Ubuntu Linux vsftpd ftp service / server install, configuration howto

by on January 17, 2007 · 61 comments· LAST UPDATED November 29, 2007

in , ,

Q. How do I install Ubuntu ftp service or server?

A. Ubuntu Linux comes with various ftp servers to setup FTP service such as:
=> proftpd - Versatile, virtual-hosting FTP daemon

=> vsftpd - The Very Secure FTP Daemon

=> ftpd - FTP server

=> wu-ftpd - powerful and widely used FTP server

=> wzdftpd - A portable, modular, small and efficient ftp server

=> pure-ftpd - Pure-FTPd FTP server

I recommend using vsftpd. It is simple and quite secure FTP server. According to vsftpd man page:

vsftpd is the Very Secure File Transfer Protocol Daemon. The server can be launched via a super-server such as inetd or xinetd. Alternatively, vsftpd can be launched in standalone mode, in which case vsftpd itself will listen on the network.

=> Default ftp port : 21
=> Default configuration file : /etc/vsftpd.conf

How do I set up the vsftpd daemon to accept connections from another computer?

The configuration of the vsftpd FTP service (read as daemon ) simply requires three steps.

Step # 1: Install vsftpd

Type apt-get command to install vsftpd
$ sudo apt-get install vsftpd
Output:

Password:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
  vsftpd
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 121kB of archives.
After unpacking 438kB of additional disk space will be used.
Get:1 http://us.archive.ubuntu.com edgy/main vsftpd 2.0.4-0ubuntu5 [121kB]
Fetched 121kB in 0s (246kB/s)
Selecting previously deselected package vsftpd.
(Reading database ... 31396 files and directories currently installed.)
Unpacking vsftpd (from .../vsftpd_2.0.4-0ubuntu5_amd64.deb) ...
Setting up vsftpd (2.0.4-0ubuntu5) ...
Adding system user `ftp' with uid 106...
Adding new user `ftp' (106) with group `nogroup'.
Not creating home directory `/home/ftp'.
 * Starting FTP server: vsftpd

Step # 2: Configure /etc/vsftpd.conf

The default vsftpd configuration file is /etc/vsftpd.conf. You need to edit this file using text editor such as vi:
$ sudo vi /etc/vsftpd.conf

Add the following line (uncomment line) to the vsftpd configuration file:
local_enable=YES
Above config directive will allow local users to log in via ftp

If you would like to allow users to upload file, add the following to the file:
write_enable=YES

For security you may restrict local users to their home directories. Add the following to the file:
chroot_local_user=YES

Save and close the file.

Step # 3: Restart vsftpd

To restart vsftpd type the command :
$ sudo /etc/init.d/vsftpd restart
Output:

* Stopping FTP server: vsftpd                                                                                       [ ok ]
 * Starting FTP server: vsftpd                                                                                       [ ok ]

How do I use ftp command line utility?

Now you should be able to FTP to this server with any account that exists on the system except for the root user. From Windows or other Linux system use ftp client, type the command:
$ ftp ftp.nixcraft.in
Output:

Connected to ftp.nixcraft.in.
220 (vsFTPd 2.0.4)
Name (ftp.nixcraft.in:vivek): vivek
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/"
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r--    1 1000     1000        91798 Aug 16 08:26 apf-current.tar.gz
-rwxr-xr-x    1 1000     1000          156 Nov 10 07:05 iptables.stop
drwxr-xr-x    3 0        0            4096 Dec 23 11:11 postfix
-rw-r--r--    1 0        0        10481942 Nov 29 23:35 webmin_1.310_all.deb
226 Directory send OK.
ftp> quit
221 Goodbye.

Open FTP port using iptables (optional)

Add following rules to your iptables script. Assuming that default incoming policy is drop. If protocol is TCP and destination port is 21 (ftp):
iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
See - How do I open open ftp port 21 using iptables for more information.

There are a large number of other configuration options available for vsftpd that can be used to fine tune ftp server. Read vsftpd.conf man page by typing following command:
$ man vsftpd.conf

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 61 comments… read them below or add one }

1 yuanlao5 January 26, 2007 at 4:38 am

i want to use root to login my ftpserver. can you teach me how to setup it?

Reply

2 MasthanRaja February 16, 2011 at 4:04 am

Login “root” user through ftp
step1: To Remove root user from “ftpusers” &”user_list”

# vim /etc/vsftpd/ftpusers
root — remove root user here

# vim /etc/vsftpd/user_list
root — remove root user here
Step2: Service on & restart
# chkconfig vsftpd on
# service vsftpd restart
Step3: Set Boolean Policy

# getsebool -a | grep ftp (show ftp policy)

# setsebool -P allow_ftpd_full_access=on
# setsebool -P ftp_home_dir=on
Step4: Again We restart ftp service

Reply

3 sssm August 20, 2011 at 7:14 am

Thank you …..this is very easy set up and easy to use….. :)

Reply

4 vishal parikh February 12, 2007 at 10:48 am

hi
after logging to the username, i am able to do get command (able to
download the files) but i am not able to upload the files. message
received
ftp> put vish
227 Entering passive mode (127,0,0,1,188,16)
553 Could not create file.

pls help me

vishal parikh

Reply

5 rohan reddy November 23, 2010 at 3:33 pm

hi
give write permissions to root directory i.e chmod 777 /var/ftp/pub/
now u can upload files.

Reply

6 Anand Shankar February 13, 2007 at 2:30 am

The default setup for vsftpd makes the /home/ftp directory for ftp server use. I had been using vsftpd on fedora where this directory was /var/ftp/. In my new ubuntu installation I had kept /var partition large to accomodate ftp site files.

How do I change the default behaviour in ubuntu to make /var/ftp as the default ftp home in place of /home/ftp??

anand

Reply

7 Mohan May 22, 2007 at 9:42 am

If the user conect with ftp, he should be login in his home dir only.

how to set this home dir option.(no permisson view other dir)

Reply

8 MasthanRaja February 16, 2011 at 4:07 am

Step1: Set Boolean Policy

# getsebool -a | grep ftp (show ftp policy)

# setsebool -P allow_ftpd_full_access=on
# setsebool -P ftp_home_dir=on
Step2: You will restart ftp service

Reply

9 nixCraft May 22, 2007 at 11:01 am

Mohan,

Use vsftpd chroot feature

Reply

10 ehsan November 13, 2007 at 10:27 am

hi
i want to anynom users can visit /myftp folder and download some files.

then i want to users lik u1,u2,u3 can login to ftp
and can upload,change files in /myftp sub folders.

u1 should have access to /myftp/folder1
u2 should have access to /myftp/folder1 and /myftp/folder2
u3 should have access to /myftp/ all folders
anonym should not access to /myftp/folder3 !

is it possible?
i’m using FC6 with vsftpd2.0.5
HEPL PLZ!

Reply

11 Mahajan November 22, 2007 at 11:44 am

i want to login in root in local desktop through http://ftp…….PLz. help…

Reply

12 Ralph March 27, 2008 at 1:25 am

Great short step-by-step instructions for getting an FTP server running under Ubuntu. So easy to follow! Thank you.

Reply

13 only_samurai May 22, 2008 at 4:17 pm

vishal: you need to edit the /etc/vsftpd.conf file and uncomment write_enable=YES

Reply

14 Andres June 15, 2008 at 6:29 pm

Hello!,

Thanks for this great tutorial. I just followed your instructions and now it is nicely running :-)

I installed it on Ubuntu 8.0.4

Thanks again!!!

Reply

15 Jim July 29, 2008 at 1:56 am

After setting this up, is there a way I can log into this and see if it works from the same machine/pc? thanks

Reply

16 Jesse January 1, 2009 at 9:47 pm

i just got the ftp working. but when i try to upload an index.html file to my public_html folder. I get a 403 forbidden error. if i create the file on the web server it works great. any ideas because i don’t want to have to type everything into a file on the server thanks

Reply

17 Jesse January 1, 2009 at 10:19 pm

never mind figured it out

Reply

18 Mark January 8, 2009 at 12:03 am

Hi, I just followed your instructions, But when i type “ftp http://ftp.nixcraft.in” into ssh, i get “-bash: ftp: command not found”

Any idea whats wrong here?

Thanks

Reply

19 spaniolu November 19, 2010 at 9:43 am

Mark try apt-get install ftp

Reply

20 ahmed January 17, 2009 at 1:22 pm

hello,
thanks for tutorial, but i have some problem,
when anonym upload file, they can download it?
thanks

Reply

21 ahmed January 17, 2009 at 1:24 pm

sorry doble post,
i mean anonym can’t download that file…
thanks

Reply

22 diego January 18, 2009 at 3:41 am

Excellent and simple :)

Reply

23 Sylvester January 27, 2009 at 1:05 am

Hi

I have a question on vsftpd,

While setting the below settings (vsftpd.conf)

write_enable=YES
listen=YES
anonymous_enable=NO
local_enable=YES
virtual_use_local_privs=YES
write_enable=YES
connect_from_port_20=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
guest_enable=YES
user_sub_token=$USER
local_root=/opt/ftpimages/teamf/$USER
chroot_local_user=YES
chroot_list_enable=YES
hide_ids=YES
userlist_enable=NO

But, while using FileZilla clinet still I can able to go to other directories like “/, /etc/, /boot” and could even transfer the file to my PC?

Can you advise is there any setting is wrong?

Thanks,

-Sylvester

Reply

24 Patrik April 4, 2009 at 9:47 pm

@Sylvester:
I think your problem might revolve around the usage of both
chroot_local_user=YES
chroot_list_enable=YES
(since when chroot_local_user is YES, the chroot_list_enable becomes a list of people who ISN’T being chrooted.
May this perhaps be the stumbling block?

Reply

25 João Ramos June 12, 2009 at 9:53 am

Thank you very much! :)

Reply

26 Les July 16, 2009 at 2:47 am

I would like to setup a site where users can download(only) installers. The idea here is that users will click the installer they want to download and a window will appear asking if they want to open or save the installer . No need for username or emailaddress. On the .asp of the site I will hardcode the ftp location of the installer. Please help me on how I could setup my ftp server installed in linux fedora 6. I use vsftpd installed on the linux server. The installers are also located on the linux box.

Reply

27 byron July 31, 2009 at 4:42 am

I have vsftpd setup. I can connect via command line with my home server’s IP address and the domains setup as virtual hosts. I cannot, however, connect through FileZilla when I use anything other than the IP address behind my router. Something I need to configure? Something I forgot to configure, maybe? Hope someone can help me out. Thanks.

Reply

28 Kedibone August 4, 2009 at 7:16 am

can somebody help to setup a PROFTPD server with the following settings:
don’t allow anonymous logins
files copied to the server must by default have rwxrwxrx permissions
the user will be locked in student’s home directory
maximum of 5 users can FTP to the server at the same time
maximum download speed for nay user is 100kbytes
pass the configuration file

Reply

29 Manish Meshram February 25, 2012 at 5:51 am

go to anonymous_enable=NO
:wq (enter)
service vsftpd restart

Reply

30 anil y September 17, 2009 at 8:54 am

plz help me
i cannot access the other end ftp user acount in ubuntu linux server,

what is the way to access?

thanking u
Anil

Reply

31 Sreejith September 22, 2009 at 2:45 pm

Hi,
I installed the ftp service.But could not connect it using http://ftp.nixcraft.in
Could you pls clarify what does nixcraft stands for.
When i create a ftp service,the ftp address will be http://ftp..com.
What will be X, Is it my computer name ? or User Name ?

Please clarify
Thanks in Advance

Reply

32 nixCraft September 22, 2009 at 7:37 pm

nixcraft.in is my domain name. You need to create subdomain called http://ftp.nixcraft.in by editing bind zone files. However, if your dns hosted with ISP, contact them or use their control panel to create ftp subdomain.

HTH

Reply

33 Jan October 3, 2009 at 5:00 pm

Short and Excellent guide for getting FTP on ubuntu.
Thank you !

Reply

34 rahul November 11, 2009 at 4:34 pm

could you please send me the complete details to configure ftp server in linux

Reply

35 Kaloyan February 8, 2010 at 6:12 pm

Hallo, fellows!
I followed all steps in this guide but on the end result is the following:
$ sudo /etc/init.d/vsftpd restart
* Stopping FTP server: vsftpd
No /usr/sbin/vsftpd found running; none killed.
[ OK ]
* Starting FTP server: vsftpd [ OK ]

What is “No /usr/sbin/vsftpd found running; none killed.” supposed to mean and how could I get over it?

And another question: What is the meaning of these rows in vsftpd.conf:
# Run standalone? vsftpd can run either from an inetd or as a standalone
# daemon started from an initscript.
listen=YES
What actually means “Run standalone”?

Thank you!!!

Reply

36 CosmicB February 19, 2010 at 10:46 am

Kaloyan:
You get “No /usr/sbin/vsftpd found running; none killed.”
when vsftpd isn’t running, and you’re trying to stop it (as in /etc/init.d/vsftpd restart)

What actually means “Run standalone”?
It means that vsftpd is running as a standalone server, not controlled by inetd or xinetd.
Setting ‘Run standalone’ to NO means vsftpd isn’t running.
When configuring inetd to control vsftpd it means that inetd is actually listening at port 21, when a connection comes inetd launches vsftpd. This is preferable if one uses /etc/hosts.deny and /etc/hosts.allow for security (f.example using denyhosts) since inetd/xinetd obeys those files, and vsftpd doesn’t.

Reply

37 Mohamoud March 11, 2010 at 5:39 am

By default all files uploaded up users has 600 permissions. If you want your files to be 644 you need to uncomment the line “local_umask=022″ and you should be good to go. If you still can’t upload. Make sure the user has permission to write to this folder.

Reply

38 punya deo narayan April 19, 2010 at 4:38 pm

sir i am workin in bizmascot company plz send me information about in FTP bu using in and access personal database……………….

Reply

39 Jens Ecker April 26, 2010 at 4:02 pm

Hello guys

I want to know about ftp access with domain.

If i am usingw ith virtual host once public domain. like this Your IP from Network enable to domain?

example:
127.0.0.1 is localhost on your couter or your laptop.
1xx.xxx.xxx.xxx yourdomain.com

Than how do i bind with virtualhost for ftp access??
like this ftp_domain.com with password and http://domain.com or http://www.domain.com

Thanks for tricks and tips.. I want to try.

PS: Can i use once Steam Server like Counter-Strike Server from my ip?

If “yes” than iw ill make sure…

Thanks Best regards from Germany. Jens

Reply

40 Robert Gonzalez April 30, 2010 at 4:22 pm

Thanks for the awesome write up. I’ve installed vsftpd on my Fedora server before without any problems. But for some reason with my Ubuntu server I cannot get it running properly. I have the daemon installed and it is running (I can connect from localhost without issue) but when trying to connect remotely I get a timeout from the machine. I opened up port 21 to listen for FTP connections but still remote connections don’t seem to catch.

Any idea what could be causing this?

Reply

41 JD May 10, 2010 at 12:13 pm

It is helpful…

Reply

42 CMD May 28, 2010 at 9:24 pm

In recent versions of Ubuntu use this command to restart vsftp:

sudo service vsftpd restart

Reply

43 Khamsingh June 17, 2010 at 9:32 am

I want to make users of ftp which can login in my FTP server |
how can i make users and permissions
plz help me any one

Reply

44 nc June 22, 2010 at 10:21 am

how can limite ftp connection to a single dominain ?

only machines width IP in “enterprise.com” domain can login to ftp

Reply

45 FujiKomalan August 24, 2010 at 5:49 am

use tcp_wrappers

Reply

46 Debug June 25, 2010 at 4:41 pm

Hello,

I have configured vsftpd on Mint Linux (debian/ubuntu) and I have open FTP port 20 and 21 in the firewall. I have created self assigned certificate for vsftpd and make the necessary configuration in vsftpd.conf.

vsftpd use any random port (>1024) to encrypt/decrypt the data and it automatically uses the passive mode.
Can I assign specific port (990 or 991) instead of the random ports?

I have used following options in vsftpd.conf however it doesn’t work…
pasv_min_port=40000
pasv_max_port=40100

Thanks & Regards,
Deepak

Reply

47 joe August 1, 2010 at 6:56 pm

Status: Connection established, waiting for welcome message…
Response: 220 Welcome to ******* Server
Command: USER ####
Response: 331 Please specify the password.
Command: PASS ####
Response: 230 Login successful.
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Features:
Response: EPRT
Response: EPSV
Response: MDTM
Response: PASV
Response: REST STREAM
Response: SIZE
Response: TVFS
Response: UTF8
Response: 211 End
Command: OPTS UTF8 ON
Response: 200 Always in UTF8 mode.
Status: Connected
Status: Retrieving directory listing…
Command: PWD
Response: 257 “/”
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: PASV
Response: 227 Entering Passive Mode (ip.xxx.xxx.xxx,255,60).
Command: LIST
Error: Connection timed out
Error: Failed to retrieve directory listing

ok this is what happens remotely when connecting with filezilla. I have ports 20,21 opened in router, and also a range of high ports listing in vsftpd.conf. i can access the ftp fine on my LAN.

here is the vsftpd file

listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
connect_from_port_20=YES
idle_session_timeout=600
data_connection_timeout=120
nopriv_user=####
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
Rsa_cert_file=/etc/ssl/private/vsftpd.pem
pasv_enable=YES
pasv_min_port=65000
pasv_max_port=65534
pasv_address=XXX.XXX.XXX.XXXX
max_clients=10
max_per_ip=1

any advice here would be great first time iv’e tried to set this up.
Thanks,
Joe

Reply

48 MrB August 15, 2010 at 3:04 am

Joe
You don’t have all the SSL options set up. Use this as a guide. The big one is the first one. You should check on the other options. They can vary a lot from one installation to the next.

Also make sure that port 22 is open on your computer firewall and any external firewalls.

ssl_enable=YES
allow_anon_ssl=NO
#force_local_data_ssl=NO
#force_local_logins_ssl=NO
# the next three are the connection types / SSL versions. good luck with the right combination.
ssl_tlsv1=YES
#ssl_sslv2=NO
#ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/yourcert.pem

Reply

49 reza October 16, 2010 at 8:32 am

hi
i want to know when a user loging to ftp server in linux,he anly can upload specific file to server.
good luck

Reply

50 g October 19, 2010 at 10:22 am

huh?

me also confused when facing this at the first time.
Once I finished installing the ftp service, seems everything is okay.
Anyway, at the vsftpd.conf file, i didn’t notice some variable saying the
default directory …. where would it be?

~ confused mode: ON.

Reply

51 thiyagi March 24, 2011 at 11:39 am

thanks for the help..

Reply

52 bulldog13090 June 23, 2011 at 8:08 pm

I know how to disable anonimous on the ftp server.
where do I setup the file with Username and Password?

Reply

53 bulldog13090 June 24, 2011 at 4:24 pm

so when I try restarting by typing
/etc/init.d$ sudo /etc/init.d/vsftpd restart
I get the message

Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service vsftpd restart

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the restart(8) utility, e.g. restart vsftpd
vsftpd start/running, process 5888
I know how to find the PID but then what?

Reply

54 federico September 30, 2011 at 6:42 am

I have the same problem. How I can restart the service?

Reply

55 Josef September 1, 2011 at 6:56 pm

Thanks, this is exactly what I wanted – a very simple FTP solution that just works!

Reply

56 x-tech October 17, 2011 at 4:06 am

Hi guys

quick question

i have 2 webhosts running on same machine just setup today

now i installed vsftpd on the ubuntu machine running the 2 webhosts.

now i want to know how and which files i need to edit in order to create 2 accounts
2users+2 passwd and give specific folder access rights for each specific webhost

i have the following setup here

the 2 webhosts are in

var/www/

webhost1 and webhost2

so i want to give only FTP access to user1+passwd1 direct to webhost1 folder

and user2+passwd2 only for access webhost2

is that possible and how can i do it, as i dont want the usere to have any kind of access at all to the older folders on the ubuntu machine.

any hints or help will be appreciated guys

Reply

57 Samiullah Samir December 19, 2011 at 8:52 am

when i try to connect from Filezilla its working from Public IP address to connect to my FTP server and working fine but when i try to connect from Private IP address which is NATed to the same Public IP
the connecotn to the server Established OK and it accept username and password
but when it reach to MLSD then it give the Error
MLSD
Connecton TIme Out
Failed to retrieve directory listing

can any one help me please

Reply

58 Samiullah Samir December 19, 2011 at 8:54 am

i am using PureFTP in ubuntu 11.10 please help me

Reply

59 Hasan December 27, 2011 at 1:21 am

Hello,
Firstly, thank you for your time sir.

I followed your instructions, but when I attempt to ftp the server I just set up, I get the following error. I believe I am not defining what my domain is, am I correct? If so, how do I rectify this issue?

My Fedora 16 (x64) Desktop is called homepc as depicted below.

[hasan@homepc ~]$ hostname
homepc
[hasan@homepc ~]$
—————————————————-
[hasan@homepc ~]$ ftp http://ftp.homepc
Trying 8.15.7.107…
Connected to http://ftp.homepc (8.15.7.107).
Host/Domain name is invalid
ftp>

Thank you so much. Hasan

Reply

60 Manish January 23, 2012 at 8:28 am

I want to setup vsftpd server for 10 users.
5 of them should have read, write access & rest 5 should have read only access.
When they login they should be able to access only /opt/pub directory.
No access to their home directory (not required)
Please suggest.

Regards,
Manish

Reply

61 abhinav July 18, 2012 at 7:21 pm

How do I host an ftp for local use … in the sense if I have 2 laptops and i want to transfer files from one computer to another using vsftpd ?
what do i need to do ?

Reply

Leave a Comment

Tagged as: , , ,

Previous Faq:

Next Faq: