FTP server allows you to transfer files from and to remote machines over a network in a secure manner. In this article, we will see how to configure FTP server in Ubuntu. VSFTPD (Very Secure File Transfer Protocol Daemon) is the most popular FTP service used in Ubuntu/Debian systems. We will look at how to install and set VSFTPD server in Ubuntu.
How to Configure FTP Server in Ubuntu
Here are the steps to configure FTP server in Ubuntu.
1. Update Ubuntu
Open terminal and run the following command.
$ sudo apt-get update
Also read : How to Install Erlang in Ubuntu
2. Install VSFTPD
Run the following command to install VSFTD
$ sudo apt-get install vsftpd
Also read : How to Install Fail2ban in Ubuntu
3. Start & Enable VSFTPD
VSFTPD will be disabled by default. We need to start and enable VSFTPD with the following commands.
$ systemctl start vsftpd $ systemctl enable vsftpd
Also read : How to Change User Password in Linux
4. Open required posts
FTP servers run on ports 20 & 21 by default. We need to open them using UFW firewall. These ports are used to download and upload files to & from FTP server.
$ sudo ufw allow 20/tcp $ sudo ufw allow 21/tcp
Also read : How to Find Top Consuming Processes in Linux
5. Create FTP user
Run the following commands to create an FTP user that can access your system. Change the username below from ubuntu to what you want.
$sudo useradd –m
ubuntu $sudo password
ubuntu
You will be asked for a password for this new user. Enter it and note it down as you will need it every time to log into FTP server.
Also read : How to Configure X-Frame-Options in Apache
6. Test FTP connection
Now you should be able to log into FTP server. Use the following command from a remote machine. Replace 54.34.21.12 with the name or IP or your FTP server
$ sudo ftp 54.34.21.12
You will be asked for username and password. Enter ubuntu and its password that you entered in the previous step.
You should be able to successfully log into your FTP server.
Also Read : How to Create Remote Git Repository
6. Secure VSFTPD
It is important to secure your FTP server against unauthorized access. You can easily do that by modifying a few settings in its configuration file. VSFTPD comes with a default configuration file /etc/vsftpd/vsftpd.conf. First, we will take its backup.
$ sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.bkp
Next, open the original configuration file using a text editor
$ sudo vi /etc/vsftpd/vsftpd.conf
Please note, although you can log into FTP server, you will not be able to transfer any files with it.
So change the following line
write_enable=NO
to
write_enable=YES
Similarly, to avoid numerous security exploits it is advisable to restrict each user’s access to their home directory. You can do so by uncommenting and changing the following lines to read
chroot_local_user
=YES
allow_writeable_chroot=YES
Also read : How to Enable Keep Alive in NGINX
Further, we create a user list /etc/vsftpd.chroot_list and limit FTP access to only those users listed in that file.
So add the following line in VSFTPD configuration file to specify the location of user list file that we will be creating next.
chroot_list_file=/etc/vsftpd.chroot_list
Save and close the file.
Now create a user list file at /etc/vsftpd.chroot_list
$ sudo vi /etc/vsftpd.chroot_list
Add 1 user per line. Save and close the file
Also read : How to Use Git Shallow Clone
7. Restart VSFTPD service
Restart VSFTPD service to apply changes.
$ sudo systemctl restart vsftpd.service
That’s it! You should be able to securely log into your FTP server. Also any user not mentioned in your user list will be unable to log in. If you want to secure your FTP server even more, then you can refer to their detailed documentation.