Configuring FTP on Ubuntu is fairly trivial, but securing it requires some learning. Here’s what I had to do configure FTP and allow users to access it.
1. Install the FTP server
sudo apt-get install vsftpd
2. Create a new user
You can additionally disable shell access to the ftpuser., in my case I needed shell access.
sudo useradd ftpuser
You can skip the step 2 and use the “ftp” user that gets created when you install vsftpd. In my case I needed a new user.
3. Restrict the ftpuser’s access to file system and jail them to their home dir
Edit the /etc/vsftpd.conf and make the following change
chroot_local_user = Yes
4. Restart vsftpd
sudo /etc/init.d/vsftpd restart
You should be able to access and write to ftpuser’s home directory now.
sudo mkdir /srv/file_dir/ftp sudo usermod -d /srv/file_dir/ftp ftp
The -d option to usermod changes the home directory of ftp user to /srv/file_dir/ftp
Allow ftpuser to access a specific folder outside home directory when chroot is enabled.
Lets assume you need FTP access to /var/www/files, then we need to do something like this:
mkdir /home/ftpuser/www_files mount --bind /var/www/files /home/ftpuser/www_files
Now, the /var/www/files directory is bound to your /home/ftpuser/www_files and is visible in your home directory listing. In case you get permission errors , make sure the ftpuser has enough access to -/var/www/files
To make the changes permanent add the following configuration to /etc/fstab
/var/www/files /home/ftpuser/www_files none bind 0 0
Enable Anonymous downloads
If you wish to enable anonymous downloads edit /etc/vsftpd.conf and change.
It is recommended to turn off this feature unless you are absolutely certain you need this.