VSFTPD: Create a Secure FTP Server in 5 Minutes on Debian – Part 1

Deepak Gupta June 27, 2022
Updated 2022/06/27 at 1:02 PM

FTP (File Transfer Protocol) remains one of the most used protocols for transferring files. In this segment, there are several solutions, one of the most popular for Linux is undoubtedly VSFTP as it offers several features, including support for IPv6 and SSL.

Learn how to create a secure FTP server in 5 minutes on Debian.


Para implementar um servidor de FTP no Debian vamos usar o vsftpd. O vsftpd (Very Secure FTPD) é provavelmente um dos mais rápidos e seguros servidores de FTP para sistemas Linux. Este serviço oferece um conjunto de características das quais destacamos:

  • Suporte para utilizadores virtuais
  • Suporte para IPv6
  • Suporte para virtual IPs
  • Suporte para SSL
  • Controlo para largura de banda a usar

Passo 1) Instalação do VSFTP no Debian Linux

Para começar devemos atualizar o sistema usando o seguinte comando:

sudo apt update

Then we installed the vsftpd service

sudo apt install vsftpd

To start the service, stop, restart or see the status, we can use the following commands

sudo systemctl start vsftpd
sudo systemctl stop vsftpd
sudo systemctl restart vsftpd
sudo systemctl status vsftpd

Step 2 – vsftpd Service Settings (Basic)

By default, the services configuration files are located in /etc. In the case of vsftpd the configuration file is in /etc/vsftpd.conf.

Let's get started, you can make a copy of the original file using the following command:

sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.orig

Then we will edit the configuration file (/etc/vsftpd.conf) and proceed with the following configurations:

#Serviço ativo
listen=YES

#Suporte para IPV6
listen_ipv6=YES

#Ativo no porto 20
connect_from_port_20=YES

#Desactivar o acesso “anónimo”.
anonymous_enable=NO

#Permitir o acesso dos utilizadores locais (criados no linux)
local_enable=YES
dirmessage_enable=YES
write_enable=YES

#Acesso do utilizador apenas ao seu diretório
chroot_local_user=YES
allow_writeable_chroot=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
pasv_enable=YES
pasv_min_port=40000
pasv_max_port=45000
userlist_enable=YES

#Lista de utilizadores com possibilidade de acesso
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO

Step 3 – Add users

As defined in the configuration file, the /etc/vsftpd.userlist file maintains the list of authenticated users. To create a user (example, ppinto) we use the following command:

sudo adduser ppinto

To set the password, run the following command:

sudo passwd ppinto

Finally, to add the user to the list of users, use the following command:

echo "ppinto" | sudo tee -a /etc/vsftpd.userlist

At the end, restart the service using the command sudo systemctl restart vsftpd.

And it's done. In the next tutorial we will teach how a user can access FTP and have access only to his directory. Stay tuned, the tutorial will be available soon.

!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version='2.0';n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,'script','https://connect.facebook.net/en_US/fbevents.js');
fbq('init', '1664527397186427'); // Insert your pixel ID here.
fbq('track', 'PageView');
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/pt_PT/sdk.js#xfbml=1&version=v2.3&appId=122308327859118";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));

Share this Article
Leave a comment

Leave a Reply

Your email address will not be published.