Setup VsFTPD With Multiple Users Home dir with different permission

#yum install vsftpd*  //for install the FTP Server packege

#vim /etc/vsftpd/vsftpd.conf  //Mention below screen shoot entry in vsftpd.conf file

anonymous_enable=NO                                           //Disable anonymous user
local_enable=YES                                                    //Enable local user for login
chroot_local_user=YES                                            //for not shown user home dir path
user_config_dir=/etc/vsftpd/vsftpd-virtual-user/        //virtual user config dir
virtual_use_local_privs=YES                                    //use local user as a virtual user
dual_log_enable=YES                                             //For enable dual log /var/log/vsftpd.log
connect_from_port_20=YES                                     //FTP port no
listen=YES                                                               //Read port no.
pam_service_name=vsftpd                                      //PAM Authentication enable
tcp_wrappers=YES                                                  //TCP warapper enable

For Change FTP Portlisten_port=27                                                  //Add this line in vsftpd.conf file for port changeHow to use Passive FTPIf you use FTP server in Passive Mode, Please enter these below line's in vsftpd.conf file
pasv_enable=yes                                                     //Enable FTP Server to Passive Mode
pasv_max_port=55000                                            //Passive FTP Maximum DATA port 
pasv_min_port=50000                                             //Passive FTP Minimum DATA port 
port_enable=YES                                                     //Enable Passive FTP DATA port 
pasv_address=54.251.136.7                                   //Public ip of machine where ftp server is running

Create Dir for Virtual User in Vsftpd Root Dir

#mkdir   /etc/vsftpd/vsftpd-virtual-user/

#cd   /etc/vsftpd/vsftpd-virtual-user/

#vim   vsftpd_user   //enter your virtual user name and save

vivek          //virtual user
kamal        //virtual user

Then create your virtual username file like vivek and kamal for special permission and set local_root

#vim  /etc/vsftpd/vsftpd-virtual-user/ vivek  and  #vim  /etc/vsftpd/vsftpd-virtual-user/kamal

local_root=/home/kamal                       //Virtual user HOME dir

cmds_allowed=USER,PASS,SYST,FEAT,OPTS,PWD,TYPE,PASV,LIST,STOR,CWD,MKD,SIZE,MDTM,CDUP,RETR,RNFR,RNTO      //Allow FTP CMD in this virtual user

local_umask=022            //SET umask value for virtual user

write_enable=YES            //Write Enable for virtual user

If you want to set All users login to one dir  then enter  line in vsftpd.conf file “ local_root=/your/dir/path”

AND

If you want to set All users login to own home dir  then no need to mention “ local_root=/your/dir/path”  entry  in any file

AND

If you want to set only a users login to other dir  (like kamal’s home dir is /data/k but you want set, its login on /home/kamal) then enter  line in specific virtual user file /etc/vsftpd/vsftpd-virtual-user/kamal  file  “ local_root=/home/kamal”

Set Pam Authentication in vsftpd

# vim /etc/pam.d/vsftpd

#service vsftpd start

If disable Any FTP user Account Please Enter username in "#vim /etc/vsftpd/ftpusers"

all FTP commands and save it on the system for reference:

#
# List of FTP commands
#
# ABOR - Abort an active file transfer.
# ACCT - Account information.
# ADAT - Authentication/Security Data (RFC 2228)
# ALLO - Allocate sufficient disk space to receive a file.
# APPE - Append.
# AUTH - Authentication/Security Mechanism (RFC 2228)
# CCC  - Clear Command Channel (RFC 2228)
# CDUP - Change to Parent Directory.
# CONF - Confidentiality Protection Command (RFC 697)
# CWD  - Change working directory.
# DELE - Delete file.
# ENC  - Privacy Protected Channel (RFC 2228)
# EPRT - Specifies an extended address and port to which the server should connect. (RFC 2428)
# EPSV - Enter extended passive mode. (RFC 2428)
# FEAT - Get the feature list implemented by the server. (RFC 2389)
# HELP - Returns usage documentation on a command if specified, else a general help document is returned.
# LAND - Language Negotiation (RFC 2640)
# LIST - Returns information of a file or directory if specified, else information of the current working directory is returned.
# LPRT - Specifies a long address and port to which the server should connect. (RFC 1639)
# LPSV - Enter long passive mode. (RFC 1639)
# MDTM - Return the last-modified time of a specified file. (RFC 3659)
# MIC  - Integrity Protected Command (RFC 2228)
# MKD  - Make directory.
# MLST - Lists the contents of a directory if a directory is named. (RFC 3659)
# MODE - Sets the transfer mode (Stream, Block, or Compressed).
# NLST - Returns a list of file names in a specified directory.
# NOOP - No operation (dummy packet; used mostly on keepalives).
# OPTS - Select options for a feature. (RFC 2389)
# PASS - Authentication password.
# PASV - Enter passive mode.
# PBSZ - Protection Buffer Size (RFC 2228)
# PORT - Specifies an address and port to which the server should connect.
# PWD  - Print working directory. Returns the current directory of the host.
# QUIT - Disconnect.
# REIN - Re initializes the connection.
# REST - Restart transfer from the specified point.
# RETR - Retrieve (download) a remote file.
# RMD  - Remove a directory.
# RNFR - Rename from.
# RNTO - Rename to.
# SITE - Sends site specific commands to remote server.
# SIZE - Return the size of a file. (RFC 3659)
# SMNT - Mount file structure.
# STAT - Returns the current status.
# STOR - Store (upload) a file.
# STOU - Store file uniquely.
# STRU - Set file transfer structure.
# SYST - Return system type.
# TYPE - Sets the transfer mode (ASCII/Binary).
# USER - Authentication username.