FTP server setup


When installing Linux from any distribution kit, only the root user will be available by default. At the same time, security reasons will not make it possible to connect via FTP under this user. In this article, we will explain how to quickly set up an FTP server and create a user using only Linux console commands.  

Step 1: Establish a secure connection to your server

At first, you need to connect to your server. You can do this using the SSH (Secure Shell) protocol, which provides a secure remote access way. Instead of logging in as 'root', which is the administrative account on Linux by default, use a regular account and run commands via 'sudo' for extra security.  

Step 2: Install FTP server

The next step is FTP-server installation. In this tutorial, we will be using 'proftpd', a popular open source FTP server.

If you are using CentOS, install the EPEL repository first. Enter the following commands in the terminal:  

sudo yum install epel-release
sudo yum install proftpd

If you are using Debian or Ubuntu, just type:

sudo apt install proftpd

Step 3: Set up automatic FTP launch

After installing the FTP server, configure it to launch automatically every time the server boots. This is carried out by the following commands:  

sudo systemctl start proftpd.service
sudo systemctl enable proftpd.service

Step 4: Set up your firewall

For security purposes, your firewall must be configured in a such a way to allow incoming connections on TCP port 21. The exact command depends on which firewall management utility you are using. For 'iptables':  

sudo iptables -I INPUT -p tcp -m tcp --dport 21 -j ACCEPT
sudo systemctl save iptables

for 'firewalld':  

sudo firewall-cmd --permanent --zone=public --add-port=21/tcp
sudo firewall-cmd –reload

for 'nftables' в Debian 11:  

sudo nft add rule ip filter input tcp dport { 21 } ct state new accept

After the firewall is configured, do not forget to save the changes so that they apply after a reboot. For 'iptables' and 'firewalld' this is done automatically, while for 'nftables' you will need to manually save the current rules to a file that will be loaded at system launch.  

Step 5: Restrict FTP users by their domestic directory

By default, FTP users can go beyond their domestic directory, which can be a security risk. To prevent this, add the DefaultRoot ~ line to the 'proftpd.conf' file. This line restricts users by their domestic directory. Add it to the end of the file, then reboot the FTP server:  

sudo systemctl restart proftpd.service

Step 6: New FTP user creation

You are now ready to create a new FTP user. It doesn't need command shell access, so disable it for security reasons. Here are the commands for that:  

sudo useradd [username] -d /home/[username] -m -s /usr/sbin/nologin

sudo passwd [username]

Replace [username] with a desired username. The ‘passwd’ command will offer you to enter a password for the new user.  

You have now set up an FTP server and created a new FTP user on the Linux server. Always remember about security while setting up.

Previous article VPN server setup on Linux: PPTP or OpenVPN?
Next article Configuring .htaccess file

Ask us about VPS

We are always ready to answer your questions at any time of day or night.
Please, check our Knowledge base, most likely the answer to your question is already there!