how to install ftp server in ubuntu 20.04

Here we will install and configure vsftpd (Very Secure File Transfer Protocol Daemon) on Ubuntu.

Install vsftpd

Update the package list and dependencies for vsftpd. Then second command download and Install vsftpd.

$ sudo apt update && sudo apt install vsftpd

Check the status of vsftpd

$ sudo service vsftpd status
● vsftpd.service – vsftpd FTP server Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2020-04-27 19:35:30 IST; 13s ago Main PID: 54532 (vsftpd) Tasks: 1 (limit: 1137) Memory: 652.0K CGroup: /system.slice/vsftpd.service └─54532 /usr/sbin/vsftpd /etc/vsftpd.conf Apr 27 19:35:30 ubuntu systemd[1]: Starting vsftpd FTP server… Apr 27 19:35:30 ubuntu systemd[1]: Started vsftpd FTP server.

Configure Firewall

$ sudo ufw allow OpenSSH
$ sudo ufw allow 20/tcp
$ sudo ufw allow 21/tcp
$ sudo ufw allow 40000:50000/tcp
$ sudo ufw allow 990/tcp
$ sudo ufw enable
$ sudo ufw status
Status: active To Action From — —— —- OpenSSH ALLOW Anywhere Apache Full ALLOW Anywhere 3306 ALLOW Anywhere 20/tcp ALLOW Anywhere 21/tcp ALLOW Anywhere 40000:50000/tcp ALLOW Anywhere 990/tcp ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6) Apache Full (v6) ALLOW Anywhere (v6) 3306 (v6) ALLOW Anywhere (v6) 20/tcp (v6) ALLOW Anywhere (v6) 21/tcp (v6) ALLOW Anywhere (v6) 40000:50000/tcp (v6) ALLOW Anywhere (v6) 990/tcp (v6) ALLOW Anywhere (v6)

Create FTP User

$ sudo adduser ftpuser
$ sudo nano /etc/ssh/sshd_config
DenyUsers ftpuser
$ sudo service sshd restart

Directory Permissions

Upload to a Web Server

$ sudo usermod -d /var/www ftpuser
$ sudo chown ftpuser:ftpuser /var/www/html

 Upload to a Home Folder

$ sudo mkdir /home/ftpuser/ftp
$ sudo chown nobody:nogroup /home/ftpuser/ftp
$ sudo chmod a-w /home/ftpuser/ftp
$ sudo mkdir /home/ftpuser/ftp/files
$ sudo chown ftpuser:ftpuser /home/ftpuser/ftp/files

Configure vsftpd

$ sudo mv /etc/vsftpd.conf /etc/vsftpd.conf.bak
$ sudo nano /etc/vsftpd.conf
listen=NO
listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
force_dot_files=YES
pasv_min_port=40000
pasv_max_port=50000
user_sub_token=$USER
local_root=/home/$USER/ftp

We are done with vsftpd.conf

$ sudo systemctl restart vsftpd

Secure FTP with TLS (Recommended)

$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem
$ sudo nano /etc/vsftpd.conf
ssl_enable=YES
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
$ sudo systemctl restart vsftpd

Testing TLS with FileZilla


Leave a Reply