How to Setup FTP server on Ubuntu 22.04 as vsftpd

  • Post author:
  • Post category:Linux
  • Post last modified:September 7, 2023

VSFTPD stands for Very Secure FTP Daemon is an open-source FTP (File Transfer Protocol) server that is the default FTP server. VSFTPD is widely used for file transferring in a most secure way as any competitive FTP server. FTP allows a remote computer to connect to a server retrieving/uploading  files. FTP at its best is a fast and well-established file-sharing platform.
We will also show you how to setup FTP server on ubutu server, configure vsftpd and restrict users to their home directory and encrypt the entire transmission with SSL/TLS.

1- Installing vsftpd on Ubuntu 22.04

The vsftpd package is available in the Ubuntu repositories. To install it, execute the following commands.

$ sudo apt update
$ sudo apt install vsftpd

The ftp service will automatically start once the installation process is complete. To verify it, print the service status:

Set up FTP server- install vsftpd

Next, we will verify Vsftpd server status by following command.

$ sudo systemctl status vsftpd

Set up FTP server-check status vsftpd

2- Configure vsftpd server

The next step is to setup FTP server and configure with vsftpd and our FTP access. In this example, we will allow a single user to connect using a local shell account. The vsftpd server configuration is stored in the /etc/vsftpd.conf file. we will open configuration file and will do some important change needed to configure a secure vsftpd installation.

$ sudo nano /etc/vsftpd.conf

2.1- FTP Access

We’ll allow access to the FTP server only to the local users. Search the anonymous_enable and local_enable directives and verify your configuration match to lines below:


2.2 – Enabling uploads

Search and Uncomment the write_enable directive to allow filesystem changes, such as uploading and removing files.


2.3 – Chroot jail

To prevent local FTP users to access files outside of their home directories, uncomment the lne starting with chroot_local_user.


By default, for security reasons, when chroot is enabled, vsftpd will refuse to upload files if the directory that the users are locked in is writable.


User will create ftp directory inside user home and will server as the chroot. He will create Upload directory to upload files/data.

2.4 – Passive FTP Connections

By default, vsftpd uses active mode. To use passive mode, set the minimum and maximum range of ports:


2.5 – Limiting User Login

You can configure vsftpd to permit only certain users to log in. To do so, add the following lines at the end of the file.


3. Allowing FTP Traffic from the Firewall

Let’s first see whether the firewall already installed or not. In Ubuntu ufw firewall used to allow ports for inbound/outbound.

3.1 – Check firewall status

First of all we will verify the status of current firewall with following command.

$ sudo ufw status

3.2 – How to install ufw firewall

If the ufw firewall not available, you need to install firs by the following command.

$ sudo apt-get install ufw

3.3 – How to allow ports in ufw firewall

If ufw already installed and enable, need to make sure FTP traffic is allowed. Execute the following command one by one to allow specific traffic over the server.

$ sudo ufw allow OpenSSH
$ sudo ufw allow 20/tcp
$ sudo ufw allow 21/tcp
$ sudo ufw allow 990/tcp
$ sudo ufw allow 40000:50000/tcp
$ sudo ufw allow 30000:31000/tcp

3.4 – Reload ufw firewall

Once the ports allow commands are executed, then reload ufw firewall by enable or disable to take impact of ports communication.

$ sudo ufw disable
$ sudo ufw enable

To verify the changes run:

$ sudo ufw status

vsftpd as FTP server-firewall status

4. Creating FTP User

In this step we will create a user who is going to use FTP access.

$ sudo adduser a2zeducate

If the user already created to which you want to grant FTP access, skip this step.

4.1 – Add user to FTP user list

Next, we will Add the user to the allowed FTP users list.

echo “a2zeducate” | sudo tee -a /etc/vsftpd.user_list

Create the FTP directory tree and set the correct. If you already configured “allow_writeable_chroot=YES” in  configuration file. Skip below to create directories and grant access.

$ sudo mkdir -p /home/a2zeducate/ftp/upload
$ sudo chmod 550 /home/a2zeducate /ftp
$ sudo chmod 750 /home/a2zeducate/ftp/upload
$ sudo chown -R a2zeducate: /home/a2zeducate/ftp

At this point, FTP server is fully functional. You should be able to connect to the server via ftp command or using any FTP client that can be configured to use TLS encryption, such as FileZilla or WinSCP.

5. Disabling Shell Access

By default, when user created, the user can access server directly via SSH. To disable shell access, the FTP will limited access as FTP user only.
Run the following commands to create the /bin/ftponly file and make it executable.

echo -e ‘#!/bin/sh\necho “a2zeducate“‘ | sudo tee -a /bin/ftponly
sudo chmod a+x /bin/ftponly

Append the new shell to the list of valid shells in the /etc/shells file:

echo “/bin/ftponly” | sudo tee -a /etc/shells

Change the user shell to /bin/ftponly:

sudo usermod a2zeducate -s /bin/ftponly

6. Testing Connection with WinScp

To test the connection we will use WinSCP FTP client. This is a best approach to verify that user can connected with FTP server successfully.

1- Open Winscp FTP client application. At first glance login detail will appear to enter the user detail to connect with FTP server.

2- Fill all required login detail which are created in FTP server to get access. Since we did not configure sftpd server to use TLS , we will select protocol as FTP and encryption as “No encryption”.

3- Finally, we will able to connect with FTP server by entering correct login details.


Ubuntu FTP server makes us most secure and reliable method of data transfering from one computer to another.

In this Tutorial, we learnt how to setup FTP server on Ubuntu 22.04 server using vsftpd with following step.

  • Install vsftpd on your Ubuntu server and back up the original configuration file.
  • Allow FTP connections through the firewall.
  • Configure vsftpd.
  • Create a user directory that can be accessed only by specified users.
  • Test your FTP connection with WinScp FTP Client.

Read More

Easy Steps to Install Xrdp Server (Remote Desktop) on Oracle Linux 9.2

Leave a Reply