15.5. vsftpd Configuration Options

Although vsftpd may not offer the level of customization other widely available FTP servers have, it offers enough options to fill most administrator's needs. The fact that it is not overly feature-laden limits configuration and programmatic errors.
All configuration of vsftpd is handled by its configuration file, /etc/vsftpd/vsftpd.conf. Each directive is on its own line within the file and follows the following format:
<directive>=<value>
For each directive, replace <directive> with a valid directive and <value> with a valid value.

Important

There must not be any spaces between the <directive>, equal symbol, and the <value> in a directive.
Comment lines must be preceded by a hash mark (#) and are ignored by the daemon.
For a complete list of all directives available, refer to the man page for vsftpd.conf.

Important

For an overview of ways to secure vsftpd, refer to the chapter titled Server Security in the Security Guide.
The following is a list of some of the more important directives within /etc/vsftpd/vsftpd.conf. All directives not explicitly found within vsftpd's configuration file are set to their default value.

15.5.1. Daemon Options

The following is a list of directives which control the overall behavior of the vsftpd daemon.
  • listen — When enabled, vsftpd runs in stand-alone mode. Red Hat Enterprise Linux sets this value to YES. This directive cannot be used in conjunction with the listen_ipv6 directive.
    The default value is NO.
  • listen_ipv6 — When enabled, vsftpd runs in stand-alone mode, but listens only to IPv6 sockets. This directive cannot be used in conjunction with the listen directive.
    The default value is NO.
  • session_support — When enabled, vsftpd attempts to maintain login sessions for each user through Pluggable Authentication Modules (PAM). Refer to Chapter 16, Pluggable Authentication Modules (PAM) for more information. If session logging is not necessary, disabling this option allows vsftpd to run with less processes and lower privileges.
    The default value is YES.