=== Installing ===
<sxh bash>
yum install vsftpd
chkconfig vsftpd on
</sxh>
=== Configuring /etc/vsftpd/vsftpd.conf ===

You should edit your **/etc/vsftpd/vsftpd.conf** file similar to the following:
<sxh bash>
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
# the below lines may need to be manually added
pasv_min_port=60000
pasv_max_port=65000
</sxh>
\\
=== Chrooting User ===

If you would like to chroot the users you can add the following line to the bottom of **/etc/vsftpd/vsftpd.conf**

#for chrooting users add the following lines:
<sxh bash>
chroot_local_user=NO
chroot_list_enable=NO
chroot_list_file=/etc/vsftpd/vsftpd.chroot_list
</sxh>
The line: c**hroot_local_user=YES** will chroot users in their home directory
You will then need to create the following file **/etc/vsftpd/vsftpd.chroot_list** even if you leave it empty. If you change **chroot_list_enable** to **yes** then you will need to put users in **vsftpd.chroot_list** that you wish **NOT** to be chrooted as everyone will be by default.

Note: you will need to create the file even if you leave it empty
<sxh bash>
/etc/vsftpd/vsftpd.chroot_list
</sxh>
Once you have done this you should start vsftpd with:
<sxh bash>
service vsftpd start
</sxh>

\\
=== Firewall Rules: ===
<sxh bash>
iptables -I INPUT -p tcp --dport 21 -m comment --comment "FTP" -j ACCEPT

iptables -I INPUT -p tcp -m multiport --dports 60000:65000 -m comment --comment "FTP passive mode ports" -j ACCEPT
</sxh>
<sxh bash>
/etc/init.d/iptables save
</sxh>
You should then edit **/etc/sysconfig/iptables-sysconfig** and make sure the following lines look like:
<sxh bash>
IPTABLES_MODULES="nf_conntrack_ftp"
</sxh>
\\
=== Adding and modifying Users===

**useradd -m -s /sbin/nologin username** will create a user without the access to ssh into the server which is more secure if the user is only being used for FTP (they will still be able to user FTP + vsFTPd, NOT sFTP)

**useradd –d /home/directory/ username** this adds a user with a specific home directory. This is good for chrooting a user to a specific directory.

Adding a new user straight into a group **useradd -G {group-name} username**

Alternivately you are able to use the following command to add a new user straight into a group you have created with a home directory of /var/www/html and NO shell login (only useable as FTP user)
<sxh bash>
useradd -G groupname -home /var/www/testftp/ -m -s /sbin/nologin newusername
</sxh>
Don’t forget to set the password for the user with:
<sxh bash>
passwd username
</sxh>
you will then be prompted to change the password for the user