Install and configure FTP server service
With the help of the file transfer protocol (FTP) it is possible to transfer files and folders to a server. Since you cannot run files or other programs via FTP, it has been a long time safe and is still used by many hosting providers so that their customers can transfer their content to the server in a simple way. Today, however, FTP is no longer safe, since the content is transmitted in encrypted form and can therefore be intercepted. In addition, FTP cannot be operated behind a firewall because it uses a random high port in addition to the standard port 21.
Alternatives are SFTP and FTPS. For local use, however, FTP can still be useful as there are many, mostly free, applications that are simple and clear. Therefore, the FTP server service can be installed and configured on an Ubuntu server.
Preparing the server
As before every installation, the server should be updated. The following command instructs the package manager APT to update all packages:
Copyapt -y update && apt -y upgrade && apt -y dist-upgrade
After a short wait the server is up to date.
Installing the FTP server service
Since FTP is a very common protocol, there are also many applications based on FTP. Here is shown VSFTPD. It is the only FTP server service in the main branch of Ubuntu. In contrast to the alternatives from the Universe or Multiverse branch, main branch packages are regularly maintained and provided with security updates. In addition, VSFTPD is designed for security. It can be installed under Ubuntu simply over APT and supports all common FTP methods – but more on that later.
APT can be instructed to install VSFTPD with the following command.
Copyapt -y install vsftpd
After APT has installed the service, it is also started automatically. The server already provides the service immediately after installation, before the configuration has been adapted. However, it is recommended to stop the service first and then adjust the configuration.
The following command is used for this:
Copyservice vsftpd stop
If the service is terminated, it can be continued.
Configuring the FTP server service
To configure the FTP server service, open the config file /etc/vsftpd.conf with any text editor. NANO is used for this.
nano /etc/vsftpd.confPlease note that an entry may not be duplicated. Therefore, the entries must first be searched for. It has to be checked if they exist before they are copied from this tutorial. It is expected that all options are already defined somewhere in the configuration file.
The file incorporates very detailed comments, so each setting option is explained. Here, the most relevant are summarized.
Allow anonymous users to read, write, delete, and download
Attention! These should only be used in a protected network, as there is a risk that the server might be abused.
Copyanon_upload_enable=YES anon_other_write_enable=YES anon_mkdir_write_enable=YES anon_world_readable_only=NO
The anonymous login is disabled by default. In the line anonymous_enable = NO, it is activated with a YES.
Copyanonymous_enable=YES
But writing is not enough. You also need a folder created with rights 777. Anonymous users will reach the / home / ftp folder via FTP. In order to make the upload possible here, for example, a folder with the name Upload should be created and the corresponding rights should be assigned.
Copymkdir -p /home/ftp/upload chmod 777 /home/ftp/upload
Limit local users to their home directory
To do this, the line chroot_local_user = must be set to Yes
Copychroot_local_user=YES
Allow or prohibit global writing
In the default configuration, VSFTPD prohibits writing to all users. Regardless of their permissions. To disable this security, the following line must be changed to YES.
Copywrite_enable=YES
Force writing to the system internal process list
The following line is used to force writing to the internal process list:
Copysetproctitle_enable=YES
With the following command you can read it out of the bash:
Copywatch ps -C vsftpd -o user,pid,stime,cmd
If the configuration is satisfactory, the service can be restarted.
Copyservice vsftpd start
Clients can then connect to the server using any client tool.
Reading out Logs
If it comes to error messages it is useful to look at the logs for the corresponding tool. The log files for vsftpd are located under /var/log/vsftpd.log as standard. The following command is used to read these files:
Copynano /var/log/vsftpd.log
Since these log files can be long and unclear, there is another command:
Copytail -f /var/log/vsftpd.log
Tail truncates the file at the end and displays only lines that have been added from the start of the command. In order to be able to work with tail, the command must be executed and then the error must be repeated again. Tail then displays the lines that belong to the last action. To finish tail again, press Ctrl + C.
Summary
Fighting through the configuration can be a little tedious at first. But once VSFTPD runs, it can also start with the transfer of files. An alternative to FTP is SCP. This is based on the SSH protocol.