How to Install and Configure VSFTPD on Ubuntu Linux

This brief tutorial shows students and new users how to install an FTP server using vsftpd on Ubuntu 20.04 | 18.04.

FTP protocol is one of the easiest ways to transfer files between a server and client computers; however, it’s inherently insecure in its standard form.

Installing and configuring VSFTPD on Ubuntu Linux allows users to set up a secure and reliable file transfer protocol server. VSFTPD is a lightweight, fast, and secure FTP server that is easy to install and configure.

With the help of VSFTPD, users can easily transfer files between server and client computers. By setting up secure FTP with SSL/TLS, the user can ensure that files are transmitted securely.

Additionally, VSFTPD allows users to restrict FTP access to only local users, making it more secure than typical FTP servers.

Installing and configuring VSFTPD on Ubuntu Linux provides users with an efficient and safe way to transfer files between computers.

To get started with installing and configuring vsftpd, follow the steps below:

How to install vsftpd on Ubuntu Linux

The vsftpd package is available in the Ubuntu repositories. To install it, simply run the following commands: To install vsftpd on Ubuntu, run the commands below.

sudo apt update 
sudo apt-get install vsftpd

After installing vsftpd, the commands below can be used to stop, start, and enable the server service to always start up when the server boots.

sudo systemctl stop vsftpd.service
sudo systemctl start vsftpd.service
sudo systemctl enable vsftpd.service

After installing, you can check vsftpd status by running the commands below:

sudo systemctl status vsftpd

That should display similar lines as shown below:

vsftpd.service - vsftpd FTP server
     Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2020-05-17 17:57:40 CDT; 17s ago
   Main PID: 2916 (vsftpd)
      Tasks: 1 (limit: 4657)
     Memory: 584.0K
     CGroup: /system.slice/vsftpd.service
             └─2916 /usr/sbin/vsftpd /etc/vsftpd.conf

May 17 17:57:40 ubuntu2004 systemd[1]: Starting vsftpd FTP server.
May 17 17:57:40 ubuntu2004 systemd[1]: Started vsftpd FTP server.

How to configure vsftpd on Ubuntu Linux

After installing the server, you’ll find its main configuration file at /etc/vsftpd.conf. Many of the settings you’ll configure are well documented there.

Run the commands below to open its main configuration file.

sudo nano /etc/vsftpd.conf

Then, begin enabling settings that suit your environment.

1. FTP access

By default, FTP access is granted to the anonymous user only. To grant access to local users only, change the line in the file to match the settings below:

anonymous_enable=NO
local_enable=YES

To allow local users to upload to the FTP server and only give them access to upload to their home folders, edit the lines below:

write_enable=YES
chroot_local_user=YES
allow_writeable_chroot=YES

Continue below for more configurations.

2. User restrictions

If you don’t want all local users with accounts on the system to upload files, you can limit access to only users on the allowed list.

This option only allows users who are explicitly specified in the file.

userlist_enable=YES
userlist_file=/etc/vsftpd.user_list
userlist_deny=NO

Continue below for more configurations

3. Secure with SSL certificates

You must include SSL certificates with your setup to provide encrypted FTP file transmission.

You can use existing certificates or create self-signed ones.

For self-signed certificates, run the commands below:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem

The commands will generate self-signed certificate files you can use in your configuration.

Open vsftpd default configuration file again and add the lines below referencing the certificates files above.

rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES

That should encrypt file transmission to the server.

At this point, your configuration file should look similar to the one below:

listen=NO
listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
user_sub_token=$USER
local_root=/home/$USER/ftp
userlist_enable=YES
userlist_file=/etc/vsftpd.user_list
userlist_deny=NO

Save your changes and restart the server.

sudo systemctl restart vsftpd

Continue configuring.

4. Setup FTP homes

When adding new FTP users, simply add their FTP folders to the file to allow access to the server.

sudo mkdir -p /home/username/ftp/upload
sudo chmod 550 /home/username/ftp
sudo chmod 750 /home/username/ftp/upload
sudo chown -R username: /home/username/ftp

Replace the username with the actual user account name.

Then, add the users to the allowed list.

echo "username" | sudo tee -a /etc/vsftpd.user_list

How to vsftpd server on Ubuntu

Now grab your favorite FTP client (FileZilla), set up a new site in your site management, and use FTP protocol with encryption with explicit FTP over TLS. Type your username and password and connect.

You should be prompted with a certificate. Accept the certificate and continue. You may check the box at the bottom of the page to trust the certificate so you don’t get prompted in the future.

It would be best if you now were transferring files securely via SSL/TLS.

That’s it!

Conclusion:

This post showed you how to install and configure the vsftpd server on Ubuntu 20.04 | 18.04. If you find any error above, please use the comment form below to report.