Install vsftpd on Ubuntu 16.04

Posted on November 30, 2018 by Echo Diaz | Updated: February 24, 2021

Category: Technical Support | Tags: Firewall, FTP, Secure, Upload, VsFTPd

Reading Time: 3 minutes

Installing vsftpd allows you to upload files to a server, the concept is comparable to that of Google Drive. When you invite specified users to your Google Drive they can create, delete, upload and download files all behind a secure login. Vsftpd is excellent for company’s looking for an alternative to Google Drive or for anyone who wants to create a robust server. This “Very Secure File Transfer Protocol Daemon” is favored for its security and speed, and we’ll be showing you how to install vsftpd on an Ubuntu 16.04 LTS server.

Pre-Flight Check

These instructions are intended specifically for installing vsftpd on an Ubuntu VPS server.
You must be logged in via SSH as the root user to follow these directions.

Warning:

FTP data is insecure; traffic is not encrypted, and all transmissions are clear text, including usernames, passwords, commands, and data. Consider securing your FTP connection (FTPS).

Step 1: Updating Apt-Get

As a matter of best practices we update apt-get with the following command:

apt-get update

Step 2: Installing Vsftpd

One command allows us to install vsftpd very easily.

apt-get -y install vsftpd

Step 3: Configuring Vsftpd

We’ve installed vsftpd, and now we will edit some options that will help us to protect the FTP environment and enable the environment for utilization. Enter the configuration file using the text editor of your choice.

vim /etc/vsftpd.conf

Change the values in the config file to match the values below and lastly, save exit by typing

:wq

anonymous_enable=NO local_enable=YES write_enable=YES chroot_local_user=YES ascii_upload_enable=YES ascii_download_enable=YES

Click Here for a Further Explanation on Each Directive

Step 4: Editing Permissions for a User

If you have an existing or new user that is not able to connect, try removing write privileges to their directory:

chmod a-w /home/username

Step 5: Creating the User a Directory

Create a directory just for FTP, in this case, and we are name it files. Afterward, this user will be able to upload and create files within the files folder:

mkdir /home/username/files

Step 6: Accepting FTP Traffic to Ports

There are a few ways to open ports within a server, below is one way of opening port 20 and 21 for FTP users to connect.

Note

Directly passing iptable commands, like below, can break some firewalls. In whichever method you choose to edit your iptables ensure that port 20 and 21 are open.

iptables -I INPUT 1 -p tcp --dport=20 -j ACCEPT

iptables -I INPUT 1 -p tcp --dport=21 -j ACCEPT

Step 7: Restarting the Vsftpd Service

Restarting vsftpd enables changes to the file (step 3) to be recognized.

service vsftpd restart

Step 8: Verifying Vsftpd

Now for a little fun, let’s connect to our FTP to verify it is working.

ftp 79.212.205.191

Example Output:

ftp 79.212.205.191 Connected to 79.212.205.191. 220 Welcome to FTP! Name (79.212.205.191:terminalusername):<enter your FTP user>

You’ll also be able to connect via an FTP client, like Filezilla, using the IP address of your hostname and leaving the port number blank. Take it for a spin and try to upload a file or write a file. If you enabled the chroot jail option, the user should not be able to go to any other parent directory.

About the Author: Echo Diaz

Throughout Echo's four year stint as a technical support specialist, her passion for breaking down complex concepts had to lead to a career in professional writing. As a former top tier support specialist, she added a distinctive element to her written work that spoke to customer feedback and concerns. Echo occasionally pops her head out from behind her computer to watch her dog energetically run around the yard and unabashedly shovels money into buying tickets to see her favorite musical artists.