Vsftpd

How to configure vsftpd on Ubuntu?

vsftpd (Very Secure FTP Daemon) – FTP server with support for IPv6 and SSL. The first two letters in the name vsftpd mean “very secure” (“very secure”) because the developers of the program have provided protection against many possible FTP vulnerabilities.

Step #1: Install vsftpd

Using a special command, you can install the program on a VPS server in a couple of seconds:

sudo apt-get install vsftpd

In fact, after downloading all the necessary files, the user gets an already configured program with basic security settings. However, they are not sufficient — for example, in the default mode, vsftpd allows anonymous users to access the server.

Step #2: Configure vsftpd

After installing the program, you can do its setting. To do this, open the configuration file:

sudo nano /etc/vsftpd.conf

In it you need to find the line Anonymous_enable and change the value from YES to NO:

anonymous_enable=NO

After saving the changes, access to the virtual server for anonymous users will be denied.

You should also “uncomment” (remove the # sign) the local_enable option and change its value to YES, and then allow users to write to the directory by removing the comment character for the write_enable option:

local_enable=YES
write_enable=YES

Then you need to uncomment the chroot_local_user option – if it is set to YES, then all users will be limited to their chroot rights and will not be able to access other parts of the server:

chroot_local_user=YES

After that, you need to save the changes and exit the configuration file.

To avoid the error of launching the latest versions of vsftpd (“refusing to run with writable root inside chroot”) when not working as root (Fastcomet users by default get access to their servers with such privileges, so the appearance of such an error is unlikely) take a few simple steps:

  1. Create a new user (hereinafter ## username ## must be replaced with the name of a specific user)
    adduser ##username##
  2. Give new user admin access with the command
    adduser ##username## sudo
  3. Create a new directory inside the user home directory:
    mkdir /home/##username##/files

    It is also possible that the system will refuse to create the entire path at once, then you will need to go to the / home folder:

    cd /home

    Create the folder of the desired user / ## username ## (sudo mkdir ## username ##) in it, go to it with the cd command, and then create the files folder with the mkdir command.

  4. Change the owner of this directory to root:
    chown root:root /home/##username##
  5. Make all changes inside the “files” subdirectory. After making all changes to the configuration file, you need to restart vsftpd.
    sudo service vsftpd restart

For Ubuntu 16.04, you need to configure the firewall using the following commands:
Restart the firewall:

sudo ufw disable
sudo ufw enable

Add inbound rules for the ports used by vsftpd:

sudo ufw allow 20/tcp
sudo ufw allow 21/tcp

You can check the settings with the command:

sudo ufw status

Status

Step #3: Accessing the FTP server

After installing the FTP server, you can access it in two ways: via the address bar of the browser and using the command line.

To use the first method, you need to type in the browser address bar the name of the ftp protocol and the domain name or server IP address: ftp://example.com (example with the IP address: ftp://5.200.47.19/)

After that, the system will ask you to enter the username and password of the local user, and then its home directory with all its contents will appear (you can only enter it).

An alternative method is to use the ftp command in a terminal in combination with the domain name or IP address of the site: ftp example.com

After you finish working with FTP, you can exit this terminal mode using the “exit” command.

Leave a Comment

Comments

No comments yet. Why don’t you start the discussion?

    Leave a Reply

    Your email address will not be published. Required fields are marked *