≡ Menu

Ubuntu Linux vsftpd ftp service / server install, configuration howto

Q. How do I install Ubuntu ftp service or server?

A. Ubuntu Linux comes with various ftp servers to setup FTP service such as:
=> proftpd - Versatile, virtual-hosting FTP daemon

=> vsftpd - The Very Secure FTP Daemon

=> ftpd - FTP server

=> wu-ftpd - powerful and widely used FTP server

=> wzdftpd - A portable, modular, small and efficient ftp server

=> pure-ftpd - Pure-FTPd FTP server

I recommend using vsftpd. It is simple and quite secure FTP server. According to vsftpd man page:

vsftpd is the Very Secure File Transfer Protocol Daemon. The server can be launched via a super-server such as inetd or xinetd. Alternatively, vsftpd can be launched in standalone mode, in which case vsftpd itself will listen on the network.

=> Default ftp port : 21
=> Default configuration file : /etc/vsftpd.conf

How do I set up the vsftpd daemon to accept connections from another computer?

The configuration of the vsftpd FTP service (read as daemon ) simply requires three steps.

Step # 1: Install vsftpd

Type apt-get command to install vsftpd
$ sudo apt-get install vsftpd
Output:

Password:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
  vsftpd
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 121kB of archives.
After unpacking 438kB of additional disk space will be used.
Get:1 http://us.archive.ubuntu.com edgy/main vsftpd 2.0.4-0ubuntu5 [121kB]
Fetched 121kB in 0s (246kB/s)
Selecting previously deselected package vsftpd.
(Reading database ... 31396 files and directories currently installed.)
Unpacking vsftpd (from .../vsftpd_2.0.4-0ubuntu5_amd64.deb) ...
Setting up vsftpd (2.0.4-0ubuntu5) ...
Adding system user `ftp' with uid 106...
Adding new user `ftp' (106) with group `nogroup'.
Not creating home directory `/home/ftp'.
 * Starting FTP server: vsftpd

Step # 2: Configure /etc/vsftpd.conf

The default vsftpd configuration file is /etc/vsftpd.conf. You need to edit this file using text editor such as vi:
$ sudo vi /etc/vsftpd.conf

Add the following line (uncomment line) to the vsftpd configuration file:
local_enable=YES
Above config directive will allow local users to log in via ftp

If you would like to allow users to upload file, add the following to the file:
write_enable=YES

For security you may restrict local users to their home directories. Add the following to the file:
chroot_local_user=YES

Save and close the file.

Step # 3: Restart vsftpd

To restart vsftpd type the command :
$ sudo /etc/init.d/vsftpd restart
Output:

* Stopping FTP server: vsftpd                                                                                       [ ok ]
 * Starting FTP server: vsftpd                                                                                       [ ok ]

How do I use ftp command line utility?

Now you should be able to FTP to this server with any account that exists on the system except for the root user. From Windows or other Linux system use ftp client, type the command:
$ ftp ftp.nixcraft.in
Output:

Connected to ftp.nixcraft.in.
220 (vsFTPd 2.0.4)
Name (ftp.nixcraft.in:vivek): vivek
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/"
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r--    1 1000     1000        91798 Aug 16 08:26 apf-current.tar.gz
-rwxr-xr-x    1 1000     1000          156 Nov 10 07:05 iptables.stop
drwxr-xr-x    3 0        0            4096 Dec 23 11:11 postfix
-rw-r--r--    1 0        0        10481942 Nov 29 23:35 webmin_1.310_all.deb
226 Directory send OK.
ftp> quit
221 Goodbye.

Open FTP port using iptables (optional)

Add following rules to your iptables script. Assuming that default incoming policy is drop. If protocol is TCP and destination port is 21 (ftp):
iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
See - How do I open open ftp port 21 using iptables for more information.

There are a large number of other configuration options available for vsftpd that can be used to fine tune ftp server. Read vsftpd.conf man page by typing following command:
$ man vsftpd.conf

Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 61 comments… add one }

  • yuanlao5 January 26, 2007, 4:38 am

    i want to use root to login my ftpserver. can you teach me how to setup it?

    • MasthanRaja February 16, 2011, 4:04 am

      Login “root” user through ftp
      step1: To Remove root user from “ftpusers” &”user_list”

      # vim /etc/vsftpd/ftpusers
      root — remove root user here

      # vim /etc/vsftpd/user_list
      root — remove root user here
      Step2: Service on & restart
      # chkconfig vsftpd on
      # service vsftpd restart
      Step3: Set Boolean Policy

      # getsebool -a | grep ftp (show ftp policy)

      # setsebool -P allow_ftpd_full_access=on
      # setsebool -P ftp_home_dir=on
      Step4: Again We restart ftp service

    • sssm August 20, 2011, 7:14 am

      Thank you …..this is very easy set up and easy to use….. :)

  • vishal parikh February 12, 2007, 10:48 am

    hi
    after logging to the username, i am able to do get command (able to
    download the files) but i am not able to upload the files. message
    received
    ftp> put vish
    227 Entering passive mode (127,0,0,1,188,16)
    553 Could not create file.

    pls help me

    vishal parikh

    • rohan reddy November 23, 2010, 3:33 pm

      hi
      give write permissions to root directory i.e chmod 777 /var/ftp/pub/
      now u can upload files.

  • Anand Shankar February 13, 2007, 2:30 am

    The default setup for vsftpd makes the /home/ftp directory for ftp server use. I had been using vsftpd on fedora where this directory was /var/ftp/. In my new ubuntu installation I had kept /var partition large to accomodate ftp site files.

    How do I change the default behaviour in ubuntu to make /var/ftp as the default ftp home in place of /home/ftp??

    anand

  • Mohan May 22, 2007, 9:42 am

    If the user conect with ftp, he should be login in his home dir only.

    how to set this home dir option.(no permisson view other dir)

    • MasthanRaja February 16, 2011, 4:07 am

      Step1: Set Boolean Policy

      # getsebool -a | grep ftp (show ftp policy)

      # setsebool -P allow_ftpd_full_access=on
      # setsebool -P ftp_home_dir=on
      Step2: You will restart ftp service

  • nixCraft May 22, 2007, 11:01 am

    Mohan,

    Use vsftpd chroot feature

  • ehsan November 13, 2007, 10:27 am

    hi
    i want to anynom users can visit /myftp folder and download some files.

    then i want to users lik u1,u2,u3 can login to ftp
    and can upload,change files in /myftp sub folders.

    u1 should have access to /myftp/folder1
    u2 should have access to /myftp/folder1 and /myftp/folder2
    u3 should have access to /myftp/ all folders
    anonym should not access to /myftp/folder3 !

    is it possible?
    i’m using FC6 with vsftpd2.0.5
    HEPL PLZ!

  • Mahajan November 22, 2007, 11:44 am

    i want to login in root in local desktop through http://ftp…….PLz. help…

  • Ralph March 27, 2008, 1:25 am

    Great short step-by-step instructions for getting an FTP server running under Ubuntu. So easy to follow! Thank you.

  • only_samurai May 22, 2008, 4:17 pm

    vishal: you need to edit the /etc/vsftpd.conf file and uncomment write_enable=YES

  • Andres June 15, 2008, 6:29 pm

    Hello!,

    Thanks for this great tutorial. I just followed your instructions and now it is nicely running :-)

    I installed it on Ubuntu 8.0.4

    Thanks again!!!

  • Jim July 29, 2008, 1:56 am

    After setting this up, is there a way I can log into this and see if it works from the same machine/pc? thanks

  • Jesse January 1, 2009, 9:47 pm

    i just got the ftp working. but when i try to upload an index.html file to my public_html folder. I get a 403 forbidden error. if i create the file on the web server it works great. any ideas because i don’t want to have to type everything into a file on the server thanks

  • Jesse January 1, 2009, 10:19 pm

    never mind figured it out

  • Mark January 8, 2009, 12:03 am

    Hi, I just followed your instructions, But when i type “ftp http://ftp.nixcraft.in” into ssh, i get “-bash: ftp: command not found”

    Any idea whats wrong here?

    Thanks

    • spaniolu November 19, 2010, 9:43 am

      Mark try apt-get install ftp

  • ahmed January 17, 2009, 1:22 pm

    hello,
    thanks for tutorial, but i have some problem,
    when anonym upload file, they can download it?
    thanks

  • ahmed January 17, 2009, 1:24 pm

    sorry doble post,
    i mean anonym can’t download that file…
    thanks

  • diego January 18, 2009, 3:41 am

    Excellent and simple :)

  • Sylvester January 27, 2009, 1:05 am

    Hi

    I have a question on vsftpd,

    While setting the below settings (vsftpd.conf)

    write_enable=YES
    listen=YES
    anonymous_enable=NO
    local_enable=YES
    virtual_use_local_privs=YES
    write_enable=YES
    connect_from_port_20=YES
    secure_chroot_dir=/var/run/vsftpd
    pam_service_name=vsftpd
    guest_enable=YES
    user_sub_token=$USER
    local_root=/opt/ftpimages/teamf/$USER
    chroot_local_user=YES
    chroot_list_enable=YES
    hide_ids=YES
    userlist_enable=NO

    But, while using FileZilla clinet still I can able to go to other directories like “/, /etc/, /boot” and could even transfer the file to my PC?

    Can you advise is there any setting is wrong?

    Thanks,

    -Sylvester

  • Patrik April 4, 2009, 9:47 pm

    @Sylvester:
    I think your problem might revolve around the usage of both
    chroot_local_user=YES
    chroot_list_enable=YES
    (since when chroot_local_user is YES, the chroot_list_enable becomes a list of people who ISN’T being chrooted.
    May this perhaps be the stumbling block?

  • João Ramos June 12, 2009, 9:53 am

    Thank you very much! :)

  • Les July 16, 2009, 2:47 am

    I would like to setup a site where users can download(only) installers. The idea here is that users will click the installer they want to download and a window will appear asking if they want to open or save the installer . No need for username or emailaddress. On the .asp of the site I will hardcode the ftp location of the installer. Please help me on how I could setup my ftp server installed in linux fedora 6. I use vsftpd installed on the linux server. The installers are also located on the linux box.

  • byron July 31, 2009, 4:42 am

    I have vsftpd setup. I can connect via command line with my home server’s IP address and the domains setup as virtual hosts. I cannot, however, connect through FileZilla when I use anything other than the IP address behind my router. Something I need to configure? Something I forgot to configure, maybe? Hope someone can help me out. Thanks.

  • Kedibone August 4, 2009, 7:16 am

    can somebody help to setup a PROFTPD server with the following settings:
    don’t allow anonymous logins
    files copied to the server must by default have rwxrwxrx permissions
    the user will be locked in student’s home directory
    maximum of 5 users can FTP to the server at the same time
    maximum download speed for nay user is 100kbytes
    pass the configuration file

    • Manish Meshram February 25, 2012, 5:51 am

      go to anonymous_enable=NO
      :wq (enter)
      service vsftpd restart

  • anil y September 17, 2009, 8:54 am

    plz help me
    i cannot access the other end ftp user acount in ubuntu linux server,

    what is the way to access?

    thanking u
    Anil

  • Sreejith September 22, 2009, 2:45 pm

    Hi,
    I installed the ftp service.But could not connect it using http://ftp.nixcraft.in
    Could you pls clarify what does nixcraft stands for.
    When i create a ftp service,the ftp address will be http://ftp..com.
    What will be X, Is it my computer name ? or User Name ?

    Please clarify
    Thanks in Advance

    • nixCraft September 22, 2009, 7:37 pm

      nixcraft.in is my domain name. You need to create subdomain called http://ftp.nixcraft.in by editing bind zone files. However, if your dns hosted with ISP, contact them or use their control panel to create ftp subdomain.

      HTH

  • Jan October 3, 2009, 5:00 pm

    Short and Excellent guide for getting FTP on ubuntu.
    Thank you !

  • rahul November 11, 2009, 4:34 pm

    could you please send me the complete details to configure ftp server in linux

  • Kaloyan February 8, 2010, 6:12 pm

    Hallo, fellows!
    I followed all steps in this guide but on the end result is the following:
    $ sudo /etc/init.d/vsftpd restart
    * Stopping FTP server: vsftpd
    No /usr/sbin/vsftpd found running; none killed.
    [ OK ]
    * Starting FTP server: vsftpd [ OK ]

    What is “No /usr/sbin/vsftpd found running; none killed.” supposed to mean and how could I get over it?

    And another question: What is the meaning of these rows in vsftpd.conf:
    # Run standalone? vsftpd can run either from an inetd or as a standalone
    # daemon started from an initscript.
    listen=YES
    What actually means “Run standalone”?

    Thank you!!!

  • CosmicB February 19, 2010, 10:46 am

    Kaloyan:
    You get “No /usr/sbin/vsftpd found running; none killed.”
    when vsftpd isn’t running, and you’re trying to stop it (as in /etc/init.d/vsftpd restart)

    What actually means “Run standalone”?
    It means that vsftpd is running as a standalone server, not controlled by inetd or xinetd.
    Setting ‘Run standalone’ to NO means vsftpd isn’t running.
    When configuring inetd to control vsftpd it means that inetd is actually listening at port 21, when a connection comes inetd launches vsftpd. This is preferable if one uses /etc/hosts.deny and /etc/hosts.allow for security (f.example using denyhosts) since inetd/xinetd obeys those files, and vsftpd doesn’t.

  • Mohamoud March 11, 2010, 5:39 am

    By default all files uploaded up users has 600 permissions. If you want your files to be 644 you need to uncomment the line “local_umask=022″ and you should be good to go. If you still can’t upload. Make sure the user has permission to write to this folder.

  • punya deo narayan April 19, 2010, 4:38 pm

    sir i am workin in bizmascot company plz send me information about in FTP bu using in and access personal database……………….

  • Jens Ecker April 26, 2010, 4:02 pm

    Hello guys

    I want to know about ftp access with domain.

    If i am usingw ith virtual host once public domain. like this Your IP from Network enable to domain?

    example:
    127.0.0.1 is localhost on your couter or your laptop.
    1xx.xxx.xxx.xxx yourdomain.com

    Than how do i bind with virtualhost for ftp access??
    like this ftp_domain.com with password and http://domain.com or http://www.domain.com

    Thanks for tricks and tips.. I want to try.

    PS: Can i use once Steam Server like Counter-Strike Server from my ip?

    If “yes” than iw ill make sure…

    Thanks Best regards from Germany. Jens

  • Robert Gonzalez April 30, 2010, 4:22 pm

    Thanks for the awesome write up. I’ve installed vsftpd on my Fedora server before without any problems. But for some reason with my Ubuntu server I cannot get it running properly. I have the daemon installed and it is running (I can connect from localhost without issue) but when trying to connect remotely I get a timeout from the machine. I opened up port 21 to listen for FTP connections but still remote connections don’t seem to catch.

    Any idea what could be causing this?

  • JD May 10, 2010, 12:13 pm

    It is helpful…

  • CMD May 28, 2010, 9:24 pm

    In recent versions of Ubuntu use this command to restart vsftp:

    sudo service vsftpd restart

  • Khamsingh June 17, 2010, 9:32 am

    I want to make users of ftp which can login in my FTP server |
    how can i make users and permissions
    plz help me any one

  • nc June 22, 2010, 10:21 am

    how can limite ftp connection to a single dominain ?

    only machines width IP in “enterprise.com” domain can login to ftp

    • FujiKomalan August 24, 2010, 5:49 am

      use tcp_wrappers

  • Debug June 25, 2010, 4:41 pm

    Hello,

    I have configured vsftpd on Mint Linux (debian/ubuntu) and I have open FTP port 20 and 21 in the firewall. I have created self assigned certificate for vsftpd and make the necessary configuration in vsftpd.conf.

    vsftpd use any random port (>1024) to encrypt/decrypt the data and it automatically uses the passive mode.
    Can I assign specific port (990 or 991) instead of the random ports?

    I have used following options in vsftpd.conf however it doesn’t work…
    pasv_min_port=40000
    pasv_max_port=40100

    Thanks & Regards,
    Deepak

  • joe August 1, 2010, 6:56 pm

    Status: Connection established, waiting for welcome message…
    Response: 220 Welcome to ******* Server
    Command: USER ####
    Response: 331 Please specify the password.
    Command: PASS ####
    Response: 230 Login successful.
    Command: SYST
    Response: 215 UNIX Type: L8
    Command: FEAT
    Response: 211-Features:
    Response: EPRT
    Response: EPSV
    Response: MDTM
    Response: PASV
    Response: REST STREAM
    Response: SIZE
    Response: TVFS
    Response: UTF8
    Response: 211 End
    Command: OPTS UTF8 ON
    Response: 200 Always in UTF8 mode.
    Status: Connected
    Status: Retrieving directory listing…
    Command: PWD
    Response: 257 “/”
    Command: TYPE I
    Response: 200 Switching to Binary mode.
    Command: PASV
    Response: 227 Entering Passive Mode (ip.xxx.xxx.xxx,255,60).
    Command: LIST
    Error: Connection timed out
    Error: Failed to retrieve directory listing

    ok this is what happens remotely when connecting with filezilla. I have ports 20,21 opened in router, and also a range of high ports listing in vsftpd.conf. i can access the ftp fine on my LAN.

    here is the vsftpd file

    listen=YES
    anonymous_enable=NO
    local_enable=YES
    write_enable=YES
    connect_from_port_20=YES
    idle_session_timeout=600
    data_connection_timeout=120
    nopriv_user=####
    secure_chroot_dir=/var/run/vsftpd/empty
    pam_service_name=vsftpd
    Rsa_cert_file=/etc/ssl/private/vsftpd.pem
    pasv_enable=YES
    pasv_min_port=65000
    pasv_max_port=65534
    pasv_address=XXX.XXX.XXX.XXXX
    max_clients=10
    max_per_ip=1

    any advice here would be great first time iv’e tried to set this up.
    Thanks,
    Joe

    • MrB August 15, 2010, 3:04 am

      Joe
      You don’t have all the SSL options set up. Use this as a guide. The big one is the first one. You should check on the other options. They can vary a lot from one installation to the next.

      Also make sure that port 22 is open on your computer firewall and any external firewalls.

      ssl_enable=YES
      allow_anon_ssl=NO
      #force_local_data_ssl=NO
      #force_local_logins_ssl=NO
      # the next three are the connection types / SSL versions. good luck with the right combination.
      ssl_tlsv1=YES
      #ssl_sslv2=NO
      #ssl_sslv3=NO
      rsa_cert_file=/etc/vsftpd/yourcert.pem

  • reza October 16, 2010, 8:32 am

    hi
    i want to know when a user loging to ftp server in linux,he anly can upload specific file to server.
    good luck

  • g October 19, 2010, 10:22 am

    huh?

    me also confused when facing this at the first time.
    Once I finished installing the ftp service, seems everything is okay.
    Anyway, at the vsftpd.conf file, i didn’t notice some variable saying the
    default directory …. where would it be?

    ~ confused mode: ON.

  • thiyagi March 24, 2011, 11:39 am

    thanks for the help..

  • bulldog13090 June 23, 2011, 8:08 pm

    I know how to disable anonimous on the ftp server.
    where do I setup the file with Username and Password?

  • bulldog13090 June 24, 2011, 4:24 pm

    so when I try restarting by typing
    /etc/init.d$ sudo /etc/init.d/vsftpd restart
    I get the message

    Rather than invoking init scripts through /etc/init.d, use the service(8)
    utility, e.g. service vsftpd restart

    Since the script you are attempting to invoke has been converted to an
    Upstart job, you may also use the restart(8) utility, e.g. restart vsftpd
    vsftpd start/running, process 5888
    I know how to find the PID but then what?

    • federico September 30, 2011, 6:42 am

      I have the same problem. How I can restart the service?

  • Josef September 1, 2011, 6:56 pm

    Thanks, this is exactly what I wanted – a very simple FTP solution that just works!

  • x-tech October 17, 2011, 4:06 am

    Hi guys

    quick question

    i have 2 webhosts running on same machine just setup today

    now i installed vsftpd on the ubuntu machine running the 2 webhosts.

    now i want to know how and which files i need to edit in order to create 2 accounts
    2users+2 passwd and give specific folder access rights for each specific webhost

    i have the following setup here

    the 2 webhosts are in

    var/www/

    webhost1 and webhost2

    so i want to give only FTP access to user1+passwd1 direct to webhost1 folder

    and user2+passwd2 only for access webhost2

    is that possible and how can i do it, as i dont want the usere to have any kind of access at all to the older folders on the ubuntu machine.

    any hints or help will be appreciated guys

  • Samiullah Samir December 19, 2011, 8:52 am

    when i try to connect from Filezilla its working from Public IP address to connect to my FTP server and working fine but when i try to connect from Private IP address which is NATed to the same Public IP
    the connecotn to the server Established OK and it accept username and password
    but when it reach to MLSD then it give the Error
    MLSD
    Connecton TIme Out
    Failed to retrieve directory listing

    can any one help me please

  • Samiullah Samir December 19, 2011, 8:54 am

    i am using PureFTP in ubuntu 11.10 please help me

  • Hasan December 27, 2011, 1:21 am

    Hello,
    Firstly, thank you for your time sir.

    I followed your instructions, but when I attempt to ftp the server I just set up, I get the following error. I believe I am not defining what my domain is, am I correct? If so, how do I rectify this issue?

    My Fedora 16 (x64) Desktop is called homepc as depicted below.

    [hasan@homepc ~]$ hostname
    homepc
    [hasan@homepc ~]$
    —————————————————-
    [hasan@homepc ~]$ ftp http://ftp.homepc
    Trying 8.15.7.107…
    Connected to http://ftp.homepc (8.15.7.107).
    Host/Domain name is invalid
    ftp>

    Thank you so much. Hasan

  • Manish January 23, 2012, 8:28 am

    I want to setup vsftpd server for 10 users.
    5 of them should have read, write access & rest 5 should have read only access.
    When they login they should be able to access only /opt/pub directory.
    No access to their home directory (not required)
    Please suggest.

    Regards,
    Manish

  • abhinav July 18, 2012, 7:21 pm

    How do I host an ftp for local use … in the sense if I have 2 laptops and i want to transfer files from one computer to another using vsftpd ?
    what do i need to do ?

Leave a Comment