How to Install FTP Server on Ubuntu 20.04

FTP stands for File Transfer Protocol is a network protocol used to transfer files to and from the remote system. Generally, it is used by website owners to build, update and maintain websites. IT provides an easier way to download, upload, and transfer files from one system to another over the internet. In this article we will look at how to install FTP Server on Ubuntu 20.04.

There are many open-source FTP servers available for Linux including, ProFTPD, vsFTPD, and PureFTPD. Among them, vsFTPD is a fast, stable and secure FTP server. It helps to make files more accessible with a more friendly interface than FTP applications.

Features of vsFTPD

  • Virtual users
  • Bandwidth throttling
  • Per-source-IP limits
  • Per-source-IP configurability
  • Encryption support through SSL integration
  • Standalone or inetd operation
  • Virtual IP configurations

In this post, we will show you how to set up an FTP server with vsFTPD and secure it with SSL on Ubuntu 20.04.

Also Read

How to Install FTP Server on AWS running on Windows Server

Install vsFTPD

By default, the vsFTPD package is included in the Ubuntu operating system. You can install it by just running the following command:

				
					apt-get install vsftpd -y
				
			

Once the vsFTPD package is installed, start the vsFTPD service and enable it to start after system reboot:

				
					systemctl start vsftpd
systemctl enable vsftpd
				
			

You can now verify the status of the vsFTPD using the command below:

				
					systemctl status vsftpd
				
			

Sample output:

				
					● vsftpd.service - vsftpd FTP server
     Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2021-08-24 06:01:30 UTC; 6s ago
   Main PID: 1116 (vsftpd)
      Tasks: 1 (limit: 2353)
     Memory: 620.0K
     CGroup: /system.slice/vsftpd.service
             └─1116 /usr/sbin/vsftpd /etc/vsftpd.conf

Aug 24 06:01:30 ubuntuhost systemd[1]: Starting vsftpd FTP server...
Aug 24 06:01:30 ubuntuhost systemd[1]: Started vsftpd FTP server.
				
			

By default, vsFTPD listens on port 21. You can check it using the following command:

				
					ss -antpl | grep vsftpd
				
			

Sample output:

				
					LISTEN    0         32                       *:21                     *:*        users:(("vsftpd",pid=1116,fd=3))
				
			

Configure vsFTPD

The vsFTPD server default configuration file is located at /etc/vsftpd.conf. You will need to edit this file in order to configure a fully-functional FTP server.

				
					nano /etc/vsftpd.conf
				
			

First, uncomment and change the following lines to allow access to the FTP server only to the local users:

				
					anonymous_enable=NO
local_enable=YES
				
			

Uncomment and change the following line to grant upload and remove file permission:

				
					write_enable=YES
				
			

Uncomment and change the following line to prevent local FTP users to access files outside of their home directories.

				
					chroot_local_user=YES
allow_writeable_chroot=YES
				
			

Uncomment and change the following line to enable passive FTP connections.

				
					pasv_min_port=30000
pasv_max_port=31000
				
			

Uncomment or add the following lines to configure vsftpd to permit only certain users to log in.

				
					userlist_enable=YES
userlist_file=/etc/vsftpd.user_list
userlist_deny=NO
				
			

Save and close the file then restart the vsFTPD service to apply the configuration changes:

				
					systemctl restart vsftpd
				
			

Create FTP User

Next, you will need to create a user to test the FTP server. To create a new user named ftpuser, run the following command:

				
					adduser ftpuser
				
			

Set the ftpuser password as shown below:

				
					Adding user `ftpuser' ...
Adding new group `ftpuser' (1000) ...
Adding new user `ftpuser' (1000) with group `ftpuser' ...
Creating home directory `/home/ftpuser' ...
Copying files from `/etc/skel' ...
New password: 
Retype new password: 
passwd: password updated successfully
Changing the user information for ftpuser
Enter the new value, or press ENTER for the default
	Full Name []: 
	Room Number []: 
	Work Phone []: 
	Home Phone []: 
	Other []: 
Is the information correct? [Y/n] Y
				
			

Next, add ftpuser to the allowed FTP users list:

				
					echo ftpuser > /etc/vsftpd.user_list
				
			

Next, create some files inside the ftpuser home directory and set proper ownership:

				
					touch /home/ftpuser/file1.xtx
touch /home/ftpuser/file2.xtx
chown -R ftpuser:ftpuser /home/ftpuser/
				
			

Finally, restart the vsFTPD service using the following command:

				
					systemctl restart vsftpd
				
			

Configure UFW Firewall

If the UFW firewall is installed and configured in your system then you will need to allow FTP ports 20, 21, 30000-31000 and OpenSSH port 22 through the UFW.

You can allow all ports using the following command:

				
					ufw allow OpenSSH
ufw allow 20:21/tcp
ufw allow 30000:31000/tcp
				
			

Next, run the following command to reload the firewall:

				
					ufw disable
ufw enable
				
			

You can now check the status of the firewall using the following command:

				
					ufw status
				
			

Sample output:

				
					Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
20:21/tcp                  ALLOW       Anywhere                  
30000:31000/tcp            ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)             
20:21/tcp (v6)             ALLOW       Anywhere (v6)             
30000:31000/tcp (v6)       ALLOW       Anywhere (v6)  
				
			

Test FTP Server

At this point, the vsFTPD server is installed and configured. Now, its time to test it from the remote machine.

Test Using CLI Method

Log in to the remote Linux machine, open your command line terminal and run the following command to connect the FTP server:

				
					ftp 45.58.40.129
				
			

You will be asked to provide FTP user and password as shown below:

				
					Connected to 45.58.40.129.
220 (vsFTPd 3.0.3)
Name (45.58.40.129:vyom): ftpuser
331 Please specify the password.
Password:
				
			

After the successful authentication, you should get an FTP shell:

				
					230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.

ftp>
				
			

Now, run the following command to list all files on the FTP server:

				
					ftp> ls
				
			

You should see all files located on the FTP server in the following output:

				
					200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r--    1 1000     1000            0 Aug 24 06:10 file1.xtx
-rw-r--r--    1 1000     1000            0 Aug 24 06:10 file2.xtx
226 Directory send OK.
ftp> 
				
			

Note: 45.58.40.129 is the IP address of the FTP server.

Test Using GUI Method

On the remote Linux machine, open the file manager, press CTRL + L, type the URL ftp://45.58.40.129 and hit Enter as shown below:

access FTP

You should see the FTP connection configuration screen:

Provide your FTP username, password and click on the Connect button. Once you are connected to the FTP server. You should see the following screen:

Secure FTP with SSL/TLS

It is a good idea to secure the FTP transmissions using SSL/TLS. To do so, you will need to generate an SSL certificate and configure the vsFTPD server to use it. Here, we will generate a self-signed SSL certificate.

You can generate a self-signed SSL certificate using the following command:

				
					openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem
				
			

Provide all required information as shown below:

				
					Generating a RSA private key
.....+++++
....................................................................................................................................................................................................................+++++
writing new private key to 'https://net.cloudinfrastructureservices.co.uk/etc/ssl/private/vsftpd.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:GUJ
Locality Name (eg, city) []:JND
Organization Name (eg, company) [Internet Widgits Pty Ltd]:IT
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:server
Email Address []:admin@example.com
				
			

Next, edit the vsFTPD main configuration file and define your SSL certificate path:

				
					nano /etc/vsftpd.conf
				
			

Add or Change the following lines:

				
					ssl_enable=YES
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_ciphers=HIGH
				
			

Save and close the file then restart the vsFTPD service to apply the changes:

				
					systemctl restart vsftpd
				
			

Verify Secure FTP Connection

To verify the secure FTP connection, you will need to install the FileZilla FTP client on Linux or Windows machine.

After installing FileZilla, launch the FileZilla client as shown below:

open filezilla

Click on the Site Manager to create a new FTP connection as shown below:

Provide your FTP server IP, Port, Protocol, Username, and click on the Connect button. You will be asked to provide a password for the FTP server:

Provide your FTP password and click on the OK button. You should see the SSL certificate warning screen:

Check “Always trust certificate in future sessions” and click on the OK button. Once you are connected, you should see the FTP server content on the right side of the screen:

filezilla FTP connection success

Conclusion

In the above guide, we explained how to set up an FTP server with vsFTPD on Ubuntu 20.04. We also explained how to secure an FTP connection with SSL/TLS and also verify the FTP from the remote machine. I hope you can now easily set up your own FTP server easily.

Avatar for Hitesh Jethva
Hitesh Jethva

I am a fan of open source technology and have more than 10 years of experience working with Linux and Open Source technologies. I am one of the Linux technical writers for Cloud Infrastructure Services.

5 1 vote
Article Rating
Subscribe
Notify of
0 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x