vsftpd (Very Secure FTP Daemon) is one of the most popular FTP servers for Linux due to its security and performance. In this guide, we will show you how to install and configure vsftpd on Ubuntu 20.04, securing it with SSL/TLS encryption for added protection. Whether you’re hosting this FTP server on a Windows VPS UK or another VPS setup, this tutorial will walk you through the process.
Prerequisites
Before starting, make sure you have the following:
- An Ubuntu 20.04 server, which could be hosted on a UK Windows VPS, Windows Virtual Private Server Hosting, or other VPS Windows Servers.
- Root or sudo privileges on the server.
- A basic understanding of terminal commands.
Step 1: Update Your System
First, update your system's package list to ensure all your installed software is up to date. Run the following command:
sudo apt update && sudo apt upgradeStep 2: Install vsftpd
Next, install the vsftpd package using the apt package manager:
sudo apt install vsftpdOnce the installation is complete, the vsftpd service will start automatically. You can verify its status by running:
sudo systemctl status vsftpdStep 3: Configure vsftpd
Now, configure vsftpd to ensure secure file transfers. Open the configuration file for editing:
sudo nano /etc/vsftpd.confMake the following changes to enhance security and enable SSL/TLS:
# Disable anonymous FTP access
anonymous_enable=NO
# Enable local users to log in
local_enable=YES
# Allow users to upload files
write_enable=YES
# Chroot local users (restricts users to their home directories)
chroot_local_user=YES
# Enable SSL/TLS
ssl_enable=YES
rsa_cert_file=/etc/ssl/certs/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.key
force_local_data_ssl=YES
force_local_logins_ssl=YESStep 4: Create an SSL/TLS Certificate
To secure your FTP server with SSL/TLS, you need to generate an SSL certificate. Use the following commands to create a self-signed certificate:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.key -out /etc/ssl/certs/vsftpd.pemYou will be prompted to provide information about your organization, which will be included in the certificate.
Step 5: Restart vsftpd
Once you have configured vsftpd and created the SSL certificate, restart the vsftpd service to apply the changes:
sudo systemctl restart vsftpdStep 6: Configure Firewall
If your server is behind a firewall, make sure to allow FTP traffic. Open the necessary ports (FTP operates on port 21 and uses passive mode ports) with the following commands:
sudo ufw allow 20:21/tcp
sudo ufw allow 40000:50000/tcp
sudo ufw reloadStep 7: Create FTP User Accounts
Create a user account to access the FTP server. You can add a new user with the following command:
sudo adduser ftpuserFollow the prompts to set a password for the user. Once the user is created, you can use an FTP client such as FileZilla to connect to the server using the provided credentials.
Step 8: Test SSL/TLS Connection
Use an FTP client like FileZilla or Cyberduck to test the FTP connection with SSL/TLS enabled. Ensure you select the option to use explicit FTP over TLS during the connection setup. This will encrypt your FTP session, providing enhanced security whether you're using a Windows VPS Italy or a VPS UK Windows environment.
Conclusion
By following these steps, you now have a fully functional and secure FTP server running vsftpd with SSL/TLS encryption on Ubuntu 20.04. Whether you're using a Windows Virtual Dedicated Server Hosting, UK Windows VPS, or another VPS hosting solution, you can rest assured that your file transfers are secure.
