BestHub
Sign in
Operations 6 min read

How to Install and Secure vsftpd with Anonymous and Virtual Users on Linux

This guide walks you through installing vsftpd, configuring anonymous access, enabling uploads, setting up virtual users with a PAM‑backed database, adjusting security settings, and troubleshooting common FTP issues on a Linux server.

MaGe Linux Operations
MaGe Linux Operations
MaGe Linux Operations
How to Install and Secure vsftpd with Anonymous and Virtual Users on Linux

Install vsftpd

Before starting, disable SELinux and stop the firewalld firewall. yum -y install vsftpd Start and enable the service:

systemctl restart vsftpd
systemctl enable vsftpd

Verify that the service is running and listening on port 21:

ps -ef | grep vsftp && netstat -tunlp | grep 21

Test with a Windows FTP client

Connect anonymously to ftp://192.168.118.172/. By default you can only download files.

Enable anonymous uploads

Edit /etc/vsftpd/vsftpd.conf and set:

anon_upload_enable=YES
anon_mkdir_write_enable=YES

Restart the service and give the FTP directory proper ownership:

systemctl restart vsftpd
chown -R ftp /var/ftp/pub

Configure virtual users

Create a system account that will be used by all virtual users (no SSH login): useradd vsftpd -d /home/vsftpd -s /bin/false Create a home directory for a virtual user (example: ftp1): mkdir -p /home/vsftpd/ftp1 Add the virtual user and password to /etc/vsftpd/loginusers.conf:

ftp1
123456

Create a Berkeley DB file from the list and secure it:

db_load -T -t hash -f /etc/vsftpd/loginusers.conf /etc/vsftpd/loginusers.db
chmod 600 /etc/vsftpd/loginusers.db

Configure PAM to use the DB file (edit /etc/pam.d/vsftpd):

auth    sufficient   pam_userdb.so db=/etc/vsftpd/loginusers
account sufficient   pam_userdb.so db=/etc/vsftpd/loginusers

Create a per‑user configuration directory and a file for the virtual user:

mkdir -p /etc/vsftpd/userconf
vim /etc/vsftpd/userconf/ftp1
# inside the file:
local_root=/home/vsftpd/ftp1/
write_enable=YES

Update the main vsftpd configuration ( /etc/vsftpd/vsftpd.conf) with the following relevant options:

anonymous_enable=NO
chroot_local_user=YES
ascii_upload_enable=YES
ascii_download_enable=YES
guest_enable=YES
guest_username=vsftpd
user_config_dir=/etc/vsftpd/userconf
allow_writeable_chroot=YES

Restart the service to apply all changes:

systemctl restart vsftpd

Verify virtual user access

Log in with the username ftp1 and password 123456; you should be able to upload and download files within the designated directory.

Common troubleshooting

Slow FTP transfers: comment out all lines in /etc/resolv.conf.

Windows cannot open the folder: ensure the path is correct and the user has proper permissions.

Reference for further debugging: https://jingyan.baidu.com/article/b7001fe1829deb0e7282ddb7.html

Completion

After completing the steps above, the vsftpd server is fully operational with both anonymous upload capability and secure virtual‑user authentication.

SecurityVirtual UsersvsftpdFTP server
MaGe Linux Operations
Written by

MaGe Linux Operations

Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment