Easy vsFTPD – FTP server with virtual users on Debian 8 Jessie

vsftp-debian8-rosehosting-vps

In this tutorial, we will show you how to easily create an FTP server with virtual users using the vsFTP daemon on Debian 8.

First things first. Update your Debian VPS:

# apt-get update && apt-get upgrade

If you don’t have Apache2 webserver or if you are using NGINX, you will have to install apache2-utils which is needed to generate passwords for the users.

# apt-get install apache2-utils

Install the vsftpd service:

# apt-get install vsftpd libpam-pwdfile

Edit the vsftpd configuration file and uncomment the bellow lines. Use vim or nano. The lines that are not present in the conf file, put them at the bottom.

# vim /etc/vsftpd.conf

listen=YES
listen_ipv6=NO
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
nopriv_user=vsftpd
chroot_local_user=YES
allow_writeable_chroot=yes
guest_username=vsftpd
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
local_root=/var/www/$USER
hide_ids=YES

# Exclude this if you are doing this guide on your own private server
seccomp_sandbox=NO 

Next, we should modify our /etc/pam.d/vsftpd file to check the users/passwords file that we are about to create.

First, create a backup of the file and then edit the existing one:

# cp /etc/pam.d/vsftpd{,.bak}

# vim /etc/pam.d/vsftpd

Remove everything from the file and add these lines instead:

auth required pam_pwdfile.so pwdfile /etc/ftpd.passwd
account required pam_permit.so

Create the main user that will be used by the virtual users to authenticate:

# useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd

Once that is done we can create our users/passwords file.
Note: The passwords used by this method can be up to 8 characters long. If you wish vsftpd to read stronger passwords you might want to search for a different pam module.

# htpasswd -cd /etc/ftpd.passwd rosetest1

Add another user and append it to the ftpd.passwd file. The -c flag is omitted here.

# htpasswd -d /etc/ftpd.passwd rosetest2

Next, add the directories for the users since vsftpd will not create them automatically.

## For rosetest1
# mkdir /var/www/rosetest1
# chown vsftpd:nogroup /var/www/rosetest1
# chmod +w /var/www/rosetest1

## For rosetest2
# mkdir /var/www/rosetest2
# chown vsftpd:nogroup /var/www/rosetest2
# chmod +w /var/www/rosetest2

Finally, start the vsftp daemon and set it to automatically start on system boot.

# systemctl start vsftpd && systemctl enable vsftpd

Check the status to make sure the service is started:

# systemctl status vsftpd
● vsftpd.service - vsftpd FTP server
Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled)
Active: active (running) since Sat 2016-12-03 11:07:30 CST; 23min ago
Main PID: 5316 (vsftpd)
CGroup: /system.slice/vsftpd.service
├─5316 /usr/sbin/vsftpd /etc/vsftpd.conf
├─5455 /usr/sbin/vsftpd /etc/vsftpd.conf
└─5457 /usr/sbin/vsftpd /etc/vsftpd.conf

Test your setup

Use FileZilla or WinSCP to login to your VPS using the users and passwords that you created previously.
Create a test directory and a test file from the clients.
On the server check that the files are successfully created with:

# ls -l /var/www/rosetest1
# ls -l /var/www/rosetest2

Of course, you don’t have to do any of this if you use one of our Linux VPS Hosting services, in which case you can simply ask our expert Linux admins to set up your FTP server. They are available 24×7 and will take care of your request immediately.

PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

Leave a Comment