Categories
Apps & OS's Technology

How to install VSFTPd on Ubuntu and Jail users to there home directory.

For several months now, I have wanted to setup a fast, secure FTP server so that I myself and users of my server are able to login but can only view and browse there ‘home’ directory.. basically /home/{username}. I have previously tried installing ProFTPd but I have found that to be really slow with clients connecting and transfering data, today I tried installing VSFTPd as it has a history of being really secure and I was shocked to see how fast it was too :). I know for a fact that Novell use VSFTPd on their public web servers.

Ok, so lets get going….

Firstly you will need Ubuntu Server installed, I wrote and tested this tutorial while using Ubuntu Server 6.06 (Dapper Drake) however its pretty simple and should work with other versions of Ubuntu and Debian alike.

Ok so we install VSFTPd by issueing this command at the terminal… (please make sure you are logged in with the root account).

apt-get install vsftpd

Then VSFTPd will be downloaded and installed, next we are going to edit the configuration file to lock users to there home directories, so next we issue this command:-

vi /etc/vsftpd.conf

So now you should look down the configuration file and find this line ‘chroot_local_user=‘ next you should set the value to ‘yes‘ , so the new line should look as follows:-

chroot_local_user=YES

Then you should also make some minor adjustments to the system to enable users to upload and turn anonymous ftp off to stop the general public from accessing your server, The below options are not required but I personally like it set up this way.You can either add the following lines or simply uncomment them by deleteing the ‘#’ at the beginning of the line.

local_enable=YES
This will allow the local machine/server to connect.

write_enable=YES
This will enable users to upload, ammend and delete files.

You will now need to restart the VSFTPd daemon, to do this issue the following command:-

/etc/init.d/vsftpd restart 

Thats it, It should now work fine, I would test it on a remote machine and see if you can connect to the server now. I hope this little tutorial helped.