If you want to install FTP Server on Fedora 44, the cleanest path is to use vsftpd, then lock it down with firewalld and SELinux. This guide shows the full workflow in a simple Linux server tutorial style, with the command, the reason behind it, and what to expect after each step.
FTP still has a place in internal networks, lab environments, and legacy workflows where a lightweight file transfer service is enough. The problem is that many tutorials only show the commands and skip the security logic, so readers end up with a server that works but is unsafe or fragile. Fedora’s own FTP guidance describes vsftpd as the FTP daemon to configure, and Server World’s Fedora 44 notes show the same package and baseline hardening pattern.
The focus here is not just to make the service start. The goal is to help you understand WHY each step matters, so you can troubleshoot, adapt the setup, and explain it to someone else later. That is the difference between following a recipe and actually knowing how the server works.
Prerequisites
Before you begin this Install FTP Server on Fedora 44 setup, make sure you have the basics ready.
- Fedora 44 installed and updated.
- A user with
sudoaccess, or direct root access. - Network access to Fedora package repositories.
- A terminal session and basic command-line comfort.
- Firewalld and SELinux enabled, which is the default Fedora behavior in most installs.
- An FTP client for testing, such as the built-in
ftpcommand or FileZilla.
These requirements matter because FTP setup touches the package manager, systemd, firewall rules, and SELinux policy. If one of those layers is missing, the service may install but still refuse connections later. Fedora’s FTP guide also assumes the OS, users, networking, and firewall are already in place before configuration starts.
Step 1: Update Your System
Refresh package metadata
sudo dnf update -yThis command updates the system packages and refreshes dependencies before you install anything new. The WHY is simple: you want current libraries, current security fixes, and fewer version conflicts when vsftpd pulls in supporting packages.
Expected output usually includes package download and transaction details, then a completion message that says the update finished successfully. If the kernel updates too, plan a reboot before you continue so the running system matches the installed packages.
A clean update also makes troubleshooting easier. When you start from an updated Fedora base, you reduce the chance that a broken dependency causes the FTP service to fail later.
Step 2: Install vsftpd
Install the FTP daemon
sudo dnf install vsftpd -yThis installs vsftpd, the Very Secure FTP Daemon used in Fedora’s FTP setup examples. Fedora’s administration draft and the Fedora 44 server notes both point to vsftpd as the package to use for FTP service deployment.
The WHY is that vsftpd is small, stable, and widely documented in Linux server tutorials. It is also a good fit for Fedora because it works well with SELinux and firewalld, which are core parts of the distribution’s security model.
Confirm the package is installed
rpm -q vsftpdIf the install worked, you should see a package version such as vsftpd-...fc44. This check matters because package installation can fail quietly if the repository metadata is stale or the network is interrupted.
If you see package vsftpd is not installed, rerun the update or refresh the package cache. A quick verification now saves time later when you are trying to debug a service that never actually got installed.
Step 3: Enable and start the service
Start vsftpd now
sudo systemctl start vsftpdThis launches the FTP server immediately. The WHY is that installation alone does not make a service listen on the network; systemd has to start it first.
Make it start on boot
sudo systemctl enable vsftpdThis tells Fedora to start vsftpd automatically after a reboot. The WHY is persistence: a server that disappears after one restart is not ready for real use.
Check service status
sudo systemctl status vsftpdA healthy result should show active (running). If the service fails, this command often gives the first useful clue, such as a bad configuration line or a permission issue.
You can also combine startup and enablement on some systems:
sudo systemctl enable --now vsftpdThat one command is convenient, but I still prefer checking status separately during setup. It gives you a cleaner mental model of what changed.
Step 4: Configure vsftpd
Back up the config first
sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bakThis creates a backup copy before you edit the main configuration file. The WHY is recovery: if a typo breaks the service, you can restore the old file immediately instead of rebuilding it by memory.
Open the main config
sudo nano /etc/vsftpd/vsftpd.confYou can use vi instead if that is your habit. Fedora’s FTP documentation and Fedora 44 server notes both point to this file as the main place where anonymous access, chroot behavior, and local user access are controlled.
Disable anonymous access
anonymous_enable=NOThis blocks guest-style access with no login. The WHY is security and accountability: on a real server, you usually want to know exactly which account accessed which file.
If you leave anonymous access open, people may connect without a password when you never intended that behavior. That can create a data leak, especially on shared systems.
Allow local users
local_enable=YES
write_enable=YESlocal_enable=YES allows system accounts on the Fedora machine to log in over FTP. write_enable=YES allows uploads and file changes, which is necessary if the server is more than a read-only download host.
The WHY is that FTP should reflect the role you want the server to play. If you only need downloads, you can keep write access off. If you need uploads, you must turn it on explicitly.
Restrict users with chroot
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
allow_writeable_chroot=YESChrooting keeps users inside their own directory tree. The WHY is that a compromised FTP account should not freely browse the rest of the server’s filesystem.
Fedora’s own FTP notes show chroot-related settings as part of the standard setup. Server World’s Fedora 44 example also uses chroot, which is a strong sign that this is still the right default for a modern installation.
Set the local home directory behavior
local_root=public_html
use_localtime=YESlocal_root=public_html tells vsftpd where to place users after login, while use_localtime=YES makes timestamps easier to read in local time. The WHY is usability: better directory placement and clearer timestamps reduce confusion for users and admins.
Create the chroot list
sudo nano /etc/vsftpd/chroot_listAdd the usernames you want to allow beyond the default chroot restriction. In many setups, this file stays empty or contains only trusted admin accounts.
The WHY is control. If you ever need an exception, you give it to a specific account instead of weakening the whole server.
Restart the service
sudo systemctl restart vsftpdThis reloads the new configuration. If you skip the restart, the service keeps using the old settings and your changes do nothing.
Step 5: Create an FTP user
Add a dedicated account
sudo useradd -m ftpuser
sudo passwd ftpuserThis creates a dedicated user and sets a password. The WHY is account separation: FTP should not use your main admin login, because that makes auditing and damage control much harder.
Limit shell access
sudo usermod -s /sbin/nologin ftpuserThis prevents the account from being used as a normal shell login. The WHY is simple: if the account is only meant for FTP, it should not also become an SSH path into your server.
Prepare the directory
sudo mkdir -p /home/ftpuser/ftp
sudo chown -R ftpuser:ftpuser /home/ftpuser/ftp
sudo chmod 750 /home/ftpuser/ftpThis creates a clean directory owned by the FTP user. The WHY is permissions hygiene, since FTP works best when each user only sees what they need.
You now have a clearer security boundary. That makes this Install FTP Server on Fedora 44 setup safer and easier to maintain.
Step 6: Open the firewall
Allow FTP traffic
sudo firewall-cmd --add-service=ftp --permanentThis opens the standard FTP control port through firewalld. The WHY is that Fedora blocks unsolicited inbound traffic by default, so the service will not work from another machine until the firewall allows it. Fedora guidance and Fedora 44 setup notes both include firewalld in the standard workflow.
Reload firewall rules
sudo firewall-cmd --reloadThis applies permanent changes to the active firewall runtime. Without this step, the rule might exist on disk but still not be active.
Check active rules
sudo firewall-cmd --list-allLook for the ftp service in the output. If you use passive mode with a custom port range, you also need to open those ports separately.
sudo firewall-cmd --add-port=21000-21100/tcp --permanent
sudo firewall-cmd --reloadThe WHY is passive FTP data channels. Without those ports, logins may work but file transfers fail or hang.
Step 7: Set SELinux rules
Check SELinux status
getenforceIf the result is Enforcing, SELinux is active, which is normal on Fedora. The WHY is that SELinux adds another security layer and can block FTP actions even when the service and firewall look correct.
Allow FTP access to home directories
sudo setsebool -P ftp_home_dir onThis boolean lets vsftpd access user home directories under the SELinux policy. The WHY is that Fedora protects home directory access by default, so you must explicitly allow the FTP daemon to read or write there.
If you need broader access
sudo setsebool -P ftpd_full_access onUse this with caution. The WHY is that broad access reduces SELinux protection, so it should only be used when you understand the security tradeoff.
If a connection fails with permissions that look correct at the Unix level, SELinux is often the hidden reason. That is why Fedora admins keep it enabled and tune the booleans instead of disabling it.
Step 8: Test the login
Test locally first
ftp localhostThis checks whether the daemon accepts logins on the server itself. The WHY is isolation: testing locally helps you separate service problems from network problems.
You should see a login prompt, then a success message after entering the ftpuser credentials. A successful login often ends with something like 230 Login successful.
Test from another machine
Use an FTP client such as FileZilla or another command-line client from a remote host. Point it at the Fedora 44 server IP, then log in with the account you created.
The WHY is real-world validation. A service that works on localhost can still fail remotely if the firewall, passive ports, or router NAT are wrong.
Check logs if needed
sudo journalctl -u vsftpd -fThis shows live service logs. The WHY is faster debugging, because you can watch errors appear as you attempt a login.
Troubleshooting
1. Login works locally but fails remotely
This usually means the firewall blocks the FTP service or passive ports. Run firewall-cmd --list-all and confirm that FTP is allowed, then open the passive range if you configured one.
2. 530 Login incorrect
This often happens when the username, password, or user restrictions are wrong. Check the account password, verify the user is not blocked in /etc/vsftpd/ftpusers, and confirm the user is allowed by your access rules.
3. 500 OOPS: cannot change directory
This often points to a directory permission problem or an SELinux block. Recheck ownership, confirm the home path exists, and try setsebool -P ftp_home_dir on.
4. File transfer connects but hangs
This usually means passive mode is incomplete. Make sure your passive port range is defined in vsftpd.conf and allowed in firewalld.
5. Service will not start
This usually means a syntax error in vsftpd.conf. Check the journal output with journalctl -u vsftpd and look for the exact line that broke the service.
[su_box title=”VPS Manage Service Offer” style=”bubbles” box_color=”#000000″ radius=”10″]If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal![/su_box]
