BestHub
Sign in
Operations 36 min read

Master Linux File Sharing: Configure FTP, Samba, NFS & iSCSI Step‑by‑Step

This guide walks you through configuring Linux file‑sharing services—including VSFTPD for FTP, Samba for SMB/CIFS, NFS for network file systems, and iSCSI for block‑level storage—covering installation, security options, client access, and automatic mounting.

Raymond Ops
Raymond Ops
Raymond Ops
Master Linux File Sharing: Configure FTP, Samba, NFS & iSCSI Step‑by‑Step

VSFTP File Transfer

FTP (File Transfer Protocol) transfers files in clear text. VSFTPD is a hardened FTP server for Linux with better security. Its key features include running as a normal user, chroot support, and integrated command set. VSFTPD uses a control connection on TCP port 21 and a data connection on TCP port 20, with active and passive modes.

Configure Anonymous FTP Server

<code>anonymous_enable=YES
anon_umask=022
anon_root=/var/ftp
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_max_rate=0</code>

1. Install VSFTPD:

yum install -y vsftpd

2. Edit

/etc/vsftpd/vsftpd.conf

and add the above parameters (remove leading

#

comments).

3. Start and enable the service:

systemctl start vsftpd && systemctl enable vsftpd

Configure Local‑User FTP Server

<code>local_enable=YES
write_enable=YES
local_umask=022
local_root=/var/ftp
chroot_local_user=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES</code>

After installing VSFTPD, edit the same configuration file with the above settings, create a system user (e.g.,

useradd -s /sbin/nologin -d /ghost lyshark

), set a password, and restart the service.

Configure Mixed Anonymous & Local FTP

<code>pasv_enable=YES
pasv_min_port=10000
pasv_max_port=15000
anonymous_enable=YES
anon_umask=022
anon_root=/var/ftp
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
local_enable=YES
local_root=/ghost
chroot_local_user=YES
write_enable=YES
listen=YES
listen_port=21
pam_service_name=vsftpd.pam
user_config_dir=/etc/vsftpd_user_conf</code>

Follow the same install and restart steps.

OpenSSL‑Encrypted FTP

Generate a self‑signed certificate:

<code>openssl req -new -x509 -nodes -out vsftpd.pem -keyout vsftpd.pem</code>

Copy the certificate to

/etc/ssl/certs/

and set restrictive permissions, then add to

/etc/vsftpd/vsftpd.conf

:

<code>ssl_enable=YES
ssl_tlsv1=YES
ssl_sslv2=YES
ssl_sslv3=YES
allow_anon_ssl=YES
force_anon_logins_ssl=YES
force_anon_data_ssl=YES
force_local_logins_ssl=YES
force_local_data_ssl=YES
rsa_cert_file=/etc/ssl/certs/vsftpd.pem</code>

Restart VSFTPD.

Samba File Sharing

Samba provides SMB/CIFS sharing for Windows and Linux. It supports anonymous and password‑protected shares.

Anonymous Samba Share

<code># yum install -y samba samba-client
mkdir /smb_file
chmod 755 /smb_file
vim /etc/samba/smb.conf

[global]
   workgroup = SAMBA
   security = user
   map to guest = Bad User

[smb_file]
   comment = hello guest
   path = /smb_file
   browseable = yes
   guest ok = yes
   writable = yes
   public = yes</code>

Restart and enable the service:

<code>systemctl restart smb
systemctl enable smb</code>

Password‑Protected Samba Share

<code># yum install -y samba samba-client
mkdir /smb_file
chmod 755 /smb_file
vim /etc/samba/smb.conf

[global]
   workgroup = SAMBA
   security = user
   map to guest = Bad User

[smb_file]
   comment = hello admin
   path = /smb_file
   browseable = yes
   guest ok = no
   writable = yes</code>

Create system users and add them to Samba:

<code>useradd -M -s /sbin/nologin admin
smbpasswd -a admin
useradd -M -s /sbin/nologin guest
pdbedit -a guest</code>

Restart and enable the service again.

Linux Samba Client

<code># yum install -y samba-client
smbclient -L //SERVER_IP   # list shares
smbclient //SERVER_IP/smb_file   # access share</code>

Windows Samba Client

Open CMD and run

\SERVER_IP\smb_file

, then use

net use * /del

to clear cached connections.

NFS File Sharing

NFS (Network File System) allows Unix‑like systems to share directories over the network. Versions 2, 3, and 4 differ in features; RHEL 7 defaults to v4.

Server Setup

<code># firewall-cmd --add-service=nfs --permanent
# firewall-cmd --add-service=mountd --permanent
# firewall-cmd --add-service=rpc-bind --permanent
# yum install -y rpcbind nfs-utils*
mkdir -p /public
chmod o+rw /public
chcon -R -t public_content_t /public
vim /etc/exports

/public 192.168.1.0/24(rw,sync)</code>

Restart and enable services:

<code>systemctl restart nfs
systemctl restart rpcbind
systemctl enable nfs
systemctl enable rpcbind
systemctl restart nfs-server
systemctl enable nfs-server</code>

Client Mount

<code># yum install -y rpcbind nfs-utils*
mkdir -p /mnt/nfsmount
chcon -R -t public_content_t /mnt/nfsmount
mount -t nfs -o rw,sync 192.168.1.5:/public /mnt/nfsmount</code>

Useful commands:

nfsstat

– show NFS client/server statistics

rpcinfo

– display RPC program information

showmount

– list exported NFS shares

exportfs

– re‑export or unexport directories without restarting NFS

To make mounts persistent, add to

/etc/fstab

:

<code>192.168.1.1:/public /mnt/nfsmount nfs defaults 0 0</code>

iSCSI Disk Sharing

iSCSI presents block devices over IP networks.

Server Configuration

<code># yum install -y targetd targetcli
systemctl restart targetd
systemctl enable targetd

# In targetcli
/backstores/block/create disk0 /dev/sdb   # create backstore
/iscsi/create                               # create target
/iscsi/iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.8c7dcc63aea8/tpg1/luns/create /backstores/block/disk0
/iscsi/iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.8c7dcc63aea8/tpg1/acls/create iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.8c7dcc63aea8:client
/iscsi/iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.8c7dcc63aea8/tpg1/portals/delete 0.0.0.0 3260
/iscsi/iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.8c7dcc63aea8/tpg1/portals/create 192.168.1.20
exit</code>

Save configuration (auto‑save on exit is enabled by default).

Client Configuration

<code># yum install -y iscsi-initiator-utils iscsi-initiator-utils-iscsiuio
vim /etc/iscsi/initiatorname.iscsi   # set InitiatorName to match ACL
systemctl restart iscsid
systemctl enable iscsid
iscsiadm -m discovery -t st -p 192.168.1.20
iscsiadm -m node -T iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.8c7dcc63aea8 -p 192.168.1.20 --login</code>

After login, the remote disk appears as

/dev/sdb

. Format and mount it:

<code>mkfs.xfs /dev/sdb
mkdir /network-disk
mount /dev/sdb /network-disk</code>

To mount automatically, add to

/etc/fstab

using the UUID of the iSCSI device and the

_netdev

option:

<code>UUID=ff233cc4-2255-4973-a686-9d394384faf6 /network-disk xfs defaults,_netdev 0 0</code>

Windows iSCSI initiator can connect using the same target name (append

:client

to the IQN) and the server IP.

LinuxSystem AdministrationNFSiSCSIFTPFile SharingSamba
Raymond Ops
Written by

Raymond Ops

Linux ops automation, cloud-native, Kubernetes, SRE, DevOps, Python, Golang and related tech discussions.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment