How to install vsftpd FTP server with TLS on Debian 10

s2 0

If you’ve used FTP before, you may know that it is a very useful way of transferring files and information from one system to another. FTP, short for File Transfer Protocol, is a popular network protocol that can be used to upload and download files depending on the permissions assigned to the user. For Linux and Unix systems, VSFTPD is used as the FTP server. VSFTPD stands for Very Secure FTP Daemon and is an FTP server that is licensed under the GNU General Public License.

In this article we explain how to install and set up an FTP server with vsftpd on Debian 10. We used Debian10 to describe the procedure mentioned in this article.

FTP server installation under Debian

Follow the steps below to install VSFTPD-Very Secure FTP Daemon on Debian Operating System.

Step 1: Install VSFTPD

Start the Terminal in your Debian operating system by going to the Activities tab in the top left corner of your desktop. Then type in the search bar terminal. When the terminal icon appears, click on it to launch it.

Then enter the following command in the terminal to update the repositories.

$ sudo apt-get update

When prompted for the password, enter sudo password.

Then run the following command in Terminal to install VSFTPD package:

$ sudo apt-get install vsftpd

Once the installation is complete, you can check the version of the VSFTPD package by running the following command in the terminal:

$ vsftpd -versions

Check vsftpd version

Step 2: Activate and start the VSFTPD service

The VSFTPD service does not start automatically during installation. Run the following command in the terminal to start the VSFTPD service:

$ systemctl start vsftpd

The system will ask for user authentication. Enter the password and click Authenticate.

In order for the vsftpd service to always start on boot, run the following command in the terminal.

$ systemctl enable vsftpd

The system prompts for user authentication several times. Enter the password and click Authenticate.

Start vsftpd

VSFTPD configuration

Now we are going to do some of the configurations required to set up the FTP server in our Debian operating system.

Step 1: Allow ports in the firewall

If you’re using a firewall, allow ports 20 and 21 for FTP with the following commands:

$ sudo ufw allow 20/tcp

$ sudo ufw allow 21/tcp

Open the FTP port in the firewall

Confirm this by checking the status of the firewall with the following command:

$ sudo ufw status

Check firewall status

Step 2: Configure FTP access

Before making any changes to the VSFTPD configuration file, make sure that you back up the original vsftpd.config file. You can use the following command to do this.

$ sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.orig

Configure FTP

Now run the following command in the terminal to edit the vsftpd.config file in the nano editor. You can use any editor to do this.

$ sudo nano /etc/vsftpd.conf

At the end of the file, add the following lines:

listen=NO
listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=Yes
pasv_enable=Yes
pasv_min_port=10000
pasv_max_port=10100
allow_writeable_chroot=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO

When you’re done, press Ctrl + O and Ctrl + X to save and exit the file.

Configuration file vsftpd.conf

Step 3: Restart the VSFTPD service

For the configuration changes made above to take effect, you must restart the vsftpd service. To do this, run the following command:

$ sudo systemctl restart vsftpd

Step 4: create an FTP user

Now we need to create an FTP user who is allowed to connect to the FTP server.

Enter the following command to create a user:

$ sudo useradd -m <user_name>

Then assign a to the user created above using the following command:

$ sudo passwd <user_name>

In the following example we have created a user with the name ftpuser and assigned a password to it.

Create an FTP user

Test the FTP connection

To test the FTP connection, you must install the FTP client on the same or a separate system from which you want to access the FTP server. In our case we are using FileZilla as an FTP client.

Run the following command in Terminal to install FileZilla.

$ sudo apt-get install filezilla

Once the installation is complete, open FileZilla either from the Terminal or from the Dash menu. When opening, enter the required information such as host name / IP address, username and password and click Fast connection Button.

Test the FTP connection with FileZilla

Check the certificate and click OK to connect to the FTP server.

Accept SSL certificate

You are successfully logged on to the FTP server and can access the files and directories available on the remote server.

FTP connection successful

After you have installed and set up the FTP server, you can now use it to transfer files from your local computer to the remote FTP server and vice versa.

How to install vsftpd FTP server with TLS on Debian 10