Friday, December 30, 2016

How to setup VSFTPd server in ubuntu 14.04

FTP is used to transfer files from one host to another over TCP network. There are 3 popular FTP server packages available PureFTPD, VsFTPD and ProFTPD. 

If you are login as a normal user, you have to use "sudo" before the command, only for the first time. If your in root login, you can simply use the command, without "sudo".

Step 1 » Update your repositories.
     root@digidom:~# apt-get update

Step 2 » Install VsFTPD package using the below command.
     root@digidom:~# apt-get install vsftpd

Step 3 » Check the vsftpd directories and file paths.
     root@digidom:~# whereis vsftpd

     vsftpd: /usr/sbin/vsftpd /etc/vsftpd.conf /usr/share/man/man8/vsftpd.8.gz



Step 4 » Backup the /etc/vsftpd.con file

     root@digidom:~# cp /etc/vsftpd.conf /etc/vsftpd.conf.back


Step 5 » After installation open /etc/vsftpd.conf file and make changes as follows.
     root@digidom:~# vi /etc/vsftpd.conf
     root@digidom:~# egrep -v '^#|^$' /etc/vsftpd.conf
     listen=YES
     anonymous_enable=NO
     local_enable=YES
     write_enable=YES
     dirmessage_enable=YES
     use_localtime=YES
     xferlog_enable=YES
     connect_from_port_20=YES
     secure_chroot_dir=/var/run/vsftpd/empty
     pam_service_name=vsftpd
     rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
     rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

Step 6 » Restart vsftpd service using the below command.
     root@digidom:~# service vsftpd restart

Step 7 >> Create a FTP User account.
Assign a password and feel free to press "ENTER" through the other prompts. Now, give root ownership of the ftpuser's home directory:

     root@digidom:~# sudo adduser ftpuser  

Step 8 >> Now try to connect this ftp server with the username and password on port 21 using winscp or filezilla client.
As this default configuration is not secure, you can access all directories through ftp client. Here FTP connection is working fine.

Step 9 >> To enable  chroot_local_user option to restrict users to their own home directories.
     root@digidom:~# vi /etc/vsftpd.conf
     chroot_local_user=YES

Error : 500 OOPS: vsftpd: refusing to run with writable root inside chroot(). This error for allow to write chroot.

     root@digidom:~# vi /etc/vsftpd.conf
     allow_writeable_chroot=YES

Note : If this option "allow_writesble-chroot" is enabled no need to create a Directory. If not enabled we need to create Directory on inside the user home directory and set Permissions.


Optional Setup : If not enabled allow_writeable_chroot=YES

     root@digidom:~# tail /etc/passwd | grep ftpuser
          ftpuser:x:1000:1000:,,,:/home/ftpuser:/bin/bash

     root@digidom:~# chown root:root /home/ftpuser/

     root@digidom:~# mkdir /home/ftpuser/mailbox
     root@digidom:~# chown ftpuser:ftpuser /home/ftpuser/mailbox/

     root@digidom:~# ll -d /home/ftpuser/

          drwxr-xr-x 3 root root 4096 Dec 17 04:27 /home/ftpuser/

     root@digidom:~# ll /home/ftpuser/

          drwxr-xr-x 2 ftpuser ftpuser 4096 Dec 17 04:27 mailbox/

That's it...

1 comment:

  1. FTP is very complex to set up. Binfer is a more secure alternative. See Binfer as FTP alternative

    ReplyDelete