Installing a FTP/SFTP Server

posted by SwiftCloudHosting in Software Installations
807

FTP is used to transfer files from one host to another over TCP network. This article explains how to setup FTP server. There are 3 popular FTP server packages available PureFTPD, VsFTPD and ProFTPD. Here we will use VsFTPD which is lightweight and has less vulnerability.

Setup FTP server on Ubuntu 14.04

  1. Update your repositories.
[root@swf ~]# sudo apt-get update
  2. Intall VsFTPD

[root@swf ~]# sudo apt-get install vsftpd
  3.  After installation open /etc/vsftpd.conf file and make changes as follows.

Uncomment the below lines (line no:29 and 33).

write_enable=YES
local_umask=022

Uncomment the below line (line no: 120 ) to prevent access to the other folders outside the Home directory.

chroot_local_user=YES

Add the following line at the end.

allow_writeable_chroot=YES

Add the following lines to enable passive mode.

pasv_enable=YES
pasv_min_port=40000
pasv_max_port=40100

  4. Restart vsftpd service using the below command.

[root@swf ~]# sudo service vsftpd restart
  5. Now ftp server will listen on port 21. Create user with the below command. Use /usr/sbin/nologinshell to prevent access to the bash shell for the ftp users.
[root@swf ~]# sudo useradd -m ftpUser -s /usr/sbin/nologin
[root@swf ~]# sudo passwd ftpUser

  6. Allow login access for nologin shell. Open /etc/shells and add the following line at the end.

/usr/sbin/nologin

Now try to connect this ftp server with the username on port 21 using WinSCP or Filezilla client and make sure that user cannot access the other folders outside the home directory.

 

                                     

 

Please note using ftp on port 21 is a big security risk. it’s highly recommended to use SFTP. Please continue for SFTP configuration

SFTP

The SFTP File Transfer Protocol (also Secure Shell, or SSH) is a network protocol that provides file access, file transfer, and file management functionalities over any reliable data stream. Here we will show you how to install and cofigure it.

  7. Install openssh-server package installed if its not already installed.

[root@swf ~]# sudo apt-get install openssh-server
  8. Create a new group ftpaccessfor FTP users.
[root@swf ~]# sudo groupadd ftpaccess
  9. Now make changes in this /etc/ssh/sshd_configfile.

  Find and comment the below line

Subsystem sftp /usr/lib/openssh/sftp-server

 Add these lines at the end of the file.

Subsystem sftp internal-sftp
Match group ftpaccess
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
  10. Restart ssh service.

[root@swf ~]# sudo service ssh restart
  11. The below steps must be followed while creating Users for sftp access. Create user username with ftpaccess group and /usr/bin/nologin shell.

[root@swf ~]# sudo useradd -m username -g ftpaccess -s /usr/sbin/nologin
[root@swf ~]# sudo passwd username
Change ownership for the home directory.

[root@swf ~]# sudo chown root /home/username
Create a folder inside home directory for writing and change ownership of that folder.

[root@swf ~]# sudo mkdir /home/username/www
[root@swf ~]# sudo chown john:ftpaccess /home/john/www
Now try to connect server using SFTP ( port : 22 ) and makesure Users can upload files to www directory and cannot access other folders outside home directory.

                                       


If you want use both FTP and SFTP together, please perform above steps ( Step 11 ) while creating users . For existing users, move them to ftpaccess group and create folder structure and ownership changes as below.

[root@swf ~]# sudo usermod username -g ftpaccess -s /usr/sbin/nologin
[root@swf ~]# sudo chown root /home/username
[root@swf ~]# sudo mkdir mkdir /home/username/www
[root@swf ~]# sudo chown username:ftpaccess /home/username/www
Now 'username' can able to upload files to www folder using FTP as well as SFTP.

THE CHEAPEST AND MOST VALUABLE VPSTRY AND FEEL THE DIFFERENCE FOR AS LOW AS $8.45/m

Powered by WHMCompleteSolution

© COPYRIGHT 2018 SWIFT CLOUD HOSTING, ALL RIGHTS RESERVED.
SWIFT CLOUD HOSTING RELIABLE, VALUABLE AND PERFORMANT VIRTUAL PRIVATE SERVER IS OWNED AND OPERATED BY JC HOLDINGS.
BY USING THIS SITE, YOU AGREE ON SWIFT CLOUD HOSTING VPS SERVER SOLUTION TERMS OF SERVICE.