Introduction
In this article, we’ll show you how to set up and use FTP server on Ubuntu Linux. We’ll also cover some basic configuration and security measures to get you started.
Update System Packages
Before you begin, it’s always a good idea to update your system packages to the latest version. You can do this by running the following commands:
sudo apt-get update
sudo apt-get upgrade
Install vsftpd Server on Ubuntu
Now that your system is up to date, you can install the vsftpd server package by running the following command:
sudo apt-get install vsftpd
Backup Configuration Files
Before making any changes to the configuration files, it’s always a good idea to make a backup in case something goes wrong. You can do this by running the following command:
sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak
Create FTP User
Now that the vsftpd server is installed, you need to create a user that will be used to connect to the server. You can do this by running the following command:
sudo adduser ftpuser
You will be prompted to enter a password for the user. Once the user is created, you need to add them to the FTP group by running the following command:
sudo usermod -a -G ftp ftpuser
Configure Firewall to Allow FTP Traffic
If you have a firewall enabled on your Ubuntu server, you need to allow FTP traffic through it. You can do this by running the following command:
sudo ufw allow ftp
Connect to Ubuntu FTP Server
Now that the server is configured, you can connect to it using your FTP client. For this example, we will be using the Filezilla client.
First, open Filezilla and click on the “Site Manager” icon.
Next, click on the “New Site” button and enter the following information:
- Host: Enter the IP address or hostname of your server
- Port: Enter 21
- Protocol: Select “FTP – File Transfer Protocol”
- Encryption: Select “Only use plain FTP (insecure)”
- Logon Type: Select “Normal”
- User: Enter the FTP username you created earlier
- Password: Enter the FTP user’s password
Now click on the “Connect” button and you should be connected to your FTP server.
How to connect to FTP server via command line
If you prefer to use the command line, you can connect to your FTP server by running the following command:
ftp hostname
You will be prompted for the FTP user’s password. Once you are logged in, you will be at the FTP prompt where you can enter various commands. Type help to see a list of available commands.
How to connect to FTP server via GUI
If you are using a Linux desktop, you can connect to your FTP server using a GUI client such as Filezilla or Nautilus.
To connect using Filezilla, open the program and click on the “Site Manager” icon.
Next, click on the “New Site” button and enter the following information:
- Host: Enter the IP address or hostname of your server
- Port: Enter 21
- Protocol: Select “FTP – File Transfer Protocol”
- Encryption: Select “Only use plain FTP (insecure)”
- Logon Type: Select “Normal”
- User: Enter the FTP username you created earlier
- Password: Enter the FTP user’s password
Now click on the “Connect” button and you should be connected to your FTP server.
To connect using Nautilus, open the program and click on the “File” menu, then select “Connect to Server”.
In the “Server Address” field, enter the following information:
- Service type: Select “FTP”
- Server: Enter the IP address or hostname of your server
- Port: Enter 21
- Username: Enter the FTP username you created earlier
- Password: Enter the FTP user’s password
Now click on the “Connect” button and you should be connected to your FTP server.
Configuring and Securing Ubuntu vsftpd Server
Now that you have a basic FTP server up and running, let’s look at some of the configuration options that are available.
Change Default Directory
By default, the vsftpd server will change your directory to the /var/ftp directory when you login. If you want to change this, you can edit the /etc/vsftpd.conf file and change the following line:
#chroot_local_user=YES
to
chroot_local_user=YES
You will also need to create the new directory that you want to use. For example, if you want to use the /home/ftpuser directory, you can do this by running the following command:
sudo mkdir /home/ftpuser
Authenticate FTP Users
By default, the vsftpd server will allow anyone to login with any username and password. If you want to restrict access to only certain users, you can edit the /etc/vsftpd.conf file and change the following line:
#anon_upload_enable=YES
to
anon_upload_enable=NO
You will also need to uncomment the following line:
#local_enable=YES
How to configure anonymous FTP login
If you want to allow anonymous FTP login, you can edit the /etc/vsftpd.conf file and change the following line:
#anon_upload_enable=YES
to
anon_upload_enable=YES
You will also need to uncomment the following line:
#anon_mkdir_write_enable=YES
How to change the default FTP listening port
By default, the vsftpd server listens on port 21 for FTP traffic. If you want to change this, you can edit the /etc/vsftpd.conf file and change the following line:
#listen=YES
to
listen=NO
You will also need to uncomment the following line and enter the new port number:
#listen_port=
Securing FTP
One of the most important things you can do to secure your FTP server is to encrypt the traffic. You can do this by using SSL/TLS. To do this, you need to generate a self-signed SSL certificate by running the following command:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem
You will be prompted to enter some information about your certificate. Once the certificate is generated, you need to edit the /etc/vsftpd.conf file and change the following lines:
#ssl_enable=NO
#rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
to
ssl_enable=YES
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
You will also need to uncomment the following line:
#force_local_data_ssl=YES
Limit User Access
If you want to limit the access that users have to your FTP server, you can create a user list file. To do this, you need to edit the /etc/vsftpd.conf file and change the following line:
#userlist_deny=NO
to
userlist_deny=YES
You will also need to uncomment the following line and enter the path to your user list file:
#userlist_file=/etc/vsftpd.userlist
The user list file is a simple text file that contains a list of FTP users, one per line. You can create this file by running the following command:
sudo nano /etc/vsftpd.userlist
Add the following line to the file:
ftpuser
Save the file and exit.
Encrypt Traffic With FTPS
If you want to encrypt the traffic between your FTP server and client, you can use FTPS. To do this, you need to edit the /etc/vsftpd.conf file and change the following lines:
#ssl_enable=NO
#allow_anon_ssl=NO
#force_local_data_ssl=NO
#force_local_logins_ssl=NO
to
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
You will also need to uncomment the following line:
#rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
Troubleshooting “connection refused” FTP connection error
If you are having trouble connecting to your FTP server, you may see a “connection refused” error. This is usually caused by a firewall blocking FTP traffic. To fix this, you need to allow FTP traffic through your firewall.
If you are using the UFW firewall, you can do this by running the following command:
sudo ufw allow ftp
If you are using another firewall, you will need to consult the documentation for instructions on how to allow FTP traffic.
Conclusion
In this article, we have shown you how to setup and use FTP server on Ubuntu Linux. We have also covered some basic configuration and security measures to get you started.
