1. Home
  3. Ubuntu
  5. How to Setup FTP Server on Ubuntu 22.04?

How to Setup FTP Server on Ubuntu 22.04?

FTP (File Transfer Protocol), is a network protocol used to transfer files over the network. It works on the client/server architecture where multiple clients can use a centralized server to communicate/share data.

Before you start using FTP, it is important to set up the FTP server on the server side and the FTP client on the client side. This post will list the easiest way to set up / Configure the FTP server on Ubuntu 22.04.

How Does FTP Work? Core Concepts

A FTP session is established based on the two channels, i.e., command and data. Each channel refers to a TCP connection. When the client initiates the request, the command channel is established through Port 21 of the server. Whereas the data channel acts on the command and transmits the data depending upon the connection mode:

  • If the Active mode is enabled, the client provides the IP address and Port number to the server to connect to the client.
  • If the Passive mode is ON, then the server provides the port and IP address to the client to establish a Data channel.

The Active Mode Connection was used in the earlier ages of computing. Well, the modern FTP servers use the Passive mode in which the client initiates both command and data channels.

Types of Files Supported By FTP

Not all the files an FTP connection can support. Three types of files are supported which are, ASCII, EBCDIC, and Image Files. So, ensure the file types before transferring.

How to Set up an FTP Server on Ubuntu 22.04?

To start using the FTP, it is only recommended to set up / configure the FTP server with only default/basic settings. Here, we will install the utilities and perform the basic configurations to set up the FTP Server for the FTP connection. Let’s start:

Step 1: Install FTP Daemon

On the server side, the FTP is backed up by its daemon named “vsftpd”. First, update the Ubuntu’s core libraries using the update command and then install vsftpd:

sudo apt update
sudo apt install vsftpd

Step 2: Configure/Setup the FTP Daemon

First, check the status of the FTP Server:

sudo systemctl status vsftpd

The server daemon is running actively. If not in your case, use the following commands to further manage the server:

sudo systemctl start vsftpd #Start the Daemon
sudo systemctl enable vsftpd #Enable the Daemon

Step 3: Set Up the Configuration File of vsftpd

The vsftpd configuration file is placed inside the “/etc/vsftpd.conf” file. You need to open the file in the Nano/or any text editor and the following changes are at least recommended to establish a connection:

sudo nano /etc/vsftpd.conf

Uncomment the following highlighted lines to allow all the users to interact with FTP and also make the FTP server writable.

Also, define the maximum and minimum passive ports. As the ports are random the connection won’t be established until/unless the port range is defined, as we did:

Step 4: Configure the Firewall

Allow the ports 20,21, and port range of 10000:10050/tcp, using the ufw utility. After that, reload the firewall to apply the changes:

sudo ufw allow 20
sudo ufw allow 21
sudo ufw allow 10000:10050/tcp
sudo ufw reload

That’s all done from the Server’s side. Want to know how to connect the client with the server via FTP? Let’s do it.

How to Create an FTP Connection?

As the FTP server has been configured. Now, it’s time for the Client’s Configuration to create an FTP connection. Let’s do it practically:

Configure the FTP Client Side

Open the terminal on the client side and install the FTP client using one of the following commands (as per your client’s distribution):

Note: Here we are using Kali Linux as a client.

sudo apt install ftp #Debian/Ubuntu-Based
sudo dnf/yum install ftp #RHEL/Fedora/CentOS
sudo zypper install ftp #SUSE-Based
sudo pacman -S inetutils #Arch-Based

The ftp client is already installed on Kali Linux.

Establish/Create an FTP Connection

You can connect to an FTP server via two syntaxes, i.e., the first will prompt for the username itself whereas the second directly establishes the connection with the specific user:

ftp Server's-IP-Address

ftp username@Server’s-IP-Address

Remember, the directory from where the client has initiated the connection will be used as the client’s parent/main directory to send/receive files.

Upload/Download Files From the Server

The primary purpose of the FTP server is to download/upload files from/to a centralized server. Here’s the way to do it:

Download The File From FTP Server

The get command with the file name downloads the file from the server, as follows:

$ get <filename>

Upload the File From FTP Server

Use the keyword put with the filename, as follows:

$ put <filename>

You can use the “exit” command to quit the FTP session.

Apart from these, you can use other Linux/Ubuntu commands (in the FTP), such as ls, mkdir, cd, chmod, etc on the remote and local machines.

How to Setup FTP Secure (FTPS) Server on Ubuntu 22.04?

By default, the file transport mechanism of the FTP is not safe. The data/encryption is not encrypted, it is transferred as plain text which is easy to hack. However, you can integrate SSL/TLS-based encryption to encrypt/secure the file commands, logins, and data transfers through FTP.

Let’s see how it works:

Step 1: Generate an SSL/TLS Certificate

Let’s use the openssl tool to generate the self-signed SSL certificate and private key request using the command:

  • The “x509” denotes the self-signed certificate.
  • The certificate expires in 175 days.
  • Created a Keypair of 3072 bits with RSA encryption.
  • The key and certificate are kept in the same file to keep the key/pair together.
sudo openssl req -x509 -nodes -days 175 -newkey rsa:3072 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem

Step 2: Modify the vsftpd Configuration File

Now, it’s time to modify the configuration file to use the FTP as per the SSL-generated certificate. Use the below-stated parameters to control the SSL/TLS settings.

  • allow_anon_ssl=NO: To prevent anonymous users.
  • force_local_data_ssl=YES: To keep the data transfer safe through SSL/TLS.
  • force_local_ssl_logins=YES: Keep the user’s login safe.

And restricting vsftpd to use TLS version 1 only.

Restart the server to apply the changes:

sudo systemctl restart vsftpd

Step 3: Create a Dedicated User For FTP Connection

Usually, FTP is connected via any of the users and the user lands in the default directory /srv/ftp”. The best practice is to create a new user and dedicate a specific directory to that user. So that only the designated user would be shared with the clients to interact:

Create a User

sudo adduser genieftp

Create a New Default Directory for FTP

By default, the “/srv/ftp” is used by the FTP server. However, you can create a new one for that user:

sudo mkdir /srv/ftp/genieftp_home

Change the Ownership of the Directory

sudo chown genieftp:genieftp /srv/ftp/genieftp_home

Change/Set the Default Directory on the FTP Server Side

sudo usermod -d /srv/ftp/genieftp_home/ genieftp

Modify the FTP Configuration File

Open the “/etc/vsftpd.conf” file and uncomment (or add) the following line, which restricts the user to use their home directory after login:

Restart the FTP Daemon

Apply the changes to the FTP:

sudo systemctl restart vsftpd

Now, whenever you connect the FTP server through the designated user, you will be allowed to use the defined home directory of that user.

Optional: Create a List of Users | For Full Access

What if you want full access? FTP allows such behavior as well by creating a list of users and integrating them in the configuration file. Here’s the process:

Create/Edit a List of Users

FTP has the default user’s list at the location “/etc/vsftpd.user”. Open it and add the usernames on the separate lines:

Modify the Configuration File

The following lines are already added (if not, you need to add them). Just uncomment them:

Restart the FTP daemon to apply the changes. Now, the user listed in the file would have full access (like a root user of the server).

How to Remove FTP Server From Ubuntu 22.04?

As discussed, FTP functions on the Client/Server model. Thus, removing the FTP server-side settings would be enough to stop using FTP. However, we will illustrate the removal from the on both sides (client/server):

Remove/Delete the FTP Daemon and Firewall Rules | Server Side

First, remove the vsftpd server:

sudo apt autoremove vsftpd

As the server support is no longer required, you need to manage the firewall ports as well:

sudo ufw status

Now, use the below command to delete the rule at a specific number (the order in which the rules are listed in the above command):

sudo ufw delete <Rule-Number>

After deleting one rule, the rule number will be updated in the status list. So, you must again check the rule number before deleting the next one.

Note: Instead of deleting, you can only block the connections via the FTP-relevant ports. Here’s the command syntax:

sudo ufw deny <Port-Number>

Remove the FTP Client | Client Side

The client-side has just an FTP client. Remove it using the command:

sudo apt autoremove ftp

That’s the way to deal with FTP servers on Ubuntu/Linux.

Bottom Line

FTP is a renowned file transfer protocol for Ubuntu/Linux. It is old and considered a non-secure means of file transfer. However, by integrating the SSL/TLS-based encryption, you can easily upload/download the files to/from the server. Your login details, data transfers, and commands are all safe after SSL/TLS.

All in all, you have learned the installation, configuration, and basic to advanced configurations of FTP for Ubuntu/Linux.

 

Print Friendly, PDF & Email
Categories