An FTP (File Transfer Protocol) server is a protocol and service that runs on a system or server, allowing users to transfer files between a client (device or software used to connect to the server) and a remote server over a network, typically internet. Configuring an FTP server provides a platform for downloading files from a remote or a local server and uploading them to the server.
An FTP server is responsible for organizing, storing, and facilitating the exchange of files between users or systems. The primary goal of an FTP server is to facilitate efficient and reliable transmission between the client and a remote server. Ubuntu Linux, by default, supports a wide range of FTP server software packages and clients. The Linux terminal and the Ubuntu graphical user interface (GUI) also function as FTP clients. If you want to create FTP server in Ubuntu, vsftpd is a good option because it is a widely used FTP server package that is compatible with all Linux distributions. Following the instructions of this tutorial, you’ll create a fully functional FTP server in Ubuntu Linux, ready to be used for backups, websites, data synchronization, file sharing, and more.
Advantages of configuring Ubuntu FTP Server
Configuring FTP server in Ubuntu provides multiple advantages, especially in file sharing and network file transfers. Here are some of the benefits of setting up Ubuntu FTP server :
Efficient File Transfer and Sharing: An FTP server is one of the efficient and cost-effective methods for sharing files, exchanging data, distributing files, and facilitating collaboration among a large number of users.
Remote Backup: FTP servers are used for remote backup solutions. An FTP server allows you to securely store copies of essential files off-site, ensuring the protection of your data in case of hardware failures or other unforeseen events.
Website Hosting and Web File Management: An FTP server is a suitable method for uploading and managing website files, making them accessible to visitors via the Internet.
User Access Control: FTP servers allow for customizable control and management of access to sensitive files and data. This enables you to configure user accounts with different permission levels and control who can read, write, or delete files on the server. As a result, FTP servers provide reporting capabilities to track who accessed which files at what times, serving security and compliance purposes.
User Authentication: FTP servers can be configured to require user authentication for accessing and transferring files, ensuring that only authorized users can access files. This adds a layer of security to file sharing.
Centralized File Storage: FTP servers provide a centralized location for file storage and access control, improving file organization and access control in business or organizational environments.
Automation: FTP servers are customizable, allowing you to automate them using scripts or specialized software, making scheduling regular file transfers and backups easier.
Support for Large Files: Transferring large files using FTP server is much simpler than other methods like email.
Public and Private Access: You can configure the FTP server in a way that it provides public access for sharing files with a wide audience without the need for specific permissions or user accounts, or you can restrict it to private access for internal use.
Prerequisites to Create FTP Server in Ubuntu
- To host the FTP service, you need an Ubuntu VPS. Also, ensure your Ubuntu VPS is properly configured, up-to-date, and has a static IP address.
- You should have a user account with sudo privileges.
- You should have access to the Linux terminal (using the keyboard shortcuts Ctrl-Alt-T).
- To test and connect to the FTP service, you will need an FTP client, such as a command-line FTP client, or a graphical one like FileZilla.
9 Steps to Configure FTP Server in Linux Ubuntu
The process of creating an FTP server in Ubuntu is straightforward. Follow the steps below to set up an FTP server in Ubuntu:
1. Update the Ubuntu system’s package list
Always keeping your system’s package list and repositories up to date is a good practice. Open the Linux terminal and run the following command:
sudo apt update
2. Install vsftpd
To create FTP server, you need to install FTP server software, which vsftpd is one of the most common FTP tools in Ubuntu. You can install vsftpd using the Ubuntu package manager (apt):
sudo apt install vsftpd
3. Start and Enable vsftpd
The following commands will start and enable vsftpd at boot time:
sudo systemctl start vsftpd sudo systemctl enable vsftpd
4. Back up configuration files
Run this command to create a backup of your configuration files before making any changes:
sudo cp /etc/vsftpd.conf /etc/vsftpd.conf_default
5. Configure and secure vsftpd
vsftpd configuration file is located at /etc/vsftpd.conf. Edit the vsftpd configuration file using your favorite editor such as Nano or Vim:
sudo nano /etc/vsftpd.conf
Then make the following changes in the configuration file:
- To prevent unauthorized users from accessing your FTP server, set anonymous_enable to NO:
- Allow the “local” user to log in by editing the following line in the configuration file content:
- Enable write permissions for local and authorized users by setting write_enable to YES:
- To restrict local users to their home directories, uncomment the “chroot_local_user” line:
- To enhance security, you can change the default FTP server port (port 21) by modifying the “listen_port” parameter (optional).
After editing the configuration file to apply the changes, restart the vsftpd service:
sudo systemctl restart vsftpd
sudo systemctl restart vsftpd.service
6. Create FTP User Accounts
Your Ubuntu FTP server is now ready to fulfill your needs. It’s time to create new user accounts to access the FTP server and ensure the existence of their home directories. You have the option of creating FTP-only users or using existing Linux users.
To create an FTP-only user named “ftpuser,” run the following command:
sudo useradd -m ftpuser
Then, to set a password for the user account “ftpuser,” use the following command:
sudo passwd ftpuser
7. Set Permissions
To ensure that the home directories of your FTP users are configured with the correct permissions, use the chown command to change the ownership of the home directory. For example, let’s assume the user’s home directory is /home/ftpuser:
sudo chown -R ftpuser:ftpuser /home/ftpuser
chown command with the -R option changes ownership recursively for all files and subdirectories within a directory.
To ensure everything is working correctly, you can save a file in the “ftpuser’s” home directory and then verify that you can see the file after logging in to the FTP server. This action will confirm that you have correctly configured the FTP server and set the correct permissions for the home directories of your FTP users.
8. Firewall Configuration (if applicable)
If Ubuntu’s built-in firewall is active, by default, incoming FTP traffic is blocked. To Remove this restriction, you need to allow the FTP port in the firewall. If you haven’t changed the default ports for the FTP server (ports 20 and 21), use the following command to create an exception to allow the default FTP ports in the UFW firewall:
sudo ufw allow 20/tcp sudo ufw allow 21/tcp
If you are using another firewall, follow the instructions related to your firewall to allow listening ports for the FTP service.
To save the changes in the firewall configuration, restart the vsftpd service:
sudo systemctl restart vsftpd
9. Connect to FTP Server
To connect to an Ubuntu FTP server, you need an FTP client. FTP client services like ftp in the command line or graphical FTP clients like Filezilla are used to connect to the FTP server. It depends on your preference which option makes it easier for you to connect to the FTP server.
Connecting to the Ubuntu FTP server using the terminal
If you haven’t installed the default FTP client on your system, run the following command:
sudo apt install ftp
This command locates and downloads the ftp package from your system’s repositories, installing the package along with its necessary dependencies. After the installation is complete, the FTP client provided by the ftp package is available to transfer files to and from the FTP server.
You can now connect to the FTP server using your Ubuntu server’s IP address or hostname. To do this, run the following command:
sudo ftp your_ubuntu_server_ip
Instead of your_ubuntu_server_ip, replace it with the IP address or hostname of your Ubuntu FTP server. Then, you will be prompted to enter the username and password you recently set for your new user account to log in to the FTP server.
After connecting to the Ubuntu FTP server, you can use various commands to interact with the server. For example, if you had created a test file in the home directory for testing purposes, to check proper permissions and list files and directories, run the following command:
Connecting to the Ubuntu FTP server using a Graphical FTP Client
One of the best FTP client for Ubuntu is FileZilla. If you haven’t already equipped your local system with FileZilla, download and install it from the FileZilla website, then follow these steps:
- Launch FileZilla and type the IP address or hostname of your Ubuntu FTP server into the Host field.
- Set the port value to 21 in the Port field.
- Choose FTP – File Transfer Protocol as the protocol.
- Select Use explicit FTP over TLS if available as the encryption method, but if your FTP server doesn’t use encryption, you can choose Use plain FTP.
- From the Logon Type menu, select either Ask for password or Use the password.
- Enter the username and password for the FTP user on your Ubuntu server.
- Click on the Connect button.
As a result, you will connect to the FTP server using FileZilla, and you can quickly transfer files to the server using the user-friendly interface of FileZilla and the ability to drag and drop files.
Securing the FTP Server in Ubuntu
As mentioned, traditional FTP (unencrypted) is vulnerable to unauthorized access and attacks. In addition to the security measures you took during the “securing vsftpd” phase, you can use the methods discussed in this section of the article to enhance the security of your FTP server and data.
Setting a New FTP home directory (optional)
For improved security, consider changing the default FTP home directory (/srv/ftp directory):
sudo mkdir /srv/ftp/new_location sudo usermod -d /srv/ftp/new_location ftp
Then restart the vsftpd service to apply the changes:
sudo systemctl restart vsftpd.service
Creating a User List File
If you want to create a user list file, you should first edit /etc/vsftpd.chroot_list and specify individual users on separate lines to restrict them. By running the following command, we instruct the FTP server to restrict the users we have specified in the vsftpd.conf file to their own home directories:
Then, to apply the changes, restart the vsftpd service.
The /etc/ftpusers directory contains a list of blocked users from accessing FTP by default. By editing this directory, you can restrict new users from accessing FTP.
Using FTPS to Encrypt Data
Using the FTPS protocol with SSL is one of the best methods for encrypting FTP server traffic, playing a crucial role in securing the FTP server. To do this, you must create a shell account on the FTP server to apply an additional layer of secure encryption to FTP traffic. Follow the steps below for this purpose:
- Generate a new certificate by openssl:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem
- Press Enter after entering the required information.
- Open the vsftpd.conf file using your favorite editor and set the ssl_enable to YES:
- Add the following lines:
rsa_cert_file=/etc/ssl/private/vsftpd.pem rsa_private_key_file=/etc/ssl/private/vsftpd.pem allow_anon_ssl=NO force_local_data_ssl=YES force_local_logins_ssl=YES ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO require_ssl_reuse=NO ssl_ciphers=HIGH pasv_min_port=40000 pasv_max_port=50000
- Save the changes and exit the file.
- Restart the vsftpd service.
Important Points for Setting up an FTP Server in Ubuntu
After creating an FTP server in Ubuntu, you may encounter the “Connection refused” error when attempting to connect to the FTP server, which is often due to firewall settings. If a firewall is active on your Ubuntu server, you must allow FTP traffic through the firewall. FTP typically uses ports 20 and 21 for data and control connections. Firewall configuration should be based on the FTP server and how it operates. If you use vsftpd, you should allow port 21 in the firewall. Therefore, do not overlook the firewall configuration during the setup process.
When selecting FTP server software, choose reliable and secure software. The security features of vsftpd have made it a good choice.
The /etc/vsftpd/ directory is the configuration file for the FTP server, and you can properly configure the FTP server by editing the file /etc/vsftpd/ and vsftpd.conf with your preferred text editor.
Exercise caution with security when using an FTP server, especially traditional FTP (unencrypted), as it transfers data in plain text, which attackers can intercept. Secure the FTP server by disabling anonymous access, enabling encryption (SSL/TLS), and configuring chroot environments to restrict user access to their respective home directories. For enhanced security, it’s recommended to provide secure encryption and authentication using FTPS or SFTP. Implement security measures taught in this article for FTP server security, such as restricting user access to their respective home directories, chrooting your users, enabling two-factor authentication (2FA), and more.
Set up regular reporting for tracking server activities and monitoring server performance systematically. Additionally, ensure the security and performance of your FTP server by keeping it updated regularly.
If security is your top priority, consider using the SFTP protocol (SSH File Transfer Protocol) instead of FTP. This protocol is much more secure than FTP and provides secure file transfers over SSH.
Congratulations on successfully setting up and running your FTP server on an Ubuntu server. In addition to create FTP server in Ubuntu Linux using the vsftpd software package, you have learned how to secure your FTP server. Furthermore, you’ve learned how to connect to your FTP server via the command line and a GUI as an FTP client. We hope that after reading this article, you’ll be able to securely transfer files from your local system to a remote server and vice versa, enjoying the features of your FTP server.
We are here to assist you anytime; let us know your question or problem in the comment section.
Thank you for choosing this article to read.