How To Setup FTP account on Ubuntu

In today's article, we will read and learn how to set up an FTP account on Ubuntu.

What is FTP?

FTP, stands for File Transfer Protocol, which is a network protocol that is used for moving files between a client and server. 

In this article, you’ll configure vsftpd to allow a user to upload files to his or her home directory using FTP with login credentials secured by SSL/TLS.

Steps to Install FTP

Step 1: Install vsftpd  daemon

sudo apt-get update

sudo apt-get install vsftpd

When the installation is complete, create a backup of the configuration file so we can restore the original configuration in the future if anything goes wrong.

sudo cp /etc/vsdtfp.conf /etc/vsftpd.conf.bak

Step 2: Allow Ports in Firewall

We need to allow the FTP ports in the firewall. Here we will allow Ports 20 and 21 for FTP, 990 for TLS when it will be enabled, and ports 40000-50000 for the passive ports which we will set in the configuration files.

sudo ufw allow 20/tcp

sudo ufw allow 21/tcp

sudo ufw allow 990/tcp

sudo ufw allow 40000:50000/tcp

sudo ufw status

After installing the vsftpd daemon and allowing the ports in the firewall, Now we will create an FTP user and directory.

Step 3: Create User and Prepare Directory

To create a New User use this command 

sudo adduser raiseup

Assign the password to the user when prompted and press Enter.

Let's create the FTP directory and set its ownership using the following commands.

sudo mkdir /home/raiseup/web

sudo chown nobody:nogroup /home/raiseup/web

sudo chown a-w /home/raiseup/web

Create the folder and assign ownership to the user by following this command.

sudo mkdir /home/raiseup/web/raiseup.co.in

sudo chown raiseup:raiseup /home/raiseup/web/raiseup.co.in

Now we have secured the FTP directory and allowed the user access to the raiseup.co.in directory. The next step is the configuration of FTP Access.

Steps to Configuration Access

Step 4: Configuring FTP Access

We are going to allow a single user with a local shell account to connect FTP. For this there are two settings are available in the vsdtpd.conf file. Match those settings by opening the vsftpd.conf file.

sudo nano /etc/vsftpd.conf

. . .
# Allow anonymous FTP? (Disabled by default).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
. . .

Next, we will change some values in this file, to allow users to upload the file to remove the comment(#) for the write_enable.

write_enable=YES 

We’ll also uncomment the chroot to prevent the FTP-connected user from accessing any files or commands outside the directory tree.

chroot_local_user=YES

We will add a user_sub_token & local_root directory that will work for the current user and future users that might be added.

user_sub_token=$USER
local_root=/home/$USER/web

Now we will limit the ports that can be used for the FTP to make sure enough connections are available.

pasv_min_port=40000
pasv_max_port=50000

We’ll set up the configuration so that access is given to a user only when they are added in the list.

userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO

Save and exit the vsftpd.conf file.

After configuring the setting we will append the user in the list using -a flag.

echo "raiseup" | sudo tee -a /etc/vsftpd.userlist

Restart the daemon to load the configuration changes:

sudo systemctl restart vsftpd