How to install and configure VSFTPD server on Debian

How to install and configure VSFTPD client on Debian
In this tutorial we will explain you how to install and configure VSFTPD server on Debian VPS.


WHAT IS VSFTPD?

VSFTPD is the default FTP server in the Ubuntu, Debian, CentOS, Fedora, NimbleX, Slackware and RHEL Linux distributions.

Compared to other FTP server software VSFTPD is built to be one of the most efficient, fast and secure FTP servers in the world.

Installing VSFTPD on a Debian VPS is pretty easy and straight forward procedure. Just follow the steps in this tutorial and you install VSFTPD on your VPS very fast.


LET’S START

First, you will need to log in to your VPS as ROOT via SSH. Once you are in the first thing you need to do is to downloads the package lists from the repositories and “update” them to get information on the newest versions of packages and their dependencies. It will do this for all repositories and PPAs. To do that just type:

apt-get update

The next step/command will actually update all the software on your VPS. So, type:

apt-get upgrade

Once the update is done you can start with the VSFTPD installation. To do that just need to type the following command:

apt-get install vsftpd

Once the VSFTPD installation is done we will do some basic configuration and implement for some security measures and user management.


CONFIGURATION

As a first step to start with the VSFTPD service configuration is to edit the vsftpd.conf configuration file:

nano /etc/vsftpd.conf

Once the file is edited there are few things we can do to secure the VSPTFD service:


1. Disable anonymous login and allow local users to write

To disable the anonymous login while the /etc/vsftpd.conf is edited find the following line:

anonymous_enable=YES

and change it to:

anonymous_enable=NO

Now you are protected from an anonymous login and unwanted users.

Next, allow local users to login and write to their directory. To do that find the following lines and uncomment them:

local_enable=YES
write_enable=YES

Chroot

To enable chroot and lock every system user that you want to log in via FTP in their home directory search for the chroot_local_users part and select one of these as per your needs:

 

– Enabling these will chroot all the users.

chroot_local_user=YES
chroot_list_enable=NO

 

– Enabling these will allow you to chroot only some specfic users.

chroot_local_user=NO
chroot_list_enable=YES

However to chroot them you will need to manually create a file /etc/vsftpd.chroot_list

touch /etc/vsftpd.chroot_list

edit the file:

nano vsftpd.chroot_list

and put the usernames of those users that you want to chroot, one user per line.


Allow and deny users

If you want to deny some specific users to be able to log in to your FTP server you will just need to add these lines to the vsftpd.conf file:

userlist_deny=YES
userlist_file=/etc/vsftpd.denied_users

After that create the vsftpd.denied_users file:

touch /etc/vsftpd.denied_users

edit the file:

nano /etc/vsftpd.denied_users

and add the users that you want to block. You will need to add one user per line.

 

– The next one will help to deny some particular users from login. You can allow some particular list of users by adding the following to the code:

userlist_deny=NO
userlist_enable=YES
userlist_file=/etc/vsftpd.allowed_users

And then create the vsftpd.allowed_users:

touch /etc/vsftpd.allowed_users

edit the file:

nano touch /etc/vsftpd.allowed_users

and add all the user names, one per line, that you want to allow.


Configuring TLS/SSL/FTPS

If you want to connect to your FTP server vis internet/remotely then you must go through these settings with great attention, or your passwords will be sent in plain text. To encrypt the trafic you will just need to make sure to add these options to your config file, some of them are already available check those and then change the options.

ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO

Save and close the file and restart your VSFTPD service for the changes to take effects:

 service vsftpd restart

If you’re one of our Linux VPS Hosting customers we can help you to install and configure VSFTPD server on your virtual server for you free of charge. Just contact us and some of our experts will complete your request immediately.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>