15.5. vsftpd Configuration Options
vsftpdmay not offer the level of customization other widely available FTP servers have, it offers enough options to fill most administrator's needs. The fact that it is not overly feature-laden limits configuration and programmatic errors.
All configuration of
vsftpdis handled by its configuration file,
/etc/vsftpd/vsftpd.conf. Each directive is on its own line within the file and follows the following format:
For each directive, replace <directive> with a valid directive and <value> with a valid value.
There must not be any spaces between the <directive>, equal symbol, and the <value> in a directive.
Comment lines must be preceded by a hash mark (
#) and are ignored by the daemon.
For a complete list of all directives available, refer to the man page for
For an overview of ways to secure
vsftpd, refer to the chapter titled Server Security in the Security Guide.
The following is a list of some of the more important directives within
/etc/vsftpd/vsftpd.conf. All directives not explicitly found within
vsftpd's configuration file are set to their default value.
15.5.1. Daemon Options
The following is a list of directives which control the overall behavior of the
listen— When enabled,
vsftpdruns in stand-alone mode. Red Hat Enterprise Linux sets this value to
YES. This directive cannot be used in conjunction with the
listen_ipv6directive.The default value is
listen_ipv6— When enabled,
vsftpdruns in stand-alone mode, but listens only to IPv6 sockets. This directive cannot be used in conjunction with the
listendirective.The default value is
session_support— When enabled,
vsftpdattempts to maintain login sessions for each user through Pluggable Authentication Modules (PAM). Refer to Chapter 16, Pluggable Authentication Modules (PAM) for more information. If session logging is not necessary, disabling this option allows
vsftpdto run with less processes and lower privileges.The default value is