Installing vsftpd on Ubuntu or Debian
sudo apt-get install vsftpd
Installing vsftpd on CentOS / Fedora
yum install vsftpd
How to configure vsftpd:
Now that you’ve installed vsftpd, follow this procedure to configure it. These steps applies for both the linux variants.
Before you get started, stop the vsftpd by typing:
service vsftpd stop
Edit the vsftp.conf
In Ubuntu / Debian:
vi /etc/vsftpd.conf
In Red Hat / CentOS
vi /etc/vsftpd/vsftpd.conf
Make the following changes:
We don’t want anonymous login:
anonymous_enable=NO
Enable local users:
local_enable=YES
The ftpuser should be able to write data:
write_enable=YES
Port 20 need to turned off, makes vsftpd run less privileged:
connect_from_port_20=NO
Chroot everyone:
chroot_local_user=YES
set umask to 022 to make sure that all the files (644) and folders (755) you upload get the proper permissions.
local_umask=022
Now that basic configuration is complete, now let us begin with locking / securing a directory to user.
sudo useradd -d /var/www/path/to/your/dir -s /usr/sbin/nologin ftpuser
Setup a password for the user:
sudo passwd ftpuser
In order to enable the ftpuser read and write the data in your home dir, change the permission and take ownership:
sudo chown -R ftpuser /var/www/path/to/your/dirsudo chmod 775 /var/www/path/to/your/dir
Create userlist file and add the user:
Ubuntu / Debian:vi /etc/vsftpd.userlist
CentOS / Fedora
vi /etc/vsftpd/vsftpd.userlist
and add the user:
ftpuser
save the file and open the vsftp.conf file again:
vi /etc/vsftpd.conf
Add the following lines at the end of the file and save it:
# the list of users to give access
userlist_file=/etc/vsftpd.userlist# this list is on
userlist_enable=YES# It is not a list of users to deny ftp access
userlist_deny=NO
After completing all these procedures it is almost ready to use it, give it a try but you will get a 500 OOPS permission denied error. To fix it you need to add a nologin to the shell set.
vi /etc/shells
The file should look like this:
/bin/ksh
/usr/bin/rc
/usr/bin/tcsh
/bin/tcsh
/usr/bin/esh
/bin/dash
/bin/bash
/bin/rbash
Add this line at the end:
/usr/sbin/nologin
Now create a usergroup and add the ftpuser to it:
sudo addgroup ftpuserssudo usermod -Gftpusers ftpuser
Now start the vsftpd:
service vsftpd start