Tutorial

How To Set Up vsftpd on Ubuntu 12.04

Published on June 20, 2012
How To Set Up vsftpd on Ubuntu 12.04

Status: Deprecated

This article covers a version of Ubuntu that is no longer supported. If you are currently operate a server running Ubuntu 12.04, we highly recommend upgrading or migrating to a supported version of Ubuntu:

Reason: Ubuntu 12.04 reached end of life (EOL) on April 28, 2017 and no longer receives security patches or updates. This guide is no longer maintained.

See Instead:
This guide might still be useful as a reference, but may not work on other Ubuntu releases. If available, we strongly recommend using a guide written for the version of Ubuntu you are using. You can use the search functionality at the top of the page to find a more recent version.

About vsftpd

Warning: FTP is inherently insecure. If you must use FTP, consider securing your FTP connection with SSL/TLS. Otherwise, it is best to use SFTP, a secure alternative to FTP.

The first two letters of vsftpd stand for "very secure" and the program was built to have strongest protection against possible FTP vulnerabilities.

Step One—Install vsftpd

You can quickly install vsftpd on your virtual private server in the command line:

sudo apt-get install vsftpd

Once the file finishes downloading, the VSFTP will be on your droplet. Generally speaking, it is already configured with a reasonable amount of security. However, it does provide access on your VPS to anonymous users.

Step Two—Configure vsftpd

Once vsftpd is installed, you can adjust the configuration.

Open up the configuration file:

sudo nano /etc/vsftpd.conf

The biggest change you need to make is to switch the Anonymous_enable from YES to NO:

anonymous_enable=NO

Prior to this change, vsftpd allowed anonymous, unidentified users to access the server's files. This is useful if you are seeking to distribute information widely, but may be considered a serious security issue in most other cases.

After that, uncomment the local_enable option, changing it to yes and, additionally, allow the user to write to the directory.

local_enable=YES
write_enable=YES

Finish up by uncommenting command to chroot_local_user. When this line is set to Yes, all the local users will be jailed within their chroot and will be denied access to any other part of the server.

chroot_local_user=YES

Save and Exit that file.

Because of a recent vsftpd upgrade, vsftpd is "refusing to run with writable root inside chroot". A handy way to address this issue to is to take the following steps:

  1. Create a new directory within the user's home directory
  2. mkdir /home/username/files
  3. Change the ownership of that file to root
  4. chown root:root /home/username
  5. Make all necessary changes within the "files" subdirectory

Then, as always, restart:

 sudo service vsftpd restart

Step Three—Access the FTP server

Once you have installed the FTP server and configured it to your liking, you can now access it.

You can reach an FTP server in the browser by typing the domain name into the address bar and logging in with the appropriate ID. Keep in mind, you will only be able to access the user's home directory.

ftp://example.com

Alternatively, you can reach the FTP server on your virtual server through the command line by typing:

 ftp example.com

Then you can use the word, "exit," to get out of the FTP shell.

By Etel Sverdlov

Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.

Learn more about our products

About the authors

Still looking for an answer?

Ask a questionSearch for more help

Was this helpful?
 
10 Comments


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

For all the people who want to allow external folders to be available in your ftp, here is a quick tip:

mkdir /home/username/www mount --bind /var/www/path/to/your/folder/ /home/username/www sudo nano /etc/fstab

-and add the following line in the file and save /var/www/path/to/your/folder /home/username/www none bind 0 0

-restart sudo service vsftpd restart

-now you will be able to access /var/www/path/to/your/folder in your ftp.

Hope this helps alot of people out there!

For those of you trying to solve the “530 Login incorrect.” error:

  1. remove user “root” from the file /etc/ftpusers (just delete that line)
  2. comment line “chroot_local_user=YES” from /etc/vsftpd.conf
  3. restart vsftdp: service vsftpd restart

Does anybody really need ftp? I’ve been with a few hosting companies that outright disallowed ftp.

For most file transfer you can just use sftp, which will go over ssh. I’m guessing a lot of people are installing ftp thinking they need it because it appears in the list of tutorials. It might be good to include a suggestion to sftp if suitable at the beginning.

When I did the install, mostly out of curiosity, I found the instructions a bit confusing due to references to “file” when the command refers to the users home directory - “then change the ownership of that file to root” followed by: “chown root:root /home/username”

But this isn’t a file- it’s users home directory. And we didn’t create a file, but rather a directory. And why root? I imagine a lot of people are doing:

chown root:root /home/username/files

Or assuming the user in the instructions was root.

Finally, I have absolutely no clue what the original error means or how this fixes it. I’m rather curious.

Thanks, Nick

How can I set the username and password for the FTP account?

I still can’t make directory or file under /home/username, how to fix it?

Thx

awesome…thanks…my filezilla is able to open file system of server

I’m sure I don’t know anything because the steps above have no effect. I don’t know of the instructions are incomplete or if I didn’t say the secret word and pray to the gods before hitting the “create new droplet” button but this flat out will not work for me. I’ve destroyed droplets and ran through the instructions 4 times. They just don’t work for me at all. If anyone wants to know the exact steps I took, I recommend scrolling to the top of the page and reading down to the last step. Do that four times and those perfectly document each step I did.

If you are getting 530 Login incorrect, you should change pam_service_name=vsftpd to pam_service_name=vsftpd in file /etc/vsftpd.conf

Source SO

Probably been answered a dozen times - but I followed this tutorial and now I am told my login details are not correct. It’s driving me nuts.

thanks it was so simple !!

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Join the Tech Talk
Success! Thank you! Please check your email for further details.

Please complete your information!

Featured on Community

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more