Step By Step to install & configure vsftpd on ubuntu 20.04

Alwin John
September 28, 2022

Step By Step to install & configure vsftpd on ubuntu 20.04

Hello, In this blog we are discussing how to setup vsftpd on ubuntu system.FTP stands for file transfer protocol,which is used for uploading/downloading files between two computers over a network.FTP is insecure protocol, because it transmits data together with user credentials (username and password) without encryption.If we want to use FTP ,consider configuring FTP connection with SSL/TLS,otherwise, it’s better to use secure FTP such as SFTP.

There are some steps to install,configure & secure a FTP server called vsfptd (Very Secure File Transfer Protocol Daemon):

Step 1: Update the System.

apt update

Step 2: Install vsftpd on system.

apt install vsftpd

Type y & press Enter.
Here is the command output.

Step 3: Start & enable the vsftpd service.

systemctl start vsftpd systemctl enable vsftpd

Here is the command output.

Check the vsftpd status.

systemctl status vsftpd

Here is the command output.

Step 4: Create a backup file of default configuration file.

cp /etc/vsftpd.conf /etc/vsftpd.conf_default

Step 5: Create a FTP user.

useradd -m user-name

Set the password.

passwd user-name

Provide the password.
Here is the command output.

Step 6: Enable the following port number in UFW firewall.

ufw allow 20/tcp ufw allow 21/tcp

Here is the command output.

Step 7: Login to FTP Server.

ftp name-of-system

After connected to ftp server.
Login to created user.

ftp>user-name

Provide the password.
Here is the command output.

Configuring and Securing vsftpd Server

Step 8: Create or change a ftp home directory.By default, the FTP server uses the /srv/ftp directory as the default directory.

mkdir /srv/ftp/test usermod -d /srv/ftp/test ftp

Restart the vsftpd service.

systemctl restart vsftpd.service

Here is the command output.

Authenticate FTP Users

Step 9: Open a vsftpd configuration file.

vim /etc/vsftpd.conf

Edit or un-comment the following lines:

write_enable=YES

Here is the command output.

Restart the vsftpd service.

systemctl restart vsftpd.service

Method 1: Securing FTP

Step 10: Open a vsftpd configuration file.

vim /etc/vsftpd.conf

To limit users to their home directory & Create a User List File.
Edit or un-comment the following lines:

chroot_local_user=YES chroot_list_file=/etc/vsftpd.chroot_list

Here is the command output.

Restart the vsftpd service.

systemctl restart vsftpd.service

Once Chroot_local_user is enabled then we can not able to login ftp user.
Here is the command output.

Step 11: By default, the list of blocked users from FTP access is stored in /etc/ftpusers.

To add blocked users, edit this file and add one user per line.

vim /etc/ftpusers

Here is the command output.

Method 2: secure FTP server is to encrypt the traffic.

Step 12: Creating a new certificate with openssl.

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem

Provide the required information.
Here is the command output.

Open the vsftpf config file.

vim /etc/vsftpd.conf

SSL_Enable is set to YES.
Edit or add the following lines:

ssl_enable=YES rsa_cert_file=/etc/ssl/private/vsftpd.pem rsa_private_key_file=/etc/ssl/private/vsftpd.pem allow_anon_ssl=NO force_local_data_ssl=YES force_local_logins_ssl=YES ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO require_ssl_reuse=NO ssl_ciphers=HIGH pasv_min_port=40000 pasv_max_port=50000

Here is the command output.

Restart the vsftpd service.

systemctl restart vsftpd.service

Step 13: Now,login to FTP user.We can not able to login FTP Users.

Leave a Reply Cancel reply

You must be logged in to post a comment.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others