loader

    Knowledge Base

    How to setup FTP server on Ubuntu 16.04

    Introduction

    If you need to upload files on a server or give access to your employee/colleague so they would set up your website, an FTP-server will be the best solution.

    Installation

    All commands during the FTP-server installation are to be performed by a root user:

    sudo su -

    VSFTPD is a popular FTP-server that is located in Ubuntu standard repository. To install it, run the command:

    apt-get install vsftpd

    After the process is completed, an FTP can be considered installed.

    Settings

    After installation, the first thing you need to do is to configure the FTP-server to fit your needs using the file located in /etc/vsftpd.conf. The file is quite detailed and understandable, yet we recommend that you change some of the settings:

    /etc/vsftpd.conf listen=YES listen_ipv6=NO anonymous_enable=NO local_enable=YES write_enable=YES chroot_local_user=YES local_umask=022 force_dot_files=YES

    Before starting an FTP-server, add the line /usr/sbin/nologin to the file /etc/shell, so the users could connect to the FTP without shell access:

    echo "/usr/sbin/nologin" >> /etc/shell

    Now you can start the FTP-server:

    service vsftpd start

    Add some changes to the file /etc/hosts.allow, prohibit access from all IP-addresses except for those that you are going to use to connect to the FTP-server:

    /etc/hosts.allow vsftpd : 127.0.0.1 : allow vsftpd : allowed_IP_adress : allow vsftpd : ALL : deny

    Add a user, prohibit ssh connection, create a home directory.

    After the user is created, change the password:

    useradd user_name --shell /usr/sbin/nologin --home-dir /path_to_directory passwd user_name

    If you need to add a new user who needs to edit the files of the existing user, then you need to create a new user using the same UID and GID.

    useradd user_name -o -u UID_client -g GID_client --shell /usr/sbin/nologin --home-dir /path_to_directory passwd user_name

    To check the UID and GID run the command:

    id user_name