Change vsftpd FTP Server Port Number 21

by on December 12, 2006 · 13 comments· LAST UPDATED November 29, 2012

in , ,

Because of security issues I would like to change the vsftpd server tcp port # 21. How do I configure vsftpd to use another port instead of the default TCP port 21? How to change vsftpd ftp port number in Linux or Unix?

vsftpd, which stands for Very Secure FTP Daemon, is an FTP server under Ubuntu, Fedora Core, Red Hat Enterprise Linux and a number of other distributions. Changing a default port is a good idea. FTP is a common method for allowing remote access to files. Like telnet, the FTP protocol is unencrypted, which means that passwords and other data transmitted during the session can be captured and that the session is vulnerable to hijacking.

Tutorial details
DifficultyEasy (rss)
Root privilegesYes
Linux or Unix
Estimated completion timeN/A

Changing vsftp port

All you need to do is edit the configuration file for vsftpd server. The default configuration file is /etc/vsftp/vsftpd.conf or /etc/vsftpd.conf.

First login as root user.

Open the vsftpd.conf file, enter:
# vi vsftpd.conf

Find line that read as follows

Replace port 21 with new port such as 201:

Save and close the file. Please make sure no other service is using port # 201. Finally, restart the vsftpd server:
# /etc/init.d/vsftpd restart
# service vsftpd restart

All ftp client need use the tcp port # 201 while connecting to the ftp server. For example:
$ ftp 201

Tweet itFacebook itG+ itDownload PDF versionFound an error/typo on this page?

{ 13 comments… read them below or add one }

1 Dhiraj January 10, 2007 at 12:30 pm

After changing the default port number not able to use ftp service from outside network. From Lan it is working fine


2 nixCraft January 10, 2007 at 1:52 pm


Make sure new port is open at firewall.


3 Bob December 7, 2009 at 5:41 pm

@Dhiraj, Also make sure the chosen port is opened by port forwarding.


4 jake February 3, 2010 at 5:46 am

Thanks, works like a charm.


5 somanath August 5, 2010 at 9:45 am

Thanks. It is working great.


6 Arfat March 23, 2012 at 1:18 pm

When i changes the default port from 21 to 115. My vsftpd service fail to start.
OS ver- RHEL6.1
IPTables – OFF.
Selinux – Enforcing Mode.

Please help.


7 linuxender May 4, 2012 at 10:09 pm

Its a bug that Selinux wont allow vsftpd to be started if you have assigned the port which is less then 1024 except port number 21. Assign the port which greater than 1024, for e.g. try port 10000. vsftpd will not fail to start.


8 David June 20, 2012 at 8:46 am

Thanks. I only had to add this line:


and restart the service.


9 Nasa November 28, 2012 at 8:39 pm

Excellent article, simple and informative!! I think there is a typo in last line “Client need to use port 21 while connecting to ftp server” shouldn’t it be 201?


10 Mike Angels February 2, 2013 at 1:47 pm

You should not use any port below 1024 because they are reserved for specific tasks
going above 20 000 can cause problem when you are using low quality hardware such as routers.
also for FTP if you choose a port ending with 21 that can give a hint that it is a FTP (ex: 1721, 3421 or 7721) so use something like 8349.

If you want maximum security you can configure SFTP (secure ftp) instead.
Best regards


11 bn8595 August 13, 2013 at 10:43 am

is there any file in Linux where port numbers are predefined / listed ?


12 Octo August 22, 2013 at 9:07 pm


cat /etc/services


13 ctechz November 26, 2013 at 7:14 pm

when we change the incoming port 21 to some other and what outgoing port the server will take, 20 or some other


Leave a Comment

Tagged as: , , , , , , , ,

Previous Faq:

Next Faq: