FTP stands for “File Transfer Protocol” and is a great protocol for downloading files from a remote or local server, or uploading files onto the server. Using FTP proves to be a pretty basic task after it has been setup properly. It works by having a server that is listening for connections (on port 21 by default) from clients. The clients can access a remote directory with their user account, and then download or upload files there, depending on the permissions that have been granted to them. It’s also possible to configure anonymous authorization, which means that users will not need their own account in order to connect to the FTP server.
On Ubuntu Linux, there are a multitude of different FTP server and client software packages available. You can even use default GUI and command line tools as an FTP client. A very popular and highly configurable FTP server package is vsftpd, available for many Linux systems, including Ubuntu.
In this guide, we will go over the step by step instructions to install vsftpd on Ubuntu. We’ll also see how to to configure the FTP server through various settings, then how to use command line, GNOME GUI, or FTP client software to connect to the FTP server.
FTP will suffice for some situations, but for connections over the internet, SFTP is recommended. This is because FTP is not secure to use over an internet connection, since your credentials and data are transmitted without encryption. The ‘S’ in SFTP stands for ‘Secure’ and tunnels the FTP protocol through SSH, providing the encryption needed to establish a secure connection. To learn more about SFTP, see our guide on How to Securely Transfer Files With SFTP.
In this tutorial you will learn:
- How to install and configure vsftpd on Ubuntu
- How to setup an FTP user account
- How to connect to FTP server via command line
- How to connect to FTP server via GUI
- How to configure anonymous FTP login
- How to change the default FTP listening port
- Troubleshooting “connection refused” FTP connection error
Category | Requirements, Conventions or Software Version Used |
---|---|
System | Ubuntu Linux |
Software | vsftpd |
Other | Privileged access to your Linux system as root or via the sudo command. |
Conventions |
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command$ – requires given linux commands to be executed as a regular non-privileged user |
vsftpd installation
Install vsftpd on your Ubuntu system by typing this command into the terminal:
$ sudo apt install vsftpd
Configure vsftpd server
- It’s always best practice to keep a backup copy of the original config file, just in case something goes wrong later. Let’s rename the default config file:
$ sudo mv /etc/vsftpd.conf /etc/vsftpd.conf_orig
- Create a new vsftpd configuration file using nano or whichever text editor you prefer:
$ sudo nano /etc/vsftpd.conf
- Copy the following base configuration into your file. This configuration will suffice for a basic FTP server, and can later be tweaked for the specific needs of your environment once you’ve verified this is working properly:
listen=NO listen_ipv6=YES anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES chroot_local_user=YES secure_chroot_dir=/var/run/vsftpd/empty pam_service_name=vsftpd rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key ssl_enable=NO pasv_enable=Yes pasv_min_port=10000 pasv_max_port=10100 allow_writeable_chroot=YES
Paste the above lines into your newly created
/etc/vsftpd.conf
file, and then save changes and close the file. - Ubuntu’s built-in firewall will block FTP traffic by default, but the following command will create an exception in UFW to allow the traffic:
$ sudo ufw allow from any to any port 20,21,10000:10100 proto tcp
- With the configuration file saved and the firewall rules updated, restart vsftpd to apply the new changes:
$ sudo systemctl restart vsftpd
Create an FTP user
Our FTP server is ready to receive incoming connections, so now it’s time to create a new user account that we’ll use to connect to the FTP service.
- Use this first command to create a new account called
ftpuser
, and the second command to set a password for the account:$ sudo useradd -m ftpuser $ sudo passwd ftpuser New password: Retype new password: passwd: password updated successfully
- In order to verify that everything’s working properly, you should store at least one file in ftpuser’s home directory. This file should be visible when we login to FTP in the next steps.
$ sudo bash -c "echo FTP TESTING > /home/ftpuser/FTP-TEST"
Connect to FTP server via command line
You should now be able to connect to your FTP server either by IP address or hostname. First, ensure that the default FTP client utility is installed on your system by running the following command. It will either install the software or tell you that it already exists on the system.
$ sudo apt install ftp
To connect from command line and verify that everything is working, open a terminal and use Ubuntu’s ftp command to connect to your loopback address (127.0.0.1).
$ ftp 127.0.0.1
As you can see in the screenshot above, we were able to login to the FTP server by specifying the username and password that we configured earlier. Next, let’s try issuing an ls
command, which should list the test file that we created in previous steps.
ftp> ls
Your output should look like the screenshot above, indicating a successful login and a ls
command that reveals our test file we created earlier.
Connect to FTP server via GNOME GUI
You can also connect to your FTP server by GUI, if you prefer. There are many options for FTP clients, but the default GNOME GUI on Ubuntu already comes with the ability to connect to FTP servers from the file manager. Here’s how to use it to connect to your FTP server.
- Open the file manager from within the Activities menu or the quick launch bar.
- Click on “Other Locations” and enter
ftp://127.0.0.1
in the “Connect to server” box at the bottom of the window and click connect. - Choose “registered user” and then enter the FTP account’s credentials that we setup earlier and click connect.
- Upon a successful connection, you’ll see the test file you created earlier. You’ll now be able to download and view this file, or upload your own contents to the directory.
Allow anonymous access in vsftpd
So far, we’ve seen how to create new users that can access the FTP server. If you’d like others to be able to access your FTP server without giving a username and password, you can configure anonymous authentication. Follow the steps below to get it set up.
- First, we’ll need to edit the
/etc/vsftpd.conf
file, so open it with nano or any other text editor.$ sudo nano /etc/vsftpd.conf
- Next, look for the
anonymous_enable=NO
line, and change the setting toYES
.anonymous_enable=YES
- When done, exit this file while saving the new changes, then restart the vsftpd service for changes to take effect.
$ sudo systemctl restart vsftpd
- To test out anonymous login, issue the
ftp 127.0.0.1
command, useanonymous
as your username, and a blank password. You should receive a230 Login successful
message as shown in the screenshot below.
Change default FTP port number
By default, the FTP protocol listens on port 21 for user authentication and port 20 for data transfer. However, we can change this behavior by making a small edit to the /etc/vsftpd.conf
file. At the bottom of the file, use the listen_port
directive to specify a different port for vsftpd to use. For example, adding the following line will instruct vsftpd to listen on port 2121:
listen_port=2121
Closing Thoughts
In this guide, we saw how to use the vsftpd software package to create an FTP server on Ubuntu Linux. We also learned how to use the command line or GNOME GUI as an FTP client to connect to the server. By following this guide, computers on your local network can access your system to store and retrieve files, either via the command line or their preferred FTP client.
Troubleshooting
The most common error you may receive is a “Connection refused” message when trying to connect to the server. This could be for a variety of reasons, but is commonly associated with a firewall blocking the connection or a misconfigured vstpd file. Make sure that the FTP port is not blocked by your firewall by executing this command:
$ sudo ufw allow from any to any port 20,21,10000:10100 proto tcp
Also check the status of the vsftpd service to ensure that it’s running and has not encountered any startup errors.
$ systemctl status vsftpd
Use the following commands to start vsftpd, or to restart the service after applying configuration changes.
$ sudo systemctl start vsftpd OR $ sudo systemctl restart vsftpd
Lastly, keep in mind that a router or external firewall could also be responsible for blocking your connection. If you are able to successfully connect to your FTP server with the ftp 127.0.0.1
command on the server itself, and have followed the troubleshooting steps above, yet are not able to connect to the FTP server from a remote system, then there is likely some device sitting in between the two systems that’s blocking the connection.