Implementation code for installing vsftpd in Ubuntu 18.04

Install vsftpd

$ sudo apt-get install vsftpd -y

Start the vsftpd service and set it to start at boot

$ sudo systemctl start vsftpd
$ sudo systemctl enable vsftpd

Set up the FTP directory structure

Create a User

$ sudo adduser testuser1

Create the directory and set ownership

$ sudo mkdir /home/testuser1/ftp
$ sudo chown nobody:nogroup /home/testuser1/ftp
$ sudo chmod aw /home/testuser1/ftp

Create a directory where you can upload files and set ownership for

$ sudo mkdir /home/testuser1/ftp/test
$ sudo chown testuser1:testuser1 /home/testuser1/ftp/test

Configure vsftpd

Back up the original configuration file of vsftpd

$ sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak

Open and edit the vsftpd.conf file

$ sudo vi /etc/vsftpd.conf

Add the following to the file

listen=NO
listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
pasv_enable=Yes
pasv_min_port=10000
pasv_max_port=11000
user_sub_token=$USER
local_root=/home/$USER/ftp
userlist_enable=YES
userlist_file=/etc/vsftpduserlist.conf
userlist_deny=NO

4. Save and close the configuration file

:wq

5. Add the testuser1 user we created to the vsftpd user list file

$ sudo vi /etc/vsftpduserlist.conf

6. Restart the vsftpd service to apply these changes

$ sudo systemctl restart vsftpd

Using SSL/TLS

Creating a security certificate

$ sudo mkdir /etc/certs

$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/certs/vsftpd.pem \
-out /etc/certs/vsftpd.pem

Open the vsftpd.conf file

$ sudo vi /etc/vsftpd.conf

Add the following to the file

rsa_cert_file=/etc/certs/vsftpd.pem
rsa_private_key_file=/etc/certs/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH

Save the file and restart vsftpd

$ sudo systemctl restart vsftpd

Use SFTP protocol to log in to the added user in the FTP client

Configuring the Firewall

$ sudo ufw allow OpenSSH
$ sudo ufw allow 20/tcp
$ sudo ufw allow 21/tcp
$ sudo ufw allow 40000:50000/tcp
$ sudo ufw allow 990/tcp

$ sudo ufw enable
$ sudo ufw status

References: DevAnswers.co, hostadvice.com

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.

You may also be interested in: