO
30pam_service_name=vsftpd
31userlist_enable=YES

Note: It is recommended to configure the port range in higher values, such as 50,000–50,010, to enhance the security of FTP server access.

(1) Press the Esc key to exit edit mode, and then press key :wq to save and exit the file.
(2) Run the touch /etc/chroot_list command to create the chroot_list file and write the list of exception users who are not restricted to accessing only their home directories. Note: The chroot_list file must exist even if there are no exception users; it can be empty
(3) Press the Esc key to exit edit mode, and then press key :wq to save and exit the file.
(4) Run the following command to restart the vsftpd service. sudu service vsftpd restart

The above is the configuration method for passive mode

Parameter description for the vsftpd.conf configuration file

Run the command cat /etc/vsftpd.conf to view the contents of the configuration file.

User login control:

Parameters Description
anonymous_enable=YES Accept anonymous users
no_anon_password=YES Do not ask for a password when anonymous users sign in
anon_root=(none) Home directory for anonymous users
local_enable=YES Accept local users
local_root=(none) Home directory for local users

User permission control:

Parameters Description
write_enable=YES Upload is possible (global control)
local_umask=022 umask for file uploads by local users
file_open_mode=0666 File upload permissions are used in conjunction with umask
anon_upload_enable=NO Anonymous users can upload files
anon_mkdir_write_enable=NO Anonymous users can create directories
anon_other_write_enable=NO Anonymous users can modify and delete files
chown_username=lightwiter Username for files uploaded by anonymous users

Step 3: Set security group

After setting up the FTP site, add inbound security group rules to allow the following FTP ports.

  • For FTP in active mode: Use Port 21.
  • For FTP in passive mode: Use Port 21 as well as all ports defined between the parameters pasv_min_port and pasv_max_port in the /etc/vsftpd.conf configuration file.

Step 4: Client testing

You can test FTP server access using an FTP client or a browser. This tutorial uses the FileZilla tool as an example:

image.png

Previous
Environment Setup
Next
Tag Management Practice