How to setup and configure an FTP server in Linux?
Last Updated :
31 May, 2022
FTP (file transfer protocol) is an internet protocol that is used for transferring files between client and server over the internet or a computer network. It is similar to other internet protocols like SMTP which is used for emails and HTTP which is used for websites. FTP server enables the functionality of transferring files between server and client. A client connects to the server with credentials and depending upon the permissions it has, it can either read files or upload files to the server as well. In this article, we will see how to set up an FTP server, configure user permissions, configure a firewall and finally encrypt our FTP traffic with SSL.
How does the FTP server work?
FTP server facilitates the transfer of files between client and server. You can either upload a file to a server or download a file from the server. A client makes two types of connections with the server, one for giving commands and one for transferring data. The client issues the command to the FTP server on port 21, which is the command port for FTP. For transferring data, a data port is used. There are two types of connection modes for transferring data:
- Active mode: In Active mode, the client opens a port and waits for the server to connect to it to transfer data. The server uses its port 20 to connect to the client for data transfer. Active mode is not set by default in most of the FTP clients because most firewalls block the connections which are initiated from outside, in this case, the connection initiated by our FTP server. To use this, you have to configure your firewall.
- Passive mode: In this, when a client requests a file from the server, the server opens a random port and tells the client to connect to that port. In this case, the connections are initiated by the client and this also solves the firewall issues. Most of the FTP clients use passive mode by default.
Stepwise Implementation
At first SSH into your Linux virtual machine with a user who has sudo permissions and follows the following steps:
Step 1: Install FTP server
There are many FTP servers to choose from like ProFTPD, vsftpd, etc. We will be using vsftpd.
Features of vsftpd FTP server
vsftpd has a lot of features that make it a great option as an FTP server. It
- Supports SSL/TLS integration
- Can jail users into its home directory with a feature called chroot. We will set this up later in this article.
- Can limit bandwidth.
- Supports virtual users
- Supports virtual IP configuration
- Supports IPv6
Type in the following command to install vsftpd
sudo apt install vsftpd
Now we will check if the vsftpd service is active or not. Type in
sudo systemctl status vsftpd
You can see under the Active heading that it's active and running. systemctl command is used to manage and check services on Linux. We can also use this command to enable and disable services on Linux. If your vsftpd is not active, then type in
sudo systemctl enable --now vsftpd
The --now flag ensures that enable command affects our service immediately and not after a reboot.
Step 2: Configure Firewall
FTP uses port 20 for active mode, port 21 for commands, and a range of ports for passive mode. We need to open these ports from our firewall. If you do not use any firewall, you can skip this step. Most Linux systems use ufw to manage firewalls, however, some cloud service providers like Microsoft Azure have firewalls outside of the Virtual machine and you have to configure that from their portal. Whatever the case, just open ports 20 and 21 for TCP connections and open a range of ports for passive FTP connections. The range for passive ports depends upon how many concurrent user clients you expect to have. Also, a single client can use multiple ports to transfer multiple files or a large file. We also need to specify our FTP server to use those ports and we will see how to do it later in this tutorial The ports till 1024 are reserved and our passive FTP port range should be higher than that. I'll open ports from 5000-10000. We will also open port 990 for TLS which we will configure later. Let's do it for ufw. Type in
sudo ufw allow 20/tcp
sudo ufw allow 21/tcp
sudo ufw allow 990/tcp
sudo ufw allow 5000:10000/tcp
Step 3: Configure Users
The two most common use cases of FTP servers are:
- You want to host a public FTP server and a lot of public users are going to connect to your FTP server to download files.
- You want to upload your files to your Linux server for personal use and you would not have public users.
In the first case, you would need to create an additional user and share its username and password with your clients to access the files. Everything else is the same for the second case.
The basic idea is that the admin user should be able to upload files to any folder of the machine, and the public user should be able to view and download files from a specific directory only. To make this happen, you should have a basic idea of user permissions. The root user has the permission to write files into any folder of the server, and any other user has access to every folder inside their home directory which is /home/username , and most of the other directories are not writable by other users. So if you want to upload files to other directories outside of your admin user's home directory, let's say /var/www, then you would need to change the owner of this directory to your admin user with chown command, or change directory modification permissions with chmod command.
Let's start by creating our public user account. Type in
sudo adduser ftpuser
Enter your password, leave other values empty, and at last, enter Y to save changes.
Now, for security purposes, we will disable ssh permission for this user. Type in
sudo nano /etc/ssh/sshd_config
Add the following line in this file
DenyUsers ftpuser
Press Ctrl + x then y then enter. Now, restart the SSH service so that these new settings take effect.
sudo systemctl restart sshd
Step 4: Create the FTP folder and set permissions
We will create our FTP folder. Type in
sudo mkdir /ftp
Now, we will change this directory's owner to our admin user. Type in
sudo chown adminuser /ftp
If you want to upload files to any folder that is not owned by your admin user, you will have to change that folder's owner using the above-mentioned command.
Step 5: Configure and secure vsftpd
Open the vsftpd configuration file. Type in
sudo nano /etc/vsftpd.conf
Make sure the following lines are uncommented
...
anonymous_enable=NO
local_enable=YES
write_enable=YES
...
Also, we opened ports 5000 to 10000 in step 2 for passive mode, so now we will let vsftpd know which ports to use for passive FTP connection. Add the following lines in vsftpd.conf file
pasv_min_port=5000
pasv_max_port=10000
Now, we will specify the default directory for FTP connections which will open when someone connects to our FTP server. Add the following line
local_root=/ftp
Remember, do not put any space before and after = in this configuration file.
Locking user into the home directory
Now, for security reasons, we will lock the ftpuser to the default directory, as by default, a user can browse the whole Linux server. To do this, vsftpd uses chroot. To do this, un-comment the following lines
...
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
...
Also, add the following line as it is not in the configuration file by default
allow_writeable_chroot=YES
The first line enables chroot feature for local users which includes our admin user and our ftpuser. The second and third lines let us choose which users to apply to chroot to.
Setting file permission
local_umask=0002
This line will set the modification permission of every new file created to 664(-rw-rw-r-) and of every new folder to 775(rwxrwxr-x). With this, the ftpuser can only read and download files from every sub-directory of our FTP directory, but it does not have permission to upload anything to our FTP directory since it is not the owner.
Press Ctrl + x then y then enter. Now, we need to create that list file. Type in
sudo touch /etc/vsftpd.chroot_list
sudo nano /etc/vsftpd.chroot_list
Whatever users you specify in this file, will not be chroot-ed. So add your admin username in this file because we do not want to lock it. Press Ctrl + x then y then enter. Now we need to restart our vsftpd server so that all these settings get applied immediately. Type in
sudo systemctl restart --now vsftpd
Step 6: Securing vsftpd with SSL/TLS
It is recommended to encrypt FTP traffic if you want to use it over the internet. We will encrypt our traffic with FTPS (file transfer protocol over SSL). Let's start by generating a self-signed certificate. Type in
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem
Enter all the required information and your certificate will be generated. You can also Hit Enter if you want the default values to be set. Now, open the vsftpd configuration file. Type
sudo nano /etc/vsftpd.conf
Go to the end of the file and remove the following lines
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO
And, paste the following lines
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
Save the changes and finally, restart the vsftpd service by typing in
sudo systemctl restart --now vsftpd
Step 7: Connecting to our FTP server
To do this, you will need an FTP client. Again, there are a bunch of them to choose from. I'd suggest you go with Filezilla. Download and install it and then open it. Enter your server's IP address in the Host field, your username, and password, and click connect and you are good to go.
On the left side, you would see your PC's directories, and on the right, you would see the directories of your FTP server. You can drag and drop files to upload and download files between the FTP server and your device(client).
FTP server commands
You can also connect to your FTP server on the terminal and operate it with FTP commands. A list of a few of them is given below.
| Command | Function |
|---|
| pwd | print the current working directory |
| cwd | change working directory |
| dele | delete the specified file |
| cdup | change to the parent directory |
| help | displays help information |
| cd | change the working directory |
| get filename | download the specified file |
| put filename | uploads the specified file |
| bye | end FTP session |
Similar Reads
Linux/Unix Tutorial Linux is one of the most widely used open-source operating systems. It's fast, secure, stable, and powers everything from smartphones and servers to cloud platforms and IoT devices. Linux is especially popular among developers, system administrators, and DevOps professionals.Linux is:A Unix-like OS
10 min read
Getting Started with Linux
What is Linux Operating SystemLinux is based on the UNIX operating system. UNIX is a powerful, multi-user, multitasking operating system originally developed in the 1970s at AT&T Bell Labs. It laid the foundation for many modern operating systems, including Linux.Linux is free and open-source, accessible to everyone.Its sour
10 min read
LINUX Full Form - Lovable Intellect Not Using XPLINUX stands for Lovable Intellect Not Using XP. Linux was developed by Linus Torvalds and named after him. Linux is an open-source and community-developed operating system for computers, servers, mainframes, mobile devices, and embedded devices. Linux receives requests from system programs and it r
2 min read
Difference between Linux and WindowsLinux: Linux could be a free and open supply OS supported operating system standards. It provides programming interface still as programme compatible with operating system primarily based systems and provides giant selection applications. A UNIX operating system additionally contains several several
7 min read
What are Linux Distributions ?A Linux distribution, often shortened to “distro,†is a packaged version of Linux that comes with the Linux kernel plus a collection of software and utilities that make the OS functional and user-friendly. Some distros are optimized for business environments, offering tools for productivity and ente
8 min read
Difference between Unix and LinuxUnix was created in the 1970s by Ken Thompson and Dennis Ritchie at Bell Labs. Dennis Ritchie was also the creator of the C programming language. Originally a command-line operating system, Unix has evolved to support graphical interfaces (GUI) as well. It became popular in universities, enterprises
5 min read
Installation with Linux
How to Install Arch Linux in VirtualBox?Installing Arch Linux on a virtual machine is an excellent way to experience this powerful and flexible Linux distribution without affecting your main system. If you're looking to install Arch Linux in VirtualBox, this guide will take you through the process step-by-step. Arch Linux is known for its
7 min read
Fedora Linux Operating SystemFedora Linux is a free and open-source operating system based on the Linux kernel and was developed by the community-supported Fedora Project. It is known for its fast release cycle, which keeps the operating system up to date with the latest software and technologies.What is the Fedora Linux Operat
12 min read
How to install Ubuntu on VirtualBox?Installing Ubuntu on VirtualBox is a great way to experience the powerful features of this popular Linux distribution without altering your main operating system. Whether you’re a developer, a student, or simply curious about Linux, setting up Ubuntu on VirtualBox allows you to test and explore in a
6 min read
How to Install Linux Mint?Linux Mint is the second-largest Linux-based distro used in the world. Linux Mint is a community-driven Linux distribution based on Ubuntu which itself is based on Debian and bundled with a variety of free and open-source applications. So here we discuss the installation of Linux mint. Installation
3 min read
How to Install Kali Linux on Windows?Kali Linux is an open-source Linux distribution based on Debian, designed for sophisticated penetration testing and security auditing. Kali Linux includes hundreds of tools for diverse information security activities such as penetration testing, security research, computer forensics, and reverse eng
2 min read
How to Install Linux on Windows PowerShell Subsystem?There are several ways to Install a Linux subsystem on your Windows PC Powershell Environment. It is good for learners, but it is recommended using original Linux OS if you are a developer as the Subsystem lacks the pre-installed Linux tools. Before we begin installing a Linux subsystem, we need to
2 min read
How to Find openSUSE Linux Version?openSUSE is well known for its GNU/Linux-based operating systems, mainly Tumbleweed, a tested rolling release, and Leap, a distribution with Long-Term-Support(LTS). MicroOS and Kubic are new transactional, self-contained distributions for use as desktop or container runtime. Here we figure out which
2 min read
How to Install CentOSCentOS is a popular open-source Linux distribution aimed at servers and provides compatibility with Red Hat's RPM package manager. It is built with the goal of providing a stable operating system that provided great compatibility with the upstream RHEL (Red hat enterprise Linux) CentOS is therefore
2 min read
Linux Commands
Linux CommandsLinux commands are essential for controlling and managing the system through the terminal. This terminal is similar to the command prompt in Windows. It’s important to note that Linux/Unix commands are case-sensitive. These commands are used for tasks like file handling, process management, user adm
15+ min read
Essential Unix CommandsUnix commands are a set of commands that are used to interact with the Unix operating system. Unix is a powerful, multi-user, multi-tasking operating system that was developed in the 1960s by Bell Labs. Unix commands are entered at the command prompt in a terminal window, and they allow users to per
7 min read
How to Find a File in Linux | Find CommandThe find command in Linux is used to search for files and directories based on name, type, size, date, or other conditions. It scans the specified directory and its sub directories to locate files matching the given criteria.find command uses are:Search based on modification time (e.g., files edited
9 min read
Linux File System
Linux File SystemA file system is a structured method of storing and managing data—including files, directories, and metadata—on your machine. Think of it like a library. If thousands of books were scattered around, finding one would be hard. But in an organized structure, like labeled shelves, locating a book becom
12 min read
Linux File Hierarchy StructureThe Linux File Hierarchy Structure or the Filesystem Hierarchy Standard (FHS) defines the directory structure and directory contents in Unix-like operating systems. It is maintained by the Linux Foundation. In the FHS, all files and directories appear under the root directory /, even if they are sto
6 min read
Linux Directory StructureIn Linux, everything is treated as a file even if it is a normal file, a directory, or even a device such as a printer or keyboard. All the directories and files are stored under one root directory which is represented by a forward slash /. The Linux directory layout follows the Filesystem Hierarchy
6 min read
Linux Kernel
Linux KernelLinux Kernel is the heart of Linux operating systems. It is an open-source (source code that can be used by anyone freely) software that is most popular and widely used in the industry as well as on a personal use basis. Who created Linux and why? Linux was created by Linus Torvalds in 1991 as a hob
4 min read
Kernel in Operating SystemA kernel is the core part of an operating system. It acts as a bridge between software applications and the hardware of a computer. The kernel manages system resources, such as the CPU, memory and devices, ensuring everything works together smoothly and efficiently. It handles tasks like running pro
9 min read
How Linux Kernel Boots?Many processes are running in the background when we press the system's power button. It is very important to learn the Linux boot process to understand the workings of any operating system. Knowing how the kernel boots is a must to solve the booting error. It is a very interesting topic to learn, l
11 min read
Difference between Operating System and KernelIn the world of computing, two terms that are frequently mentioned are Operating System (OS) and Kernel. In this article, we will explore the key differences between the OS and the Kernel, their functions, and how they work together to manage hardware and software.What is an Operating System?An Oper
3 min read
Linux Kernel Module Programming: Hello World ProgramKernel modules are pieces of code that can be loaded and unloaded into the kernel upon demand. They extend the functionality of the kernel without the need to reboot the system. Custom codes can be added to Linux kernels via two methods. The basic way is to add the code to the kernel source tree and
7 min read
Linux Loadable Kernel ModuleIf you want to add code to a Linux kit, the basic way to do that is to add source files to the kernel source tree and assemble the kernel. In fact, the process of setting up the kernel consists mainly of selecting which files to upload to the kernel will be merged. But you can also add code to the L
7 min read
Loadable Kernel Module - Linux Device Driver DevelopmentFor Linux device drivers, we can use only two languages: Assembler and C. Assembler implements the main parts of the Linux kernel, while C implements the architecture-dependent parts. Uploaded kernel modules are often referred to as kernel modules or modules, but those are misleading names because t
4 min read
Linux Networking Tools
Network configuration and troubleshooting commands in LinuxComputers are often connected to each other on a network. They send requests to each other in the form of packets that travel from the host to the destination. Linux provides various commands from network configuration and troubleshooting. Network Configuration and Troubleshooting Commands in Linux
5 min read
How to configure network interfaces in CentOS?A network interface is a link between a computer and another network(Private or Public). The network interface is basically a card which is known as NIC or Network Interface Card, this does not necessarily have to be in a physical form instead, it can be inbuilt into the software. If we take the exa
5 min read
Command-Line Tools and Utilities For Network Management in LinuxIf you are thinking of becoming a system administrator, or you are already a system admin, then this article is for you.As a system admin, your daily routine will include configuring, maintaining, troubleshooting, monitoring, securing networks, and managing servers within data centers. Network confi
8 min read
Linux - Network Monitoring ToolsNetwork monitoring is using a system (hardware or software) that continuously observes your network and the data flows through it, depending on how the monitoring solution actually functions and informs the network administrator. We can keep a check on all the activities of our network easily. While
4 min read
Linux Process
Linux Firewall
Shell Scripting & Bash Scripting
Introduction to Linux Shell and Shell ScriptingWhenever we use any modern operating system like Linux, macOS, or Windows we are indirectly interacting with a shell, the program that interprets and executes our commands. While running Ubuntu, Linux Mint, or any other Linux distribution, we are interacting with the shell by using the terminal. In
8 min read
What is Terminal, Console, Shell and Kernel?Understanding the terms terminal, console, shell, and kernel is crucial for anyone working with computers or learning about operating systems. These concepts are key components of how we interact with our devices and software. The terminal is a text-based interface used to interact with the computer
5 min read
How to Create a Shell Script in linuxShell is an interface of the operating system. It accepts commands from users and interprets them to the operating system. If you want to run a bunch of commands together, you can do so by creating a shell script. Shell scripts are very useful if you need to do a task routinely, like taking a backup
7 min read
Shell Scripting - Different types of VariablesThe shell is a command-line interpreter for Linux and Unix systems. It provides an interface between the user and the kernel and executes commands. A sequence of commands can be written in a file for execution in the shell. It is called shell scripting. It helps to automate tasks in Linux. Scripting
4 min read
Bash Scripting - Introduction to Bash and Bash ScriptingBash is a command-line interpreter or Unix Shell and it is widely used in GNU/Linux Operating System. It is written by Brian Jhan Fox. It is used as a default login shell for most Linux distributions. Scripting is used to automate the execution of the tasks so that humans do not need to perform them
12 min read
Bash Script - Define Bash Variables and its typesVariables are an important aspect of any programming language. Without variables, you will not be able to store any required data. With the help of variables, data is stored at a particular memory address and then it can be accessed as well as modified when required. In other words, variables let yo
12 min read
Shell Scripting - Shell VariablesA shell variable is a character string in a shell that stores some value. It could be an integer, filename, string, or some shell command itself. Basically, it is a pointer to the actual data stored in memory. We have a few rules that have to be followed while writing variables in the script (which
6 min read
Bash Script - Difference between Bash Script and Shell ScriptIn computer programming, a script is defined as a sequence of instructions that is executed by another program. A shell is a command-line interpreter of Linux which provides an interface between the user and the kernel system and executes a sequence of instructions called commands. A shell is capabl
4 min read
Shell Scripting - Difference between Korn Shell and Bash shellKorn Shell: Korn Shell or KSH was developed by a person named David Korn, which attempts to integrate the features of other shells like C shell, Bourne Shell, etc. Korn Shell allows developers to generate and create new shell commands whenever it is required. Korn shell was developed a long year bac
3 min read
Shell Scripting - Interactive and Non-Interactive ShellA shell gives us an interface to the Unix system. While using an operating system, we indirectly interact with the shell. On Linux distribution systems, each time we use a terminal, we interact with the shell. The job of the shell is to interpret or analyze the Unix commands given by users. A shell
3 min read
Shell Script to Show the Difference Between echo “$SHELL†and echo ‘$SHELL’In shell scripting and Linux, the echo command is used to display text on the terminal or console. When used with the $SHELL variable, which contains the path of the current user's shell program, the output of the echo command can be different depending on whether the variable is enclosed in single
4 min read