Installing and configuring a Linux FTP server. Setting up and using an FTP server on Ubuntu Linux Installing and setting up vsftpd ubuntu
It is the ability to transfer files using the file transfer protocol. It is used for easy file sharing over wired and wireless LAN. This local server can be useful both at work and at home. With Ubuntu, the FTP server is even more convenient as it requires a minimum of effort and resources to set up and use.
An ftp server can be installed based on Ubuntu.
Today, the file exchange protocol is especially often used to transfer your own resources to servers on the Internet, as well as between trusted computers. Well-known FTP clients for Windows, such as FileZilla, aim to communicate between two computers in a way that makes communication between them as simple and manageable as possible.
The protocol is built on the basis of client-server logic. This means that there are two technical sides - the client (whose needs are served) and the server (which serves the needs). Connection to the server can be performed using either open authentication (username and password) or anonymously (if supported). Despite this, the FTP protocol is weak in terms of security, especially by today's standards. However, on Ubuntu, an FTP installation may include some additional security standards.
Let's get down to practice. Daemon Profpd
In order to successfully install the Ubuntu FTP server, we use a so-called "daemon". It is a program that allows you to perform routine tasks while running in the background. The daemon needed for FTP on Ubuntu is Proftpd. Its installation is performed by a simple command in the Terminal:
"Sudo apt-get install proftpd".
When the installation is complete, you will need to update the server configuration and change the baseline settings. This will help you configure the server login process. All necessary changes must be made in the file "/etc/proftpd/proftpd.conf". It can be opened directly with the nano editor.
So the Ubuntu FTP server setup started. First of all, let's change the 2 required parameters.
At the very end of the file, add the line:
"AuthUserFile /etc/proftpd/ftpd.passwd"
It is in this document, which we will invite you to add later, that the main login parameters will be stored. We remove the comment symbol from the line "DefaultRoot" - "#". Now let's move on to editing the "/ etc / shells" file. You need to add the line "/ bin / false" to it. With the help of these commands, you will be able to add new users to an existing group:
"Addgroup username group", if you insert "username" = "ftp" and "group" = "www-data", it becomes possible to work with files in the "property" of the server.
In addition, the Ubuntu FTP server installation provides the command "change owner": "chown -R ftp: www-data". It can be used to make the owner of the files the user "ftp". The "www-data" user group will be given group access to documents. When all the settings are complete, just restart the server:
"Sudo /etc/init.d/proftpd restart"
Now you need to set up virtual user accounts. This must be done according to the following scheme:
"Ftpasswd -passwd -file = / etc / proftpd / ftpd.passwd -name = (username) -shell = / bin / false -home = / var / www / html -uid = (User ID, can be found by the command" id ftp ") -gid = (group ID, let's say for the group" www-data "- 33)
"Sudo nano /etc/dhcp3/dhcpd.conf"
You need to write the following into it:
“# Domain name (internal).
option domain-name “domain_name”;
#DNS server on the connected PC.
option domain-name-servers ip_address;
# Remove the "#" comment from this line.
authoritative;
# Desired subnet data for the server.
subnet 192.168.0.0 netmask 255.255.255.0 (
# Range of issuing addresses.
range IP_address IP_address;
# A router with Internet access. option routers IP_address;
# The file to be loaded at boot time on the network.
filename = “tftp / pxelinux.0”;
}»
Now all that remains is to restart the DHCP server:
"Sudo /etc/init.d/dhcp3-server restart".
As you can see, setting up an Ubuntu FTP server doesn't require any special technical skills. In addition, it is quite easy to implement for anyone who has worked on Linux.
In conclusion
In this article, we examined in detail and in detail how to install an FTP server on Ubuntu, and also paid attention to setting up a TFTP server. These tools are a perfect example of how flexible and functional Ubuntu is. If you still have questions about its use and configuration, do not hesitate to ask them in the comments to this article. And also read other materials on the pages of our site.
In this tutorial we will show you how to install and configure VSFTPD on c. VSFTPD is an acronym for Daemon's Very Secure File Transfer Protocol. It is free and open source, fast, stable, lightweight and very secure FTP server for Unix and Linux operating systems, installed under the GNU General Public License. VSFTPD is one of the most used FTP servers for Linux and is used as the default FTP server in some of the largest distributions such as Fedora, Ubuntu, NimbleX, Slackware, and RHEL.
In order to install VSFTPD on your Ubuntu 16.04 server, you must log in via SSH as root user
Ssh [email protected] _address
First of all, make sure that all installed packages are up to date
Apt-get update && apt-get upgrade
All you need to do to install VSFTPD on your Ubuntu 16.04 VPS is to run the following command in your Linux terminal
Apt-get -y install vsftpd
After it is successfully installed, we need to make some changes to its configuration. Open the file /etc/vsftpd.conf, find and change the following lines:
Vim /etc/vsftpd.conf # Control anonymous logins whether or not they are allowed. anonymous_enable = NO # Local users to login local_enable = YES # Set "write_enable" to allow changes to the filesystem write_enable = YES # enable sending in ASCII (to prevent loading scripts, etc. from being cracked), # Risk-free Basic size and download in ASCII format. ASCII must be # on the client anyway .. ascii_upload_enable = YES ascii_download_enable = YES # You can set the root directory for FTP users. If not specified, the user's home directory is equal to the FTP root directory local_root = public_html
Save the configuration file and restart the FTP server for the changes to take effect
Systemctl restart vsftpd
Set VSFTPD to start automatically on system boot
Systemctl enable vsftpd
You can find a list of all options in the config file at http://vsftpd.beasts.org/vsftpd_conf.html
Root login is disabled by default in VSFTPD for security reasons. In order to access your FTP server, you will have to create a new system user
Adduser FTPUSER
Where FTPUSER is the username you want to create. You will be prompted for a new password for the new user and a few additional information such as full username, phone number, etc. Please note that it is very important to always use it for accounts. It is best to use a combination of letters and numbers and at least 10 characters.
Now, once your FTP server is both installed and configured, and a new FTP user is created, you can access the FTP server with the newly created user using a terminal, a web browser, or using an FTP client such as FileZilla.
FTP (File Transfer Protocol) is a file transfer protocol. FTP allows you to transfer and download files from a server. Today this protocol is not very popular, since it does not support data encryption. Instead of FTP, they use the SFTP (SSH data transfer) protocol, as well as the SCP protocol. This article will walk you through setting up a regular FTP server based on Ubuntu.
FTP protocol operates in client-server mode. The server is constantly listening for requests from remote clients on port 21. When a request is received, it controls the login and establishes the connection. During the session, the server executes any commands sent by the FTP client. TCP is used as the transport layer protocol. FTP uses two types of connections to transfer data:
- Control connection (port 21)
- Data connection (in active mode port 20, in passive mode any port greater than 1024)
The separation into control connection and data connection is efficient. This allows commands and files to be passed independently of each other.
FTP supports two types of authentication:
- Anonymous (login ftp or anonymous, password - email)
- Authorized (username and password for each user)
When working via FTP, two modes can be established between the client and the server: active and passive. The control connection is the same for Active and Passive modes. The client initiates a TCP connection from a dynamic port (1024 - 65535) to port 21 on the FTP server, after which authentication occurs. Further actions depend on which mode is selected.
In active mode, after authentication, the client also informs the server about its port number (from the dynamic range of 1024 - 65535) so that the server can connect to the client to establish a data connection. The FTP server connects to the specified client port number using TCP port number 20 for data transfer.
In passive mode, after authentication, the server informs the client about the TCP port number (from the dynamic range of 1024 - 65535), to which it can connect to establish a data connection.
Thus, in active mode, the server initiates the connection, since it connects to the client. In passive mode, the initiator of the connection is the client.
Active mode is “harmful” for the client in the sense that when a server connects to it on a random port, such a connection will most likely be blocked by a firewall on the client side. Thus, it is necessary to open ports on the client side, which leads to security holes. On the other hand, such a mode will be useful for the server, since the well-known port 20 is used for data transmission.
The passive mode is “harmful” for the server, but “beneficial” for the client. The client will make both connections to the server, but one of them will be to a random high port, such a connection will be blocked by a firewall on the server side.
Passive mode is usually used when there is a firewall between the client and the server.
The most popular FTP commands are:
| Team | Description |
| USER | Specify username |
| PASS | Enter password |
| LIST | View directory contents |
| CWD | Change the current directory |
| RETR | Transfer file from server to client |
| STOP | Transfer file from client to server |
| TYPE | Set transfer mode |
| DELE | Delete a file |
| MDK | Create directory |
| RMD | Delete directory |
| PASV | Use passive mode |
| QUIT | Leaving and disconnecting the connection |
FTP has three transfer modes:
- Streaming - continuous transmission of data as a stream (no processing, processing is done by TCP)
- Block - FTP divides data into blocks (header, data field, file size in bytes) and transmits it to TCP
- Single Algorithm Compression Mode
FTP-server is a "library" of files on a hosting, used to store files of different formats. The most popular ftp servers are vsftpd and proftpd. FTP servers are needed to host large amounts of data for public and private downloads. Servers are often used for anonymous (guest) access to open source software, music and photo distributions. Access for anonymous users allows, as a rule, only to browse directories and download the necessary information, but on some servers, on the contrary - there are special directories where any user can upload a file for sharing.
With non-anonymous access, there are more options, but they are limited to the directory where access is provided.
Let's move on to setting up the server. We will work with such a scheme. 
Both the administrator and the user will have access to the FTP server. The administrator and user have authorized access. In this case, it is necessary to configure access rights in such a way that the administrator has unrestricted access, and the user has access only to his home directory. You also need to configure anonymous access.
The vsftpd daemon is available for the DHCP server on Ubuntu. Install the DHCP server, this is done with the command:
testServer $ sudo apt-get install vsftpd
By default, anonymous downloading is prohibited. You need to change the configuration in the /etc/vsftpd.conf file.
testServer $ sudo nano /etc/vsftpd.conf
Find the line “anonymous_enable” there and assign the value “Yes” to it. This line is responsible for accessing the FTP server for anonymous users.
You also need to uncomment two lines: “write_enable” and “chroot_local_user”. The first line is responsible for the ability to write to the server, the second line blocks the ability of local users to climb a directory higher than their home folder.
At the end of the configuration file, add two settings:
These settings set up home folders for anonymous and local users.
Save the file configuration with the Ctrl + X keyboard shortcut (when prompted to replace the current file, select Yes). Next, you need to restart the FTP server with the command
testServer $ sudo service vsftpd restart
The next step is to create users.
We create a superuser with the command:
testServer $ sudo adduser superuser
We give him a password:
testServer $ sudo passwd superuser
We give him unlimited rights:
testServer $ sudo adduser superuser sudo
Create a regular user:
testServer $ sudo adduser user
We give him a password:
testServer $ sudo passwd user
Enter new UNIX password: 12345
Create a user group to manage folders:
testServer $ sudo addgroup groupl
testServer $ sudo nano / etc / group
Find the line “groupl” with Ctrl + W.
We add our users superuser and user to this line.
Create folders for users:
testServer $ sudo mkdir / srv / ftp / upload
testServer $ sudo mkdir / srv / ftp / superuser
testServer $ sudo mkdir / srv / ftp / user
Set access rights for folders:
testServer $ sudo chmod 700 / srv / ftp / superuser
testServer $ sudo chmod 770 / srv / ftp / user
testServer $ sudo chmod 575 / srv / ftp / upload
Change folder owners:
testServer $ sudo chown superuser: / srv / ftp / superuser
testServer $ sudo chown user: groupl / srv / ftp / user
testServer $ sudo chown: groupl / srv / ftp / upload
Thus, we get the following picture:
- Only superuser has access to the superuser folder, he is the owner of this folder.
- The user folder can be accessed by both user and superuser. This is due to the fact that we have set rights 7 7 0. The second seven sets full rights for the groupl user group, to which we added superuser.
- Both user and superuser have full access to the upload folder. All others have only read and execute permissions 5 75 ... 5 = 101 (binary). 101 ~ r-x. That is, other users (and anonymous belongs to them) cannot write anything in the upload folder.
We check the access rights and owners with the command:
testServer $ ls -l / srv / ftp
In order to check access to the FTP server, you need to type in the address bar in any browser:
ftp://172.16.1.2
In this case, we find ourselves as an anonymous user, since we do not enter a username and password.
We see three folders superuser /, upload /, user /. Since we are logged in as an anonymous user, there is only access to the folder upload /.
In order to log in under the superuser name, enter:
ftp: // [email protected]
Enter the username: superuser, password: 12345 ... Under superuser, we get access to all folders.
Finally, let's check the usual user. In order not to enter your username and password every time you log in, you can write the following in the address bar:
ftp: // user: [email protected]
Under user, we can only get into folders upload / and user /... To folder superuser / Access closed.
Support the project
Friends, the Netcloud website is evolving every day thanks to your support. We are planning to launch new headings of articles, as well as some useful services.
You have the opportunity to support the project and contribute any amount you deem necessary.
From time to time, every system administrator has a need for an FTP server, most often this is due to the need to ensure the exchange of information in automatic mode between applications, for example, during auto-exchange of a distributed 1C infobase, or to access files on a web server. Today we will tell you how to create such a server on the Ubuntu platform in less than half an hour.
But first, a little theory. FTP (File Transfer Protocol) is intended, as the name suggests, to transfer files and appeared in 1971, but despite its advanced age, it continues to be widely used to this day. Although its use today is more of a technical nature, it is common for end users to access data using a browser and HTTP. The advantages of FTP include the ability to resume a file when the connection is broken and the ability to read files and write them equally easily. But there are also disadvantages, the most serious is low security, so this issue should be given the utmost attention.
FTP, like PPTP, uses different connections for transferring commands and transferring data. When initiating a connection, the client transmits control commands to port 21 of the server, which, in turn, establishes an outgoing connection for data transmission on port 20, the port from the client's side is determined as a result of negotiation. However, when the client is behind NAT, the connection cannot be established in this way, therefore, an additional FTP passive mode was developed, when the client, not the server, establishes the connection for data transfer, but with the parameters specified by the server. These points should be considered when forwarding FTP and when configuring a network filter.
For our server, we will use vsftpd- simple, fast and secure FTP server. Since it will serve both external and internal networks, it makes sense to add this role to ours. Server installation is extremely simple:
Apt-get install vsftpd
The server is configured through the configuration file /etc/vsftpd.conf it has a simple structure, is well commented and allows you to configure the server without any instructions with minimal knowledge. Let's consider its main parameters.
The server can be started constantly, as a service, or started if necessary, the first option is more suitable for us:
Listen = YES
This option has a mutually exclusive record, which should be reduced to the form:
Listen_ipv6 = NO
Allow only local users to log in:
Anonymous_enable = NO
local_enable = YES
Let us allow users to write files and tell the server to automatically set the necessary rights (755 for folders and 644 for files):
Write_enable = YES
local_umask = 022
If you need to set a different set of rights: 775 and 664, then the umask must be 002.
By default, the server uses GMT time to set the files to the time of your time zone, use the option:
Use_localtime = YES
Let's enable the log of uploaded and downloaded files:
Xferlog_enable = YES
Let the server establish data connections on port 20 (active mode):
Connect_from_port_20 = YES
The following options set the location and format for storing the logs:
Xferlog_file = / var / log / vsftpd.log
xferlog_std_format = YES
Let's set the session timeouts:
Idle_session_timeout = 600
data_connection_timeout = 120
Also, for security purposes, we isolate the user in his home directory and immediately allow writing to his root:
Chroot_local_user = YES
allow_writeable_chroot = YES
For correct work with text data, you can enable ASCII support, this will allow when transferring a text file from a Windows system to UNIX (Linux) to correctly replace the line break characters from CR + LF to LF for correct display of the content and perform the reverse transformation when transferring it back.
Ascii_upload_enable = YES
ascii_download_enable = YES
You can enable only one option, for upload or download. Please note that transferring a binary file in ASCII mode may corrupt the latter.
Quite an interesting option:
Ls_recurse_enable = YES
It allows recursive directory browsing, on the one hand it is convenient, on the other hand it can cause a heavy load on the server, if, for example, you get a listing of a directory containing a large number of files and directories.
We leave all other options by default, although you can edit the server greeting by writing whatever you like:
Ftpd_banner = Welcome to Roga i Kopyta LLC FTP
At the end of the configuration file, we will set the settings for the passive mode, it is recommended to explicitly set the ports so that you can specify them during forwarding if the server is behind NAT or in the firewall rules:
Pasv_enable = YES
pasv_min_port = 62000
pasv_max_port = 62999
Restart the server (this must be done every time after making changes to the configuration):
Service vsftpd restart
and try to connect with any FTP client using the credentials of an existing user. We need to get into his home directory and be isolated in it.
In case of an error related to the incorrect operation of vsftpd and the seccomp security system:
500 OOPS: prctl PR_SET_SECCOMP failed
add the undocumented option to the file:
Seccomp_sandbox = NO
However, remember that FTP is an insecure protocol, so letting any local user on the server, as it is done now, is not the best option. To avoid this situation vsftpd has a built-in user control mechanism. Let's add an option to the configuration file:
Userlist_enable = YES
and create a user list file:
Touch /etc/vsftpd.user_list
By default vsftpd prohibits access to the server for users specified in this list even before entering the password, i.e. implements the principle is allowed to everyone who is not prohibited. But it would be much better to implement a different approach: forbidden to everyone who is not allowed. Those. permit access only to specified users. To do this, add an option:
Userlist_deny = NO
Now only explicitly specified users will have access to the FTP server, they should be specified in vsftpd.user_list one per line, for example:
Ivanov
petrov
Unless otherwise specified, after connecting via FTP, users get to their home directory. This is not always convenient, often you need to redirect them to a different directory. If this is a common folder for all, say / var / ftp, then you can specify the option:
Local_root = / var / ftp
Which will redirect all users to the specified directory and isolate them there.
This is the simplest situation, real tasks are usually more difficult, let's say we need to set the user Ivanov as the root directory /var/www/example1.com and Petrov /var/www/example2.com so that each of them works with its own folder. For these purposes, you can use another feature of vsftpd - user settings, which override the settings in the main configuration file.
To do this, add an option:
User_config_dir = / etc / vsftpd_user_conf
Then we will create the directory itself
Mkdir / etc / vsftpd_user_conf
To set his own settings for the user in this directory, create a file with the user name and add the necessary options to it. The changes are applied without restarting the FTP server the next time the client connects.
Let's create a file with settings for Ivanov:
Tocuh / etc / vsftpd_user_conf / ivanov
and add an option to it:
Local_root = / var / www / example1.com
The next time you connect, the user's root directory will change to the specified one. Also in this file we can set any personal options, for example, another umask or file permissions. However, we cannot use global settings here: connection, logging, authentication options, they will simply be ignored.
If you need to hide the real owners of files and folders, then you can use the option:
Hide_ids = YES
In this case, ftp: ftp will be indicated instead of the real owners and groups, this can be useful in the case of a public server or if there are unauthorized persons in the list of users to whom you do not want to disclose the real usernames of your system.
As you can see, we actually set up a working FTP server in less than half an hour.
Most recently, I wrote about being on my computer. This is very useful for a webmaster, since having installed such a "home" server for yourself, you can conduct various experiments with test sites or simply develop them.
But there is one problem: if you, for example, try to install the same plugin in wordpress on such a local server, you will get a refusal: " Failed to connect to FTP server localhost: 21"
As you can imagine, you need to install and configure an ftp server on your computer in order to install plugins. How to install ftp server to your Linux computer?
There are many free servers on Linux, I tried several and settled on vsftpd. This server is lightweight and easy to set up.
1. How to install ftp server vsftpd?
You can install it with one command:
Sudo apt-get install vsftpd
After installing the server, we need to customize it a little. But first, let's test our ftp server, enter the following address into the browser: ftp://127.0.0.1/ We should see the following:
But it is not enough to install the vsftpd server, as you can see it is done simply, it is important to configure the ftp server. But this is easy to do, if you follow my experience.
2. How to set up a ftp server vsftpd?
To get to the server settings, enter the command in the terminal:
Sudo gedit /etc/vsftpd.conf
We delete everything from this file and insert this:
Listen = YES # make anonymous access, with write access anonymous_enable = YES no_anon_password = YES anon_root = / THE WAY TO THE FOLDER WITH THE SITE! anon_upload_enable = YES anon_mkdir_write_enable = YES anon_other_write_enable = YES anon_umask = 022 # allow local users to log in with write access to home directories local_enable = YES local_umask = 022 write_enable = YES # put local users in their home directories. chroot_local_user = YES chroot_list_enable = YES # logging settings xferlog_enable = YES vsftpd_log_file = / var / log / vsftpd.log
Restart the ftp server with the command:
Sudo /etc/init.d/vsftpd restart
Yes, it's also very important! You must give 755 access to the folder with the site and all files to it, you CANNOT give the folder public write rights!
You can install a new, more correct version of the server by adding:
Sudo add-apt-repository ppa: thefrontiergroup / vsftpd sudo apt-get update sudo apt-get install vsftpd
After that, go to the WordPress admin area and try to install a plugin. We will be asked to enter the server address, username and password. In the server line, write 127.0.0.1 , and we write the login and password - anonymous
If you get an error: Unable to determine the WordPress content directory (wp-content), then you need to insert the following code at the end of the wp-config.php file:
If (is_admin ()) (add_filter ("filesystem_method", create_function ("$ a", "return" direct ";")); define ("FS_CHMOD_DIR", 0751);)
After that, everything worked for me. This is how the vsftpd server setup ended for me. This is how you can install and configure ftp server vsftpd on your home computer.
Such a server, of course, will not be very productive, this is not a real IBM HS23e server on SSD disks for you. And if you give it access to your entire local network, your computer can sweat a lot, constantly copying something.
But my goal is clear to you, but it is certainly not the only one. The FTP server on your computer can be used for different purposes, and most often such simple settings will suit you. If not, there are many tutorials on the net for setting up this FTP server. Good luck!
I add: as it turned out, in my case, you can do without FTP at all. It's easier to work through SSH and the ssh-sftp-updater-support plugin, which adds the SSH protocol to WordPress. This is much safer and you don't need to set up an FTP server.
Did not find an answer to your question? Use search ...