How to Install vsftpd on Ubuntu
Posted: Mon Jul 01, 2013 1:48 pm
This tutorial focuses on how to setup vsftpd server on your linux based VPS or a dedicated server. The vsftpd stands for “Very Secure FTP Daemon”. It is not just secure as the name suggests but also delivers excellent performance by consuming less memory. The tutorial also teaches you how to configure by adding ftp users and locking the directory to individual users.
Now that you’ve installed vsftpd, follow this procedure to configure it.
Now edit the config file
We don’t want anonymous login:
Enable local users:
The ftpuser should be able to write data:
Chroot everyone:
set umask to 022 to make sure that all the files (644) and folders (755) you upload get the proper permissions.
Add this too, as linux has passive ftp and you want to access it outside the local network.
Now that basic configuration is complete, now let us begin with locking / securing a directory to user.
Setup a password for the user:
In order to enable the ftpuser read and write the data in your home dir, change the permission and take ownership:
Create userlist file and add the user:
and add the user:
After completing all these procedures it is almost ready to use it, give it a try but you will get a 500 OOPS permission denied error. To fix it you need to add a nologin to the shell set.
Add this line at the end:
Now create a usergroup and add the ftpuser to it:
One final thing, to access from outside network and avoid : 530 login error do this
Comment the second line below :
Now start the vsftpd:
That’s it. Now you have a secure installation of vsftpd on your server.
[ Only complete solution on Ultimate Edition Forum and this works because i tried it myself and put together the solutions for many errors. ]
Local Login :
Web Login :
- Code: Select all
sudo apt-get install vsftpd
Now that you’ve installed vsftpd, follow this procedure to configure it.
- Code: Select all
sudo service vsftpd stop
Now edit the config file
- Code: Select all
nano /etc/vsftpd.conf
We don’t want anonymous login:
- Code: Select all
anonymous_enable=NO
Enable local users:
- Code: Select all
local_enable=YES
The ftpuser should be able to write data:
- Code: Select all
write_enable=YES
Chroot everyone:
- Code: Select all
chroot_local_user=YES
set umask to 022 to make sure that all the files (644) and folders (755) you upload get the proper permissions.
- Code: Select all
local_umask=022
Add this too, as linux has passive ftp and you want to access it outside the local network.
- Code: Select all
# My Config
pasv_enable=YES
pasv_addr_resolve=YES
#user ddns address
pasv_address=ueftptest.no-ip.org
#choose and range you like
pasv_min_port=4242
pasv_max_port=4252
# the list of users to give access
userlist_file=/etc/vsftpd.userlist
# this list is on
userlist_enable=YES
# It is not a list of users to deny ftp access
userlist_deny=NO
#one more
allow_writeable_chroot=YES
seccomp_sandbox=NO
Now that basic configuration is complete, now let us begin with locking / securing a directory to user.
- Code: Select all
sudo useradd -d /var/www/path/to/your/dir -s /usr/sbin/nologin ftpuser
Setup a password for the user:
- Code: Select all
sudo passwd ftpuser
In order to enable the ftpuser read and write the data in your home dir, change the permission and take ownership:
- Code: Select all
sudo chown -R ftpuser /var/www/path/to/your/dir
sudo chmod 775 /var/www/path/to/your/dir
Create userlist file and add the user:
- Code: Select all
sudo nano /etc/vsftpd.userlist
and add the user:
- Code: Select all
ftpuser
After completing all these procedures it is almost ready to use it, give it a try but you will get a 500 OOPS permission denied error. To fix it you need to add a nologin to the shell set.
- Code: Select all
sudo nano /etc/shells
Add this line at the end:
- Code: Select all
/usr/sbin/nologin
Now create a usergroup and add the ftpuser to it:
- Code: Select all
sudo addgroup ftpusers
sudo usermod -Gftpusers ftpuser
One final thing, to access from outside network and avoid : 530 login error do this
- Code: Select all
sudo nano /etc/pam.d/vsftpd
Comment the second line below :
- Code: Select all
# Standard behaviour for ftpd(8).
#auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers$
Now start the vsftpd:
- Code: Select all
service vsftpd start
That’s it. Now you have a secure installation of vsftpd on your server.
[ Only complete solution on Ultimate Edition Forum and this works because i tried it myself and put together the solutions for many errors. ]
Local Login :
Web Login :