Introduction:

An FTP server allows connected users to download, upload, and navigate the directories of files stored on the server.

After this server setup is complete, you will be able to access the FTP server via terminal, or by using its credentials in an FTP client like FileZilla or Cyberduck.

We'll use vsftpd as well as the native ftp command to set up a server, make it locally accessible, add a new user, and control permissions for future users.

Note down server IP

It's vital to know your server IP so you can establish an SSH connection, and then test your access to the FTP server once it's up and running.

Use the form field below to record your server IP, and we'll auto-fill it in later commands.

Establish SSH connection

Gain control of the server by opening terminal and starting an SSH connection:

ssh {{form.Server_root_username}}@{{form.Server_IP}}

Install vsftpd

Open terminal, and type:

sudo apt-get install vsftpd

Edit the vsftpd configuration file

The configuration file is stored in /etc — to edit the file, type:

$ sudo nano /etc/vsftpd.conf

Replace the contents with the text below:

# Standalone mode
listen=YES
max_clients=200
max_per_ip=4
# Access rights
anonymous_enable=YES
local_enable=NO
write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
# Security
anon_world_readable_only=NO
connect_from_port_20=YES
hide_ids=YES
pasv_min_port=50000
pasv_max_port=60000
# Features
xferlog_enable=YES
ls_recurse_enable=NO
ascii_download_enable=NO
async_abor_enable=YES
# Performance
one_process_model=YES
idle_session_timeout=120
data_connection_timeout=300
accept_timeout=60
connect_timeout=60
anon_max_rate=50000
anon_mkdir_write_enable=NO
anon_other_write_enable=NO

Press CTRL+O and hit enter, then CTRL+X to save and quit the text editor.

Test the connection with root

Open a new terminal window locally, and don't connect to the server over SSH.

Input:

ftp {{form.Server_IP}}

You'll be asked for your username at the next prompt.

Connected to 192.168.1.9.
220 (vsFTPd 3.0.3)
Name (192.168.1.9:benjamin): {{form.Server_root_username}}
331 Please specify the password.
Password:
230 Login successful.

Seeing the Login successful confirmation, you can now navigate around the FTP sever using cd and ls.

Other FTP commands include:

  • get [filename]: downloads a file
  • put [/path/to/file]: uploads a file
  • status: show current status
  • bye: terminate session

See the full list here.

Make a new user for FTP

Part of setting up the server is giving access to the necessary users. To guide you through this step, we'll set up a new user and configure permissions.

After inputting the new user's username above, follow these steps:

$ useradd {{form.New_username}}
$ passwd {{form.New_username}}

Now you have a new user you can control permissions for.

For now, this user doesn't have a home directory, which will cause vsftp to throw an error.

Before logging in as the new user, make a home directory for them.

$ cd ..
$ mkdir {{form.New_username}}

Create a user list

Create a new userlist file in /etc and open it with nano by entering the following:

$ sudo nano etc/vsftpd.allowed_users

This file should simply be a list of the users allowed access to the FTP. In your case, it'd be:

{{form.Server_root_username}}
{{form.New_username}}

Add user list to FTP config file

Now comes the part where you change the FTP configuration to only allow users with their usernames specified in vsftpd.allowed_users.

Open the vsftpd config file:

$ sudo nano /etc/vsftpd.conf

Add this block to the bottom:

#Userlist

userlist_deny=NO
userlist_enable=YES
userlist_file=/etc/vsftpd.allowed_users

Press CTRL+O and hit enter, then CTRL+X to save and quit the text editor.

Test the connection with new user

Open a new terminal window.

Type:

ftp {{form.Server_IP}}

When prompted, input the new username: {{form.New_username}} and the password.

Success!

Now, whenever you need to provide access to the FTP server to a new user, just edit the user list with:

$ sudo nano etc/vsftpd.allowed_users

And add the user's username on a new line.

Sources:

Sign up for a FREE account and
search thousands of checklists in our library.

Sign up for a FREE account and search thousands of checklists in our library.