ftp as well as sftp (vsftpd)

Posted: 2014/07/08 20:19:55
by craig
I have a requirement to run both ftp and sftp on a single server.
New install of CentOS 7 allowed me to install and have a working sftp server running in no time :-) I used the options during setup to install an FTP server, which I believe is vsftp. I can connect both locally on the box and remotely via sftp without issue.

My issue is trying to get ftp access at the same time. I've got to the point where after a reboot ftp doesn't initially work, but it I take the following 3 steps it will work for that session only, but not persist;
service firewalld stop
service vsftpd restart
service firewalld start
Following this, ftp seems to work just fine, as well as ftp.

Steps taken after install of OS;
setsebool -P allow_ftpd_full_access 1
firewall-cmd --permanent --zone=public --add-port=21/tcp

port 22 shows as listening on ip4 & 6
port 21 shows as listening on ip6 after the steps mentioned, but seems to work just fine via ip4.

Any advice would be greatfully received.

Posted: 2014/07/08 21:18:08
by gerald_clark
Vsftpd is NOT sftp it is ftps.
Sftp is part of openssh. See the /etc/ssh/sshd_config.

Posted: 2014/07/08 21:25:49
by TrevorH
I suspect that you want to run

firewall-cmd --permanent --zone=public --add-service=ftp
If you enable the service then it will load nf_conntrack_ftp for you which handles the other dynamic ports other than 21.

Posted: 2014/07/08 21:43:45
by craig
Trevor, all sorted, many thanks!!

Gerald, many thanks for the clarification. I'll hope over to look through the options, but thankfully this bit looks ok.

Great forum! :D