How to Install VSFTPD on AlmaLinux 8

Very Secure FTP Daemon (VSFTPD) is an FTP daemon that establishes a secure connection to FTP Server by creating a secure tunnel that encrypts data flow to and from FTP Server.It has been available for many years now. This protects files being uploaded or downloaded from hackers thus enforcing end-to-end encryption between the user and FTP Server.

Installing VSFTPD

To enable FTP on your VPS, you will first need to install the VSFTPD package with the following command.

dnf install vsftpd -y

Once the installation is complete, We start the vsftpd service and enable it to start automatically at system boot.

systemctl start vsftpd
systemctl enable vsftpd

Output:

[root@my ~]# systemctl start vsftpd
[root@my ~]# systemctl enable vsftpd
Created symlink /etc/systemd/system/multi-user.target.wants/vsftpd.service → /usr/lib/systemd/system/vsftpd.service.

Next, We open the FTP port on the system firewall to allow access to the FTP service from external systems.

firewall-cmd --add-service=ftp --permanent --zone=public

firewall-cmd --reload

Output:

[root@my ~]# firewall-cmd --add-service=ftp --permanent --zone=public
success
[root@my ~]# firewall-cmd --reload
success

However, if you see the following error when applying any rules from the firewalld command,

Error: COMMAND_FAILED: 'python-nftables' failed: internal:0:0-0: Error: Could not process rule: Invalid argument

Creating an FTP user

Creating an FTP user and create a password for that user.

First, We add the user,

adduser test

Next, we setup a password for the user,

passwd test

Output:

[root@server ~]# adduser test
[root@server ~]# passwd test
Changing password for user test.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

Testing the FTP connection

Finally test FTP connection using FileZilla or WinSCP Client softwares.

Input your Server's IP or Hostname in the Host Field, Name of the FTP user created earlier in the Username Field and finally your Password.

If you have configured a different port for this, you wil have to mention in it in the Port Field.

image


Debugging COMMAND FAILED Error

You can resolve it by switching the firewall backend from nftables to iptables. Follow the steps below:

Open the firewall configuration file using the following command:

vi /etc/firewalld/firewalld.conf

In the configuration file, locate the line:

FirewallBackend=nftables

and change it to:

FirewallBackend=iptables

Save the changes and exit the text editor.

Restart the firewalld service:

systemctl restart firewalld

Now, the firewall backend should be switched to iptables, and you should be able to reload the firewall without encountering the previous error.

firewall-cmd --reload