Install VSFTPD on Ubuntu 20.04
Traducciones al EspañolEstamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.
What is VSFTPD?
VSFTPD (very secure FTP daemon) is an open-source FTP (File Transfer Protocol) server that is the default FTP server for several prominent Linux distributions. VSFTPD is widely believed to be as secure as any competitive FTP server. VSFTPD supports TLS (Transport-Layer Security), FTPS (File Transfer Protocol Secure), and IPv6.
VSFTPD is important because several prominent platforms, including the WordPress content manager, rely on FTP for crucial workflows. It is widely used in “vertical markets” like accounting, architecture, construction, medicine, and transcription to move, share, and archive large files. FTP allows a remote computer to connect to a server, examine parts of the server’s filesystem, retrieve files, and upload files. While more modern protocols offer advantages in security, performance, and convenience, FTP at its best is a fast and well-established file-sharing platform.
In this Guide
This guide demonstrates:
How to download files over FTP
How to upload files over FTP
Before You Begin
This guide assumes that you have access to a server running Ubuntu 20.04 that you can install the FTP server on and upload files to. To create a server on Linode, follow the Creating a Compute Instance and Setting Up and Securing a Compute Instance guides. Be sure to add a limited Linux user to issue the commands in this guide from.
NoteThis guide is written for a non-root user. Commands that require elevated privileges are prefixed with
sudo. If you’re not familiar with the
sudocommand, you can check our Users and Groups guide.
VSFTPD Installation Steps
Install VSFPTD on Ubuntu 20.04, along with some supporting packages:
Update your system’s packages:
sudo apt update
Install the VSFTPD server, the FTP command line client, and the UFW firewall. The FTP command line client is used in this guide to issue local test connections to the VSFTPD server:
sudo apt install vsftpd ftp ufw -y
Set VSFTPD to start whenever your server boots:
sudo systemctl enable vsftpd
sudo systemctl start vsftpd
Verify that VSFTPD is running properly after this installation:
sudo systemctl status vsftpd
You should see output similar to:
vsftpd.service - vsftpd FTP server Loaded: loaded (/usr/lib/systemd/system/vsftpd.service, enabled) Active: active (running)
Create an FTP User
To see VSFTPD in action–a kind of “Hello, world” for FTP–create a special-purpose user on your server:
Create a Linux user named
sudo useradd -m ftp_client
Set the password for your new user:
sudo passwd ftp_client
Create an example text file under the home directory of the new
sudo -u ftp_client sh -c 'echo "This is the content in the file." > /home/ftp_client/testfile.txt'
Open an FTP connection to the VSFTPD server running on localhost. This syntax is similar to connections you would make from remote systems, which is demonstrated later in this guide:
You are prompted for your FTP username (‘ftp_client’), and then prompted for this user’s password (set in step 2 of this section). After entering this information successfully, an
ftp>command prompt appears:
ftp localhost Connected to localhost. 220 (vsFTPd 3.0.3) Name (localhost:linode_user): ftp_client 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp>
Verify that the sample file
ftp_clientuser’s home directory is visible from the FTP connection:
The output resembles:
200 EPRT command successful. Consider using EPSV. 150 Here comes the directory listing. -rw-rw-r-- 1 1002 1002 33 Aug 05 16:39 testfile.txt 226 Directory send OK.
Close the ftp client with the
You have verified that your VSFTPD accepts connections. The next sections show where you can configure more sophisticated account management, encryption, and security restrictions:
How to Restart VSFTPD
VSFTPD is restarted via systemctl:
sudo systemctl restart vsftpd
When VSFTPD starts or restarts, it reads from the current configuration files for the service, which are detailed in the next section.
VSFTPD’s Configuration File
In Ubuntu and other common distributions, VSFTPD’s configuration is located in
/etc/vsftpd.conf. When updating the configuration file, follow these steps:
(Recommended) Back up the current configuration by making a copy:
sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak
/etc/vsftpd.confconfiguration file in your preferred text editor.
Restart VSFTPD to activate the changes:
sudo systemctl restart vsftpd
As its name promises, one of VSFTPD’s goals is security. It offers a wide range of settings to help match a range of security and business requirements. The official manual page outlines all configuration options available. The next section introduces some relevant permissions.
VSFTPD User Permissions
To make VSFTPD useful for some real-world use-cases, you can adjust some of the default options set in
/etc/vsftpd.confin your text editor.
Locate the following recommended options within the file. Some may be commented out. If an option is commented out, remove the comment (by removing the
#prefix at the beginning of the line). Some options may not be listed in the file. For these options, add a new line with the option. When finished making changes, save the file.
anonymous_enable: Set this option to
anonymous_enable=NO). This blocks anonymous logins to the FTP server.
local_enable: Set this option to
local_enable=YES). This allows you to log in as the users specified in your system’s
write_enable: Set this option to
write_enable=YES). This allows you to make changes to the filesystem via FTP, including uploading files.
Restart VSFTPD to activate these changes:
systemctl restart vsftpd
NoteA common strategy for securing user accounts is to use VSFTPD’s
userlist_denyattributes. These can be configured to only allow a selected subset of local accounts to establish FTP sessions.
CautionBy default, FTP connections are communicated in clear text and not encrypted. Investigate the SSL options available to VSFTPD to set up encryption.
VSFTPD Log File
VSFTPD logs its actions. The default location of the log file is
/var/log/vsftpd.log. The configuration attribute
xferlog_file controls this location. View its content from time to time to understand the information the logfile preserves:
sudo more /var/log/vsftpd.log
Downloading with VSFTPD
On the server, open an FTP connection to
ftp_clientusername and password when prompted.
At the FTP command prompt, change directory to the
250 Directory successfully changed.
getcommand to retrieve the test file that was created in the Create an FTP User section:
local: testfile.txt remote: testfile.txt 200 EPRT command successful. Consider using EPSV. 150 Opening BINARY mode data connection for testfile.txt (33 bytes). 226 Transfer complete. 33 bytes received in 0.00 secs (947.8400 kB/s)
Exit the FTP session:
Observe that the file is now present in your original user’s home directory:
total 4 -rw-rw-r-- 1 linode_user linode_user 33 Aug 5 16:59 testfile.txt
Uploading with VSFTPD
Create a text file in your system’s
cd /tmp echo "This is sample content for uploading through FTP." > testfile2.txt
Open an FTP connection to
localhost. Enter the
ftp_clientusername and password when prompted:
Within the FTP session, upload the file created in step 1 by using the
200 EPRT command successful. Consider using EPSV. 150 Ok to send data. 226 Transfer complete. 50 bytes sent in 0.00 secs (2.3842 MB/s)
write_enableoption for VSFTPD must be set to
YESfor this file upload operation to succeed. Review the VSFTPD’s Configuration File section for help with setting this option.
Exit the FTP session:
Verify that the sample file
testfile2.txtwas uploaded to the
ftp_clienthome directory via FTP:
The output should resemble:
Connect to Your Server using VSFTPD
Before enabling VSFTPD connections, make sure SSH connections are also allowed:
sudo ufw allow ssh
Allow VSFTPD traffic on ports 20 and 21:
sudo ufw allow from any to any port 20,21 proto tcp
Enable the UFW firewall:
sudo ufw enable
Use any convenient FTP client on your desktop to connect to the VSFTPD server. When connecting, specify the
ftp_clientuser and the IP address of the server (e.g.
You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.
This page was originally published on