How To Setup FTP Server In Ubuntu 20.04 LTS?


FTP or File Transfer Protocol is a standard networking protocol used to transfer files between client and server. An FTP user may authenticate themselves by using username and a password. FTP is often secured with the SSL/TLS(FTPS) for the secure transmission of data or replaced with SSH File Transfer Protocol(SFTP).

VSFTPD stands for “Very Secure File Transfer Protocol Daemon” is a type FTP server that is comparatively more secure. So it is a popular choice for Linux users. In this article, we will discuss to set up it in Ubuntu 20.04 LTS.

Steps to install vsftpd in Ubuntu 20.04 LTS

To install it in Ubuntu 20.04 LTS run the following commands in your terminal –

First, update the apt package index by using –

sudo apt update

And then use –

sudo apt install vsftpd

How to enable vsftpd services?

To enable vsftpd services in Ubuntu 20.04 LTS, use the following commands –

Start the vsftpd server with –

systemctl start vsftpd

And then enable it to start service automatically when the system starts by using –

systemctl enable vsftpd

How to configure vsftpd server?

You can configure the vsftpd server by editing /etc/vsftpd.conf file. For the secure implementation of the vsftpd server, we have to add/modify some options inside the vsftpd configuration file.

Backup the existing configuration

Before making any changes to the configuration file, It is good to take the backup of the original file. Use the following command –

sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.orig

Editing the configuration file

Open the configuration file in a text editor by using the following command –

sudo nano /etc/vsftpd.conf

And then uncomment, modify or add the following things into it. This configuration will be sufficient for a basic FTP server later you can modify it according to your requirements.

listen=NO
listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
pasv_enable=Yes
pasv_min_port=10000
pasv_max_port=11000
allow_writeable_Chroot=YES

Once you are done editing configuration file press ctrl+s to save and ctrl+x to exit from the editor.

Adjust the firewall settings

We need to adjust the firewall settings. By default Ubuntu firewall blocks the incoming FTP traffic. Use the following command to allow it –

sudo ufw allow from any to any port 20,21,10000:11000 proto tcp

Restart vsftpd server

To apply the changes you need to restart vsftpd server. Use the following command to restart it –

sudo systemctl restart vsftpd

Create an FTP user

We need to create an FTP user, we will use it to log in to the FTP server. To create a user, use the following command –

sudo adduser ftpuser

Now fill the details and create a strong password.

Create a directory to upload files

Now if you want ftpuser to upload files to the FTP server then create a directory within the user’s home directory. Here we will create a directory with the name ftp.  Use the following command to create it –

sudo mkdir /home/ftpuser/ftp

Set the ownership of ftp directory to nobody:nogroup by using-

sudo chown nobody:nogroup /home/ftpuser/ftp

Remove the writable permission with the following command –

sudo chmod a-w /home/ftpuser/ftp

Create another directory within ftp so that new ftpuser can upload files here –

sudo mkdir /home/ftpuser/ftp/files

Now set the ownership of files directory to ftpuser

sudo chown ftpuser:ftpuser /home/ftpuser/ftp/files

How to secure FTP server with TLS?

TLS or Transport Layer Security is a security protocol it is designed to facilitate privacy and data security to communications over the internet. By default, FTP is not encrypted, the data transmitted can be intercepted. So we need to use TLS with FTP. Let’s create a certificate by using the OpenSSL tool –

 sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem

You will be asked to enter information such as country name, state, organization, etc. Press enter for default values.

Now we have to make some changes in the configuration file, use the following command to edit configruation file –

sudo nano /etc/vsftpd.conf

And add or modify the following information –

ssl_enable=YES
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH

Press ctrl+s to save and ctrl+x to exit from the editor. Now restart your server using-

sudo systemctl restart vsftpd

Also, check the status it should be active-

sudo systemctl status vsftpd

Access FTP server with Filezilla

Filezilla is an FTP client, use to access the file from an FTP server. You need to enter the hostname, username, and password enter it and click on Quickconnect.  First, you will see a window of an unknown certificate click on the checkbox of always trust certificate in future sessions and then click on ok.

Now TLS is configured with the FTP server you can communicate with the FTP server securely.

Ok that’s all for now. You can share your experience in the comments below.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.