Install vsftpd on Ubuntu 16.04

Installing vsftpd allows you to upload files to a server, the concept is comparable to that of Google Drive.  When you invite specified users to your Google Drive they can create, delete, upload and download files all behind a secure login. Vsftpd is excellent for company’s looking for an alternative to Google Drive or for anyone who wants to create a robust server. This “Very Secure File Transfer Protocol Daemon” is favored for its security and speed and we’ll be showing you how to install vsftpd on an Ubuntu 16.04 LTS server.

 

Pre-Flight Check

  • These instructions are intended specifically for installing vsftpd on Ubuntu 16.04.
  • You must be logged in via SSH as the root user to follow these directions.
Warning:
FTP data is insecure; traffic is not encrypted, and all transmissions are clear text, including usernames, passwords, commands, and data. Consider securing your FTP connection (FTPS).

Step 1: Updating Apt-Get

As a matter of best practices we update apt-get with the following command:

apt-get update

Step 2: Installing Vsftpd

One command allows us to install vsftpd very easily.

apt-get -y install vsftpd

Step 3: Configuring Vsftpd

We’ve installed vsftpd, and now we will edit some options that will help us to protect the FTP environment and enable the environment for utilization. Enter the configuration file using the text editor of your choice.

vim /etc/vsftpd.conf

Change the values in the config file to match the values below and lastly, save exit by typing

:wq

 

anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
ascii_upload_enable=YES
ascii_download_enable=YES

 

Click Here for a Further Explaination on Each Directive
Anonymous_enable: Prohibit anonymous internet users access files from your FTP. Change anonymous_enable section to NO.

Local_enable: If you have created users you can allow these users to log in by changing the local_enable setting to YES.

Write_enabled: Enable users the ability to write the directory, allowing them to upload files. Uncomment by removing the # in from of write_enabled:

Chroot jail: You can “chroot jail” local users, restricting them to their home directories (/home/username) and prohibiting access to any other part of the server. Choosing this is optional but if you state YES follow the steps in Step 4 for removing write privileges and making their own directory for uploads. If you select NO, the user will have access to other directories.

Step 4: Editing Permissions for a User

If you have an existing or new user that is not able to connect, try removing write privileges to their directory:

chmod a-w /home/username

Step 5: Creating the User a Directory

Create a directory just for FTP, in this case, and we are name it files. Afterward, this user will be able to upload and create files within the files folder:

mkdir /home/username/files

Step 6: Accepting FTP Traffic to Ports

There are a few ways to open ports within a server, below is one way of opening port 20 and 21 for FTP users to connect.

Note
Directly passing iptable commands, like below, can break some firewalls. In whichever method you choose to edit your iptables ensure that port 20 and 21 are open.

iptables -I INPUT 1 -p tcp --dport=20 -j ACCEPT

iptables -I INPUT 1 -p tcp --dport=21 -j ACCEPT

Step 7: Restarting the Vsftpd Service

Restarting vsftpd enables changes to the file (step 3) to be recognized.

service vsftpd restart

Step 8: Verifying Vsftpd

Now for a little fun, let’s connect to our FTP to verify it is working.

ftp 79.212.205.191

Example Output:

ftp 79.212.205.191
Connected to 79.212.205.191.
220 Welcome to FTP!
Name (79.212.205.191:terminalusername):<enter your FTP user>

You’ll also be able to connect via an FTP client, like Filezilla, using the IP address of your hostname and leaving the port number blank.  Take it for a spin and try to upload a file or write a file. If you enabled the chroot jail option, the user should not be able to go to any other parent directory.

 

Be Sociable, Share!

Author Bio

About the Author: Echo Diaz

Throughout Echo's four year stint as a technical support specialist, her passion for breaking down complex concepts has to lead to a career in professional writing. As a top tier support specialist, she adds a distinctive element to her written work that speaks to customer feedback and concerns.

Echo occasionally pops her head out from behind her computer to watch her dog energetically run around the yard and unabashedly shovels money into buying tickets to see her favorite musical artists.

Here's 75 % off, Launch a New VPS Today. Find out why 30,000 customers have chosen our Best-in-Class Performance & 24x7 Heroic Support