FTP_Manager : A Simple Script To Install And Manage FTP Server In CentOS

ftp_manager

Today, I have stumbled upon a script called FTP_Manager, created by a fellow Linux user Mr.Janakiram Suragani. This script can be used by budding Linux system administrators to easily install and manage a FTP server in RHEL, CentOS and Scientific Linux. Using this script, You can install ftp server, create, delete, edit, manage FTP users via a simple command line interface.

Let us see how to install and manage FTP server in CentOS. The same steps should work on RHEL, Fedora and Scientific Linux too.

Install And Manage FTP Server In CentOS using FTP_Manager

In order to use this script, you need to disable firewall and SELinux.

To stop the firewall, run the following commands on CentOS 7:

systemctl stop firewalld
systemctl disable firewalld

On CentOS 6 and lower versions, run:

service iptables stop
chkconfig iptables off

To disable SELinux, edit the /etc/sysconfig/selinux file:

vi /etc/sysconfig/selinux

Find the line “SELINUX=enforcing” and change it to “SELINUX=disabled”.

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

Save and close the file. Reboot your system to take effect the changes.

Check if firewall is turned off using command on CentOS 7:

systemctl status firewalld

Sample output:

● firewalld.service - firewalld - dynamic firewall daemon
 Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
 Active: inactive (dead)

On CentOS 6:

service iptables status

And, check SELinux is disabled with command:

sestatus

Sample output:

SELinux status: disabled

Note: Since it is not recommended to turn off the security mechanisms, I recommend the author to find any workaround to use this script with SELinux and IPTables enabled.

Once you disabled both services, download this script from the link below.

Or, run the following command to download it in your current working directory.

wget https://github.com/suraganijanakiram/FTP_Manager_centos/archive/master.zip

Extract the zip using command:

unzip master.zip

Go to the extracted folder and make this script executable as shown below.

cd FTP_Manager_centos-master/
chmod +x ftp_manager.sh

Then, run the following command to execute this script:

./ftp_manager.sh

Oops, I got this error.

-bash: ./ftp_manager.sh: /bin/bash^M: bad interpreter: No such file or directory

It looks like there is a dos line ending in the script file. The clue is the ^M. To fix this, open the script in vi or vim editor, and type the following line:

:set fileformat=unix

And then, type the following to save the file.

:wq!

Again, run the script as shown below. This time it should work. I suggest the author to fix this as well.

./ftp_manager.sh

This script will display the following list of options.

1 : To install vsftpd package and configure

2 : To add user

3 : To chroot(Restrict ftp user to his home directory) existing user

4 : To remove chroot(Restrict ftp user to his home directory) for user

5 : To delete user

6 : To see the FTP Login details

7 : To see the Failed FTP Login details

8 : To see the UPLOAD (or) EDIT and DOWNLOAD FTP activity log

9 : To see the DELETE FTP activity log

Q : Exit

Just ENTER the number, and the respective action will start immediately.

Say for example, to install and configure vsftpd package, type 1. vsftpd package will be installed and configured automatically.

This will install vsftpd package and start the vsftpd service. You won’t see anything. Everything will be done in the background. Once it’s done, then the mouse pointer will show up again in the “enter the option number:” prompt.

Next, Let us add a ftp user. To do so, type number 2. It will ask you the confirmation. Type Yes to continue. Enter the ftp username and it will automatically generate a password for the ftp user. Then, It will again ask whether you want to chroot the ftp user. Type Yes if you want to or type No if you don’t want to.

Similarly, you can create any number of ftp users you want. Once you created all users, type No to return back to the main wizard.

Once you created ftp users, try to login either from command line or web browser or any ftp graphical user client tools such as Filezilla.

FTP login via browser:

FTP login using FileZilla:

All options in the this script are self-explanatory. For example, to view the ftp login details, type 6 and hit ENTER. It will display respective details.

Similarly, you can check the other options by entering the assigned numbers.

For any inquiries, check the official GitHub page or contact the script developer via mail – suraganijanakiram@gmail.com

Conclusion

As far as I observed, this script is very basic and needs to be improved to use it in production environment. Since the author of this script advised us to disable SELinux and IPtables, which is not recommended, I think it is not opt for production and mission critical environments. However, you can use it in your local testing and development environment to share, copy files and folders.

I will be here soon with another interesting articles. Until then, stay tuned with OSTechNix.

Happy weekend!

Cheers!!

Resource:

Thanks for stopping by!

How can I benefit from this blog:

Have a Good day!!

You may also like...

  • Mace Moneta

    Instead of FTP, use ssh’s SFTP. You probably already have sshd installed for remote access, and it works with the firewall and SELinux. Best of all, it uses encrypted communications and strong authentication (e.g. key-only with passphrase).

  • Chris R

    The archive should be properly packaged for Linux (not DOS), but you can still use the ‘-a’ option to unzip to prevent the issue with the EOL formating.

    A little bit of research on VSFTP & SeLinux yields the magic incantation to allow the two to work together (gleaned from RedHats site)

    setsebool -P ftp_home_dir=1

    For the issue with the firewalld|iptables allowing the in-bound connections, another pair of simple research inquires yielded simple additions to either firewalld or iptables configuration files.

    No-one should be using a non-secured FTP server these days, so it should also include configuration for FTP w/TLS(SSL) at the very least, and possibly FTP over SSH (although SFTP has its own configuration issues with data transfer logging).