Install and build an FTP server on Ubuntu 14.04
Today, I want to create a network log migration program. If I want to migrate files, I 'd like to use FTP. FTP is used to transmit files from one host to another over the TCP network. This article explains how to install the FTP server on Ubuntu 14.04. Popular FTP server software include: PureFTP, VsFTPD, and ProFTPD. Here, I use VsFTPd, Which is lightweight and has few pitfalls.
Install the FTP service on Ubuntu 14.04
Step 1> update the database
Bkjia @ bkjia :~ $ Sudo apt-get update
Step 2> use the following command to install the VSFTPD package
Bkjia @ bkjia :~ $ Sudo apt-get install vsftpd
Step 3> after the installation is complete, open the/etc/vsftpd. conf file and modify it as described below.
Uncomment the following line (line numbers 29 and 33)
Write_enable = YES
Local_umask = 022
> Cancel the annotation of the following line (row number 120) to prevent unexpected folders except the user folder.
Chroot_local_user = YES
Add the following line at the end of the file:
Allow_writeable_chroot = YES
> Add the following lines to enable the negative mode:
Pasv_enable = Yes
Pasv_min_port = 40000
Pasvanderbilt max_port = 40100
Step 4> run the following command to restart the vsftpd service:
Bkjia @ bkjia :~ $ Sudo service vsftpd restart
Step 5> now the ftp server is listening for port 21. Run the following command to create a user. Use the/usr/sbin/nologin script to prevent ftp users from accessing the bash script.
Bkjia @ bkjia :~ $ Sudo useradd-m john-s/usr/sbin/nologin
Bkjia @ bkjia :~ $ Sudo passwd john
Step 6> enable nologin script startup access. Open/etc/shells and add the following lines.
/Usr/sbin/nologin
Now try to connect to the ftp server by using the created user through port 21. The client uses winscp or filezilla. Verify that the user cannot access folders outside the home folder.
Note that using ftp on port 21 is very dangerous. SFTP is strongly recommended. See the following SFTP configuration.
Secure FTP (SFTP)
SFTP is called Secure FTP, which uses the ssh file transfer protocol. Therefore, we need to install openssh-server. If not, run the following command.
Bkjia @ bkjia :~ $ Sudo apt-get install openssh-server
Step 7> Create a new user group ftpaccess for the FTP user.
Bkjia @ bkjia :~ $ Sudo groupadd ftpaccess
Step 8> make the following changes in/etc/ssh/sshd_config:
> Locate and comment out the following line
Subsystem sftp/usr/lib/openssh/sftp-server
Add the following lines at the end of the file:
Subsystem sftp internal-sftp
Match group ftpaccess
ChrootDirectory % h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Step 9> restart the sshd service
Bkjia @ bkjia :~ $ Sudo service ssh restart
Step 10> the following steps are used to create a user accessing the SFTP service.
Create user john, belong to the ftpaccess group, and execute the/usr/bin/nologin script
Bkjia @ bkjia :~ $ Sudo useradd-m john-g ftpaccess-s/usr/sbin/nologin
Bkjia @ bkjia :~ $ Sudo passwd johnChange ownership for the home directory.
Bkjia @ bkjia :~ $ Sudo chown root/home/john
Create a folder for writing files in the home folder and modify the folder owner.
Bkjia @ bkjia :~ $ Sudo mkdir/home/john/www
Bkjia @ bkjia :~ $ Sudo chown john: ftpaccess/home/john/www
Now, use SFTP to connect to the server (Port: 22) and make sure that you can upload files to the www folder, and you cannot access files other than the home folder.
If you want to allow both FTP and SFTP to coexist, follow the 10 steps above when creating a user. For existing users, you can move them to the ftpaccess group as follows, create a folder structure, and modify the ownership.
Bkjia @ bkjia :~ $ Sudo usermod john-g ftpaccess-s/usr/sbin/nologin
Bkjia @ bkjia :~ $ Sudo chown root/home/john
Bkjia @ bkjia :~ $ Sudo mkdir/home/john/www
Bkjia @ bkjia :~ $ Sudo chown john: ftpaccess/home/john/www
Now you can upload files to the www folder through FTP or SFTP.
Four Advanced configurations of vsftpd Server:
VsFTPd configuration Tutorial:
Simple and practical Ubuntu FTP setup
Set up FTP server and Apache server on Ubuntu
Install the LAMP \ vsftpd \ Webmin \ phpMyAdmin service and settings in Ubuntu 13.04
Simple case of anonymous uploading of SeLinux and vsftpd on the RHEL6 Platform
Install vsftpd source code in Linux
Install and configure the FTP server vsftpd in openSUSE 13.2/13.1