How to Setup and Use FTP Server in Ubuntu Linux

Introduction

In this article, we’ll show you how to set up and use FTP server on Ubuntu Linux. We’ll also cover some basic configuration and security measures to get you started.

Update System Packages

Before you begin, it’s always a good idea to update your system packages to the latest version. You can do this by running the following commands:

sudo apt-get update
sudo apt-get upgrade

Install vsftpd Server on Ubuntu

Now that your system is up to date, you can install the vsftpd server package by running the following command:

sudo apt-get install vsftpd

Backup Configuration Files

Before making any changes to the configuration files, it’s always a good idea to make a backup in case something goes wrong. You can do this by running the following command:

sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak

Create FTP User

Now that the vsftpd server is installed, you need to create a user that will be used to connect to the server. You can do this by running the following command:

sudo adduser ftpuser

You will be prompted to enter a password for the user. Once the user is created, you need to add them to the FTP group by running the following command:

sudo usermod -a -G ftp ftpuser

Configure Firewall to Allow FTP Traffic

If you have a firewall enabled on your Ubuntu server, you need to allow FTP traffic through it. You can do this by running the following command:

sudo ufw allow ftp

Connect to Ubuntu FTP Server

Now that the server is configured, you can connect to it using your FTP client. For this example, we will be using the Filezilla client.

First, open Filezilla and click on the “Site Manager” icon.

Next, click on the “New Site” button and enter the following information:

  • Host: Enter the IP address or hostname of your server
  • Port: Enter 21
  • Protocol: Select “FTP – File Transfer Protocol”
  • Encryption: Select “Only use plain FTP (insecure)”
  • Logon Type: Select “Normal”
  • User: Enter the FTP username you created earlier
  • Password: Enter the FTP user’s password

Now click on the “Connect” button and you should be connected to your FTP server.

How to connect to FTP server via command line

If you prefer to use the command line, you can connect to your FTP server by running the following command:

ftp hostname

You will be prompted for the FTP user’s password. Once you are logged in, you will be at the FTP prompt where you can enter various commands. Type help to see a list of available commands.

How to connect to FTP server via GUI

If you are using a Linux desktop, you can connect to your FTP server using a GUI client such as Filezilla or Nautilus.

To connect using Filezilla, open the program and click on the “Site Manager” icon.

Next, click on the “New Site” button and enter the following information:

  • Host: Enter the IP address or hostname of your server
  • Port: Enter 21
  • Protocol: Select “FTP – File Transfer Protocol”
  • Encryption: Select “Only use plain FTP (insecure)”
  • Logon Type: Select “Normal”
  • User: Enter the FTP username you created earlier
  • Password: Enter the FTP user’s password

Now click on the “Connect” button and you should be connected to your FTP server.

To connect using Nautilus, open the program and click on the “File” menu, then select “Connect to Server”.

In the “Server Address” field, enter the following information:

  • Service type: Select “FTP”
  • Server: Enter the IP address or hostname of your server
  • Port: Enter 21
  • Username: Enter the FTP username you created earlier
  • Password: Enter the FTP user’s password

Now click on the “Connect” button and you should be connected to your FTP server.

Configuring and Securing Ubuntu vsftpd Server

Now that you have a basic FTP server up and running, let’s look at some of the configuration options that are available.

Change Default Directory

By default, the vsftpd server will change your directory to the /var/ftp directory when you login. If you want to change this, you can edit the /etc/vsftpd.conf file and change the following line:

#chroot_local_user=YES

to

chroot_local_user=YES

You will also need to create the new directory that you want to use. For example, if you want to use the /home/ftpuser directory, you can do this by running the following command:

sudo mkdir /home/ftpuser

Authenticate FTP Users

By default, the vsftpd server will allow anyone to login with any username and password. If you want to restrict access to only certain users, you can edit the /etc/vsftpd.conf file and change the following line:

#anon_upload_enable=YES

to

anon_upload_enable=NO

You will also need to uncomment the following line:

#local_enable=YES

How to configure anonymous FTP login

If you want to allow anonymous FTP login, you can edit the /etc/vsftpd.conf file and change the following line:

#anon_upload_enable=YES

to

anon_upload_enable=YES

You will also need to uncomment the following line:

#anon_mkdir_write_enable=YES

How to change the default FTP listening port

By default, the vsftpd server listens on port 21 for FTP traffic. If you want to change this, you can edit the /etc/vsftpd.conf file and change the following line:

#listen=YES

to

listen=NO

You will also need to uncomment the following line and enter the new port number:

#listen_port=

Securing FTP

One of the most important things you can do to secure your FTP server is to encrypt the traffic. You can do this by using SSL/TLS. To do this, you need to generate a self-signed SSL certificate by running the following command:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem

You will be prompted to enter some information about your certificate. Once the certificate is generated, you need to edit the /etc/vsftpd.conf file and change the following lines:

#ssl_enable=NO
#rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

to

ssl_enable=YES
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem

You will also need to uncomment the following line:

#force_local_data_ssl=YES

Limit User Access

If you want to limit the access that users have to your FTP server, you can create a user list file. To do this, you need to edit the /etc/vsftpd.conf file and change the following line:

#userlist_deny=NO

to

userlist_deny=YES

You will also need to uncomment the following line and enter the path to your user list file:

#userlist_file=/etc/vsftpd.userlist

The user list file is a simple text file that contains a list of FTP users, one per line. You can create this file by running the following command:

sudo nano /etc/vsftpd.userlist

Add the following line to the file:

ftpuser

Save the file and exit.

Encrypt Traffic With FTPS

If you want to encrypt the traffic between your FTP server and client, you can use FTPS. To do this, you need to edit the /etc/vsftpd.conf file and change the following lines:

#ssl_enable=NO
#allow_anon_ssl=NO
#force_local_data_ssl=NO
#force_local_logins_ssl=NO

to

ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES

You will also need to uncomment the following line:

#rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem

Troubleshooting “connection refused” FTP connection error

If you are having trouble connecting to your FTP server, you may see a “connection refused” error. This is usually caused by a firewall blocking FTP traffic. To fix this, you need to allow FTP traffic through your firewall.

If you are using the UFW firewall, you can do this by running the following command:

sudo ufw allow ftp

If you are using another firewall, you will need to consult the documentation for instructions on how to allow FTP traffic.

Conclusion

In this article, we have shown you how to setup and use FTP server on Ubuntu Linux. We have also covered some basic configuration and security measures to get you started.