This guide will help you install and configure ftp server with vsftpd on ubuntu server. Follow the steps outline bellow to install vsftpd utility on ubuntu server 22.04.
Step 1: Update System Package Repository
Step 2: Install vsftpd on Ubuntu Server
vsftpd is an open source FTP utility commonly used in ubuntu due to its simplicity. Install vsftpd by running the command bellow :
Step 3: Launch vsftpd
To launch the service and enable it to automatically start at boot, run the following commands :
Step 4: Backup Configuration Files
Before making any changes, backup your configuration files. Create a backup copy of the default configuration using the cp command :
Step 5: Create FTP User
For this tutorial, we will create a dedicated FTP user. Skip this step if you intend to give FTP access to an existing user.
Use the syntax bellow to create a new user and set the password :
Step 6: Configure firewall to allow FTP traffic
Run the following command to open port 20 and 21 to allow FTP traffic using ufw :
If you use iptables, you can run the following commands :
Step 7 : Connect to the FTP server
Connect to the FTP server using the following syntax :
Then you will asked to input the password of FTP user
Configuring vsftpd Server
Configuring the server is crucial as it allows you to customize settings to optimize performance, enable specific features, and tailor the server to meet your needs. Follow the section bellow for some basic configuration.
Change Default Directory
The FTP server uses the /srv/ftp directory as default directory. You can create a new directory and set it as the FTP user home directory. Changing and restricting FTP to a specific directory improves overall security.
Follow the steps bellow :
1. Use this syntax to create new directory
Replace the new_location with directory you want to create.
2. Use the following syntax to change the default directory where ftp user will be placed upon login :
3. Restart the vsftpd services to apply the changes.
Now, you can put any files you want to share via ftp into /srv/ftp directory ( if you left it as default) or the /srv/ftp/[new_location] directory (if you changed it).
Authenticate FTP Users
If you want to let authenticated user upload files, edit the vsftpd.conf file as shown the steps bellow :
1. Open vsftpd.conf file using nano or another text editor
2. Find the entry labeled write_enable=YES and uncomment it ( remove # in front of the line )
3. Save and exit the file, and restart ftp service by running the following command :
Configuring this setting allows the user make changes inside their home directory.
Securing FTP
Numerous exploits take advantage of unsecured ftp server. There are several configuration option in vsftpd.conf that help secure your FTP server. thus preventing unauthorized access, potential data breaches and system vulnerabilities.
Limit User Access
One method of securing vsftpd is to limits users to their home directory. follow the step bellow :
1. Open vsftpd.conf file in text editor
2. Uncomment the following line by removing the hash (#) sign :
Save the file, apply the changes and exit from the text editor.
Create a User List File
The user list file enables vsftpd to deny or allow access to the listed users. The listed users will have full access to anywhere on the server. If a user is not listed, they are restricted to their specified home directory. Follow the steps below:
1. Open the /etc/vsftpd.chroot_list file in a text editor and add one user per line to create the list file.
2. Edit the vsftpd.conf file and uncomment (remove the #) the following lines:
The following image illustrates the edits:
3. Still on vsftpd.conf file, another rule should be enable
4. Save the configuration and exit from vsftpd.conf file. Then restart the vsftpd service:
Comments
Post a Comment