Watch the video:
0:00 - Intro/Explanation
0:20 - Installing vsftpd
0:30 - Preparing vsftpd
1:20 - Create FTP user
2:59 - Creating a test file to verify access
3:18 - Configuring vsftpd
5:11 - Testing vsftpd server
5:40 - Enabling FTPS
7:50 - Securing FTP user
Introduction
Are you looking to set up an FTP server on your Ubuntu or Debian-based operating system? vsftpd is a reliable and secure solution that allows you to transfer files between your computer and a remote server.
In this comprehensive guide, I’ll walk you through the process of installing and using vsftpd step by step. Whether you’re a beginner or an experienced user, this guide has got you covered.
Installing vsftpd
The first step to getting started with vsftpd is to install it on your system. Open the terminal and run the following commands:
|
|
These commands will update your system’s package list and install vsftpd on your machine. Once the installation is complete, you’re ready to move on to the configuration process.
Firewall
If you’re using something like UF, you’ll need to allow VSFD through the firewall. You can do so with the following commands.
|
|
Configuring vsftpd
Before you can start using vsftpd, you need to configure it to suit your needs. To do this, we’ll need to make a few changes to the vsftpd configuration file. Open the file using the following command:
|
|
Inside the configuration file, you’ll find various settings that you can customize. For example, you can enable or disable anonymous login, set up local user accounts, and define the directories accessible to each user.
Once you’ve made the necessary changes, save the file and exit the editor. To apply the new configuration, restart the vsftpd service by running the following command:
|
|
Creating User Accounts
To make use of vsftpd, you’ll need to create user accounts that can access the FTP server. This allows you to control who can upload and download files. To create a new user account, use the adduser command followed by the desired username. For example:
|
|
You will be prompted to set a password for the new user account. Once the account is created, you can proceed to create a directory for the user to store their files. Use the mkdir command to create the directory:
|
|
Next, we need to set the ownership and permissions for the directory. Run the following commands:
|
|
These commands ensure that the user has full ownership and restricted access to their directory.
Testing the FTP Server
Now that you have set up vsftpd and created a user account, it’s time to test the FTP server. One way to do this is by using a popular FTP client like FileZilla. Open FileZilla and enter the host, username, and password for your FTP server. Connect to the server, and if everything is set up correctly, you should be able to see and access the files in the user’s directory.
If you want, you can create a test file:
|
|
Further securing FTP
A good idea is to tell learning that a certain user account is only an ftp user disallowing them access to anything else other than transferring files around, etc. It’s a good idea to run the following commands.
|
|
Enabling FTPS (FTP over SSL)
To add an extra layer of security to your FTP server, you can enable FTPS, which is FTP over SSL. This encrypts the data transferred between the client and the server, ensuring that it cannot be intercepted by unauthorized users.
To enable FTPS, we need to create an SSL certificate. Run the following command to generate the certificate:
|
|
During the certificate generation process, you will be prompted to provide information such as the country code, state, and organization name. Once the certificate is generated, we can proceed with the configuration.
Open the vsftpd configuration file again:
|
|
Scroll down to the bottom of the file and locate the RSA certificate settings. Replace the paths with the following:
|
|
Save the file and exit the editor. Restart the vsftpd service to apply the changes:
|
|
Your FTP server is now configured to accept FTPS connections. You can test this by connecting to the server using an FTP client that supports FTPS.
Securing FTP User Access
To further enhance security, you can limit FTP users to only FTP access and disable shell access. This prevents users from accessing the command line interface on your server.
To restrict FTP user access, we need to create a limited shell. Run the following command to create the shell script:
|
|
Inside the editor, add the following line:
|
|
Save the file and exit the editor. Next, make the shell script executable:
|
|
To enforce the limited shell, open the /etc/shells file:
|
|
Scroll to the bottom of the file and add the following line:
|
|
Save the file and exit the editor. Finally, modify the user’s account to use the limited shell:
|
|
Now, if the user tries to access the server via SSH, they will be denied access. However, they can still connect to the FTP server using their FTP client.
Congratulations! You have successfully installed and configured vsftpd on your Ubuntu or Debian-based operating system. You can now securely transfer files between your computer and the FTP server using FTP or FTPS. Remember to regularly update your system and monitor the FTP server for any suspicious activities. Enjoy the convenience and security of vsftpd for all your file transfer needs.