Install and build an FTP server on Ubuntu 14.04

Install and build an FTP server on Ubuntu 14.04

Today, I want to create a network log migration program. If I want to migrate files, I 'd like to use FTP. FTP is used to transmit files from one host to another over the TCP network. This article explains how to install the FTP server on Ubuntu 14.04. Popular FTP server software include: PureFTP, VsFTPD, and ProFTPD. Here, I use VsFTPd, Which is lightweight and has few pitfalls.

Install the FTP service on Ubuntu 14.04

Step 1> update the database

Bkjia @ bkjia :~ $ Sudo apt-get update

Step 2> use the following command to install the VSFTPD package

Bkjia @ bkjia :~ $ Sudo apt-get install vsftpd

Step 3> after the installation is complete, open the/etc/vsftpd. conf file and modify it as described below.

Uncomment the following line (line numbers 29 and 33)

Write_enable = YES
Local_umask = 022

> Cancel the annotation of the following line (row number 120) to prevent unexpected folders except the user folder.

Chroot_local_user = YES

Add the following line at the end of the file:

Allow_writeable_chroot = YES

> Add the following lines to enable the negative mode:

Pasv_enable = Yes
Pasv_min_port = 40000
Pasvanderbilt max_port = 40100

Step 4> run the following command to restart the vsftpd service:

Bkjia @ bkjia :~ $ Sudo service vsftpd restart

Step 5> now the ftp server is listening for port 21. Run the following command to create a user. Use the/usr/sbin/nologin script to prevent ftp users from accessing the bash script.

Bkjia @ bkjia :~ $ Sudo useradd-m john-s/usr/sbin/nologin
Bkjia @ bkjia :~ $ Sudo passwd john

Step 6> enable nologin script startup access. Open/etc/shells and add the following lines.

/Usr/sbin/nologin

Now try to connect to the ftp server by using the created user through port 21. The client uses winscp or filezilla. Verify that the user cannot access folders outside the home folder.

Note that using ftp on port 21 is very dangerous. SFTP is strongly recommended. See the following SFTP configuration.

Secure FTP (SFTP)

SFTP is called Secure FTP, which uses the ssh file transfer protocol. Therefore, we need to install openssh-server. If not, run the following command.

Bkjia @ bkjia :~ $ Sudo apt-get install openssh-server

Step 7> Create a new user group ftpaccess for the FTP user.

Bkjia @ bkjia :~ $ Sudo groupadd ftpaccess

Step 8> make the following changes in/etc/ssh/sshd_config:

> Locate and comment out the following line

Subsystem sftp/usr/lib/openssh/sftp-server

Add the following lines at the end of the file:

Subsystem sftp internal-sftp
Match group ftpaccess
ChrootDirectory % h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

Step 9> restart the sshd service

Bkjia @ bkjia :~ $ Sudo service ssh restart

Step 10> the following steps are used to create a user accessing the SFTP service.

Create user john, belong to the ftpaccess group, and execute the/usr/bin/nologin script

Bkjia @ bkjia :~ $ Sudo useradd-m john-g ftpaccess-s/usr/sbin/nologin
Bkjia @ bkjia :~ $ Sudo passwd johnChange ownership for the home directory.
Bkjia @ bkjia :~ $ Sudo chown root/home/john

Create a folder for writing files in the home folder and modify the folder owner.

Bkjia @ bkjia :~ $ Sudo mkdir/home/john/www
Bkjia @ bkjia :~ $ Sudo chown john: ftpaccess/home/john/www

Now, use SFTP to connect to the server (Port: 22) and make sure that you can upload files to the www folder, and you cannot access files other than the home folder.

If you want to allow both FTP and SFTP to coexist, follow the 10 steps above when creating a user. For existing users, you can move them to the ftpaccess group as follows, create a folder structure, and modify the ownership.

Bkjia @ bkjia :~ $ Sudo usermod john-g ftpaccess-s/usr/sbin/nologin
Bkjia @ bkjia :~ $ Sudo chown root/home/john
Bkjia @ bkjia :~ $ Sudo mkdir/home/john/www
Bkjia @ bkjia :~ $ Sudo chown john: ftpaccess/home/john/www

Now you can upload files to the www folder through FTP or SFTP.

Four Advanced configurations of vsftpd Server:

VsFTPd configuration Tutorial:

Simple and practical Ubuntu FTP setup

Set up FTP server and Apache server on Ubuntu

Install the LAMP \ vsftpd \ Webmin \ phpMyAdmin service and settings in Ubuntu 13.04

Simple case of anonymous uploading of SeLinux and vsftpd on the RHEL6 Platform

Install vsftpd source code in Linux

Install and configure the FTP server vsftpd in openSUSE 13.2/13.1