This brief tutorial shows students and new users how to install an FTP server using vsftpd on Ubuntu 20.04 | 18.04.
FTP protocol is one of the easiest ways to transfer files between a server and client computers; however, it’s inherently insecure in its standard form.
Installing and configuring VSFTPD on Ubuntu Linux allows users to set up a secure and reliable file transfer protocol server. VSFTPD is a lightweight, fast, and secure FTP server that is easy to install and configure.
With the help of VSFTPD, users can easily transfer files between server and client computers. By setting up secure FTP with SSL/TLS, the user can ensure that files are transmitted securely.
Additionally, VSFTPD allows users to restrict FTP access to only local users, making it more secure than typical FTP servers.
Installing and configuring VSFTPD on Ubuntu Linux provides users with an efficient and safe way to transfer files between computers.
To get started with installing and configuring vsftpd, follow the steps below:
How to install vsftpd on Ubuntu Linux
The vsftpd package is available in the Ubuntu repositories. To install it, simply run the following commands: To install vsftpd on Ubuntu, run the commands below.
sudo apt update sudo apt-get install vsftpd
After installing vsftpd, the commands below can be used to stop, start, and enable the server service to always start up when the server boots.
sudo systemctl stop vsftpd.service sudo systemctl start vsftpd.service sudo systemctl enable vsftpd.service
After installing, you can check vsftpd status by running the commands below:
sudo systemctl status vsftpd
That should display similar lines as shown below:
vsftpd.service - vsftpd FTP server
Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2020-05-17 17:57:40 CDT; 17s ago
Main PID: 2916 (vsftpd)
Tasks: 1 (limit: 4657)
Memory: 584.0K
CGroup: /system.slice/vsftpd.service
└─2916 /usr/sbin/vsftpd /etc/vsftpd.conf
May 17 17:57:40 ubuntu2004 systemd[1]: Starting vsftpd FTP server.
May 17 17:57:40 ubuntu2004 systemd[1]: Started vsftpd FTP server.
How to configure vsftpd on Ubuntu Linux
After installing the server, you’ll find its main configuration file at /etc/vsftpd.conf. Many of the settings you’ll configure are well documented there.
Run the commands below to open its main configuration file.
sudo nano /etc/vsftpd.conf
Then, begin enabling settings that suit your environment.
1. FTP access
By default, FTP access is granted to the anonymous user only. To grant access to local users only, change the line in the file to match the settings below:
anonymous_enable=NO local_enable=YES
To allow local users to upload to the FTP server and only give them access to upload to their home folders, edit the lines below:
write_enable=YES chroot_local_user=YES allow_writeable_chroot=YES
Continue below for more configurations.
2. User restrictions
If you don’t want all local users with accounts on the system to upload files, you can limit access to only users on the allowed list.
This option only allows users who are explicitly specified in the file.
userlist_enable=YES userlist_file=/etc/vsftpd.user_list userlist_deny=NO
Continue below for more configurations
3. Secure with SSL certificates
You must include SSL certificates with your setup to provide encrypted FTP file transmission.
You can use existing certificates or create self-signed ones.
For self-signed certificates, run the commands below:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem
The commands will generate self-signed certificate files you can use in your configuration.
Open vsftpd default configuration file again and add the lines below referencing the certificates files above.
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
That should encrypt file transmission to the server.
At this point, your configuration file should look similar to the one below:
listen=NO listen_ipv6=YES anonymous_enable=NO local_enable=YES write_enable=YES dirmessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES chroot_local_user=YES secure_chroot_dir=/var/run/vsftpd/empty pam_service_name=vsftpd rsa_cert_file=/etc/ssl/private/vsftpd.pem rsa_private_key_file=/etc/ssl/private/vsftpd.pem ssl_enable=YES user_sub_token=$USER local_root=/home/$USER/ftp userlist_enable=YES userlist_file=/etc/vsftpd.user_list userlist_deny=NO
Save your changes and restart the server.
sudo systemctl restart vsftpd
Continue configuring.
4. Setup FTP homes
When adding new FTP users, simply add their FTP folders to the file to allow access to the server.
sudo mkdir -p /home/username/ftp/upload sudo chmod 550 /home/username/ftp sudo chmod 750 /home/username/ftp/upload sudo chown -R username: /home/username/ftp
Replace the username with the actual user account name.
Then, add the users to the allowed list.
echo "username" | sudo tee -a /etc/vsftpd.user_list
How to vsftpd server on Ubuntu
Now grab your favorite FTP client (FileZilla), set up a new site in your site management, and use FTP protocol with encryption with explicit FTP over TLS. Type your username and password and connect.
You should be prompted with a certificate. Accept the certificate and continue. You may check the box at the bottom of the page to trust the certificate so you don’t get prompted in the future.
It would be best if you now were transferring files securely via SSL/TLS.
That’s it!
Conclusion:
This post showed you how to install and configure the vsftpd server on Ubuntu 20.04 | 18.04. If you find any error above, please use the comment form below to report.
Leave a Reply