In this tutorial, we are going to install vsftpd and set it up for a user’s directory on Ubuntu 22.04
VSFTPD is a shortcut of a very secure FTP daemon and is an FTP server for Unix systems, including Linux. Vsftpd is the default FTP server in the Ubuntu, CentOS, and RHEL distributions. System administrators, daily, are adding new users to the systems and configuring the vsftpd to allow the user to upload files or folders only in their directories on the server. This scenario is mostly for resellers who want their users to have limited access.
Installing and configuring the vsftpd for a user’s directory on Ubuntu 22.04 is a straightforward process. Let’s get started!
Table of Contents
Prerequisites
- Fresh install of Ubuntu 22.04
- User privileges: root or non-root user with sudo privileges
Step 1. Update the System
Update the system packages to the latest versions available.
sudo apt update -y && sudo apt upgrade -y
Step 2. Install vsftpd daemon
Before we start with the configuration, we will install the VSFTPD daemon with the following commands:
sudo apt install vsftpd
Once installed, start and enable the vsftpd. service.
sudo systemctl start vsftpd.service && sudo systemctl enable vsftpd.service
Check if the service is running properly.
sudo systemctl status vsftpd.service
You should get the following output:
root@host:~# sudo systemctl status vsftpd.service ● vsftpd.service - vsftpd FTP server Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2022-09-19 21:00:12 CEST; 5min ago Main PID: 97973 (vsftpd) Tasks: 1 (limit: 4575) Memory: 856.0K CPU: 16ms CGroup: /system.slice/vsftpd.service └─97973 /usr/sbin/vsftpd /etc/vsftpd.conf
Step 3. Create User
The next step is to create a user. To do that, execute the following command:
sudo adduser developer
Execute the command, enter the password twice, hit Enter five times, and confirm the information with Y.
root@host:~# sudo adduser developer Adding user `developer' ... Adding new group `developer' (1001) ... Adding new user `developer' (1001) with group `developer' ... Creating home directory `/home/developer' ... Copying files from `/etc/skel' ... New password: Retype new password: passwd: password updated successfully Changing the user information for developer Enter the new value, or press ENTER for the default Full Name []: Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] Y
The user developer is automatically created in the /home/developer directory.
root@host:# cd /home/developer/ && ls -al total 20 drwxr-xr-x 2 developer developer 4096 Sep 19 21:27 . drwxr-xr-x 3 root root 4096 Sep 19 21:27 .. -rw-r--r-- 1 developer developer 220 Sep 19 21:27 .bash_logout -rw-r--r-- 1 developer developer 3771 Sep 19 21:27 .bashrc -rw-r--r-- 1 developer developer 807 Sep 19 21:27 .profile
Now, we will create a directory called ftp inside the home directory of the developer user.
mkdir /home/developer/ftp
Once created, set the following permissions to the ftp folder.
chown nobody:nogroup /home/developer/ftp/ chmod a-w /home/developer/ftp
Step 4. Configure FTP Access
Now, when the user is created, we can proceed to configure the FTP access.
The configuration of the VSFTPD is stored in the /etc/vsftpd.conf file. Before we make any changes, it is recommended to have a copy of the file.
cp /etc/vsftpd.conf /etc/vsftpd.conf.original
chroot_local_user=YES write_enable=YES user_sub_token=$USER local_root=/home/$USER/ftp userlist_enable=YES userlist_file=/etc/vsftpd.userlist userlist_deny=NO
Once these changes are made, save the file and restart the vsftpd service.
sudo systemctl restart vsftpd
Next is to add the developer user in the /etc/vsftpd.userlist
touch /etc/vsftpd.userlist && echo "developer" | sudo tee -a /etc/vsftpd.userlist
Step 5. Test the FTP access
Before testing the connection, we need to open some ports via the UFW service.
sudo ufw allow 20,21/tcp
Once done, check the ufw status with the same command ufw status.
root@host:~# ufw status Status: active To Action From -- ------ ---- 20,21/tcp ALLOW Anywhere 22/tcp ALLOW Anywhere 20,21/tcp (v6) ALLOW Anywhere (v6) 22/tcp (v6) ALLOW Anywhere (v6)
Now, execute the following command to log in with the developer user and password:
ftp -p server_ip_address
Enter the developer user and password. Once logged in, you will receive the following output:
root@host:~# ftp -p server_ip_address Connected to 1server_ip_address. 220 (vsFTPd 3.0.5) Name (server_ip_address:root): developer 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp>
If you try to log in with some other user that does not belong to the vsftpd user’s list, you will get the following output:
root@host:~# ftp -p server_ip_address Connected to server_ip_address. 220 (vsFTPd 3.0.5) Name (server_ip_address:root): other-user 530 Permission denied. ftp: Login failed
As you can see, permission is denied for other users. This tells us that we successfully configured the vsftpd for a user’s directory on Ubuntu 22.04
Of course, you do not have to configure this by yourself. All you need to do is sign up for one of our NVMe VPS plans and submit a support ticket. Our admins will help you with any aspect of vsftpd configuration.
If you liked this about configuring vsftpd for a users’ directory on Ubuntu 22.04, please share it with your friends on the social networks or simply leave a reply below.
doesn’t work at all.
ftp> mkdir testfolder
550 Create directory operation failed.
Make sure you set the correct permission and ownership to the directory set in local_root.
in your command
chown nobody:nogroup /home/developer/ftp/
should be
chown developer: /home/developer/ftp/
otherwise the directory ftp wouldn’t even be visible
and, why not using just:
sudo chmod 700 /home/developer/ftp
since with a-w we are not allowing to write in the ftp folder which is what we usually need when accessing to our own folder
btw, thanks for the tutorial. all the steps worked except those two