Install and Setup vsftpd on Ubuntu 14.04

Introduction

FTP (File Transfer Protocol) is a standard network protocol used to transfer computer files from one host to another host over a TCP-based network, such as the Internet.

In this tutroial we will Install and setup vsftpd on Ubuntu 14.04

Beware: All FTP data is not encrypted and is insecure. All transfers and data are in plain text, this includes passwords commands etc. You should secure your FTP connection with SSL/TLS. Prerequisites

Ubuntu 14.04

Root Shell Access Step 1 - Update System

As always, update your installation before installing any new packages:

sudo apt-get update

Step 2 - Install the vsftpd package

sudo apt-get install vsftpd

Step 3 - Configure vsftpd

Edit the configuration file:

sudo nano  /etc/vsftpd.conf

Change the anonymous_enable setting to NO, to disallow anonymous, users to access FTP:

anonymous_enable=NO

Change local_enable setting to YES, to allow local users to login.

local_enable=YES

To allow local users to be able to write to a directory, change the write_enable setting to YES:

write_enable=YES

Local users will be denied access to any other areas of the server and will be ‘chroot jailed’ . Change the chroot_local_user setting to YES:

chroot_local_user=YES

Step 4 - Restart the service:

service vsftpd restart

Secure FTP ( SFTP )

SFTP (“Secure FTP” ) is an SSH File Transfer Protocol . To use this we need theopenssh-server, install the server by entering:

sudo apt-get install openssh-server

Step 7 Create a new group for FTP users.

sudo groupadd accessftp

Step 8

You now need to make changes to the /etc/ssh/sshd_config file. Find and comment out the lfollowing:

Subsystem sftp /usr/lib/openssh/sftp-server

Add the following at the end of the file.

Subsystem sftp internal-sftp
Match group ftpaccess
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

Step 9 - Restart the sshd service.

sudo service ssh restart

Step 10 - Creating Users for SFTP access.

Create the user webcore with accessftp group and /usr/bin/nologin shell.

sudo useradd -m webcore -g ftpaccess -s /usr/sbin/nologin
sudo passwd webcore
sudo chown root /home/webcore
sudo mkdir /home/webcore/my_folder
sudo chown webcore:accessftp /home/webcore/my_folder

You can now try to connect to the server using SFTP ( on port:22 not 21 ). You should then test that users can upload files to the 'my_folder' directory and do not have access other folders other than the home directory. Using FTP and SFTP together

If you want use both FTP and SFTP, perform above steps during the user creation process . Any existing users should be moved to the accessftp group. Folder structure should be created and ownership changes should be made:

sudo usermod webcore -g ftpaccess -s /usr/sbin/nologin sudo chown root /home/webcore sudo mkdir /home/webcore/my_folder sudo chown webcore:accessftp /home/webcore/my_folder

Thats it! Now the user webcore can upload files to the my_folder directory using both FTP and SFTP.