FTP (File Transfer Protocol) is a network protocol that is used for transferring a file between computers. FTP is still used to support legacy applications and workflows with very specific needs. If you have a choice of protocol, consider modern options that are more efficient, secure, and convenient for delivering files like SFTP (Secure File Transfer Protocol).
vsftpd, very secure FTP daemon, is an FTP server for many Unix-like systems, including Linux, and is often the default FTP server for many Linux distributions as well. vsftpd is beneficial for optimizing security, performance, and stability. It also provides strong protection against security problems found in other FTP servers.Read more: How To Set Up vsftpd (FTP server) On Ubuntu
In this tutorial, we will try to install and configure vsftpd to our server. And here’s the step to do that:
1. Installing vsftpd
Update your package list first:
sudo apt update
Next, install the
sudo apt install vsftpd
And now vsftpd is already installed on your server.
2. Opening the Firewall
First, check the firewall status to see if it’s enabled. If it is, then you’ll make adjustments to ensure that FTP traffic is permitted so firewall rules don’t block our FTP requests.
sudo ufw status
You should see output like this, if it states that the status is active, then our server firewall is active and we need to add additional config:
Start by opening ports
990 so they’re ready when you enable TLS:
sudo ufw allow 20,21,990/tcp
Next, open ports
40000-50000 for the range of passive ports you will be setting in the configuration file:
sudo ufw allow 40000:50000/tcp
Check the status of your firewall again, and it should add more additional configs like this:
3. Configure vsftpd Configuration
Open up the file at
/etc/vsftpd.conf in your favorite text editor (
nano, …), and make sure the following lines are uncommented:
local_enable allows system-defined users in the
/etc/passwd file to log in through vsftpd.
write_enable allows changes to the filesystem through FTP, such as uploading.
ascii_download_enable tell vsftpd to disable
ascii mangling. It’s a horrible feature of the FTP protocol that basically replaces line endings regardless of whether or not the FTP server is running on a Windows or Unix machine.
chroot is shorthand for
change root and will basically enable an environment that prevents the user from leaving its home directory.
4. Add New User
Although we can use system-defined users to log in through vsftpd, let’s create our own user to access the vsftpd service.
Run this command to create a new user:
This will create a user named
ftpuser, you will be asked some basic questions and also be asked to set up a password for that user.
And now we can use vsftpd service for our server.