This tutorial focuses on how to setup vsftpd server on your linux based VPS or a dedicated server. The vsftpd stands for “Very Secure FTP Daemon”. It is not just secure as the name suggests but also delivers excellent performance by consuming less memory. The tutorial also teaches you how to configure by adding ftp users and locking the directory to individual users.
You can install vsftpd on Ubuntu / Debian, CentOS /Fedora and RHEL linux.
Installing vsftpd on Ubuntu or Debian
sudo apt-get install vsftpd
Installing vsftpd on CentOS / Fedora
yum install vsftpd
How to configure vsftpd:
Now that you’ve installed vsftpd, follow this procedure to configure it. These steps applies for both the linux variants.
Before you get started, stop the vsftpd by typing:
service vsftpd stop
Edit the vsftp.conf
In Ubuntu / Debian:
vi /etc/vsftpd.conf
In Red Hat / CentOS
vi /etc/vsftpd/vsftpd.conf
Make the following changes:
We don’t want anonymous login:
anonymous_enable=NO
Enable local users:
local_enable=YES
The ftpuser should be able to write data:
write_enable=YES
Port 20 need to turned off, makes vsftpd run less privileged:
connect_from_port_20=NO
Chroot everyone:
chroot_local_user=YES
set umask to 022 to make sure that all the files (644) and folders (755) you upload get the proper permissions.
local_umask=022
Now that basic configuration is complete, now let us begin with locking / securing a directory to user.
sudo useradd -d /var/www/path/to/your/dir -s /usr/sbin/nologin ftpuser
Setup a password for the user:
sudo passwd ftpuser
In order to enable the ftpuser read and write the data in your home dir, change the permission and take ownership:
sudo chown -R ftpuser /var/www/path/to/your/dir
sudo chmod 775 /var/www/path/to/your/dir
Create userlist file and add the user:
Ubuntu / Debian:
vi /etc/vsftpd.userlist
CentOS / Fedora
vi /etc/vsftpd/vsftpd.userlist
and add the user:
ftpuser
save the file and open the vsftp.conf file again:
vi /etc/vsftpd.conf
Add the following lines at the end of the file and save it:
# the list of users to give access
userlist_file=/etc/vsftpd.userlist# this list is on
userlist_enable=YES# It is not a list of users to deny ftp access
userlist_deny=NO
After completing all these procedures it is almost ready to use it, give it a try but you will get a 500 OOPS permission denied error. To fix it you need to add a nologin to the shell set.
vi /etc/shells
The file should look like this:
/bin/ksh
/usr/bin/rc
/usr/bin/tcsh
/bin/tcsh
/usr/bin/esh
/bin/dash
/bin/bash
/bin/rbash
Add this line at the end:
/usr/sbin/nologin
Now create a usergroup and add the ftpuser to it:
sudo addgroup ftpusers
sudo usermod -Gftpusers ftpuser
Now start the vsftpd:
service vsftpd start
That’s it. Now you have a secure installation of vsftpd on your server.
Janeth Kent
Licenciada en Bellas Artes y programadora por pasión. Cuando tengo un rato retoco fotos, edito vídeos y diseño cosas. El resto del tiempo escribo en MA-NO WEB DESIGN END DEVELOPMENT.
MENSAJE
We use our own and third-party cookies to improve our services, compile statistical information and analyze your browsing habits. This allows us to personalize the content we offer and to show you advertisements related to your preferences. By clicking "Accept all" you agree to the storage of cookies on your device to improve website navigation, analyse traffic and assist our marketing activities. You can also select "System Cookies Only" to accept only the cookies required for the website to function, or you can select the cookies you wish to activate by clicking on "settings".
Accept All Only sistem cookies ConfigurationManage Consent Preferences
Strictly necessary cookies
These cookies are necessary for the website to function and cannot be disabled on our systems. They are generally only set in response to your actions in requesting services, such as setting your privacy preferences, logging in or completing forms. You can set your browser to block or alert you to these cookies, but some areas of the site will not work. These cookies do not store any personally identifiable information
Performance Cookies
These cookies allow us to count visits and traffic sources so that we can assess the performance of our site and improve it. They help us know which pages are the most or least visited, and how visitors navigate the site. All information collected by these cookies is aggregated and therefore anonymous. If you do not allow these cookies to be used, we will not know when you visited our site and will not be able to assess whether it worked properly
Functional Cookies
These cookies allow the website to provide better functionality and customization. They may be set by our company or by external providers whose services we have added to our pages. If you do not allow these cookies to be used, some of these services may not function properly
Targeted Cookies
These cookies may be set through our site by our advertising partners. They may be used by those companies to profile your interests and display relevant ads on other sites. They do not directly store personal information, but are based on the unique identification of your browser and Internet device. If you do not allow these cookies to be used, you will see less targeted advertising