Installing vsftpd using text file for virtual users
vsftpd is a secure, fast and stable FTP server. In this tutorial we'll install the server and make it check in a flat text file for virtual users allowed to login.
1. Install required packages
apt-get install vsftpd libpam-pwdfile
2. Configure vsftpd (pico /etc/vsftpd.conf)
Edit these variables in the config file and leave everything else with the default value.
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
nopriv_user=vsftpd
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
local_root=/var/www/$USER
chroot_local_user=YES
hide_ids=YES
guest_username=vsftpd
Set the local_root to the parent directory where the user's home directories are located
3. Configure PAM to check the passwd file for users (pico /etc/pam.d/vsftpd)
auth required pam_pwdfile.so pwdfile /etc/ftpd.passwd
account required pam_permit.so
Make sure you remove everything else from the file
4. Create the passwd file containing the users
htpasswd -c /etc/ftpd.passwd user1
You can later add additional users to the file like this:
htpasswd /etc/ftpd.passwd user2
5. Create a local user that’s used by the virtual users to authenticate
useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd
6. Restart vsftpd
/etc/init.d/vsftpd restart
7. Create user's home directory since vsftpd doesn't do it automatically
mkdir /var/www/user1
chown vsftpd:nogroup /var/www/user1
Follow Us!
Share
Popular Tutorials
- Add a second hard disk
- Installing ionCube
- How to install Roundcube on squeeze
- How to upgrade to PHP 5.3 on Debian Lenny
- Installing and configuring Squid proxy server
- Port forwarding with iptables
- Installing vsftpd using text file for virtual users
- Setup DomainKeys Identified Mail (DKIM) in Postfix
Donate
Support Debian Tutorials with a donation. Any amount appreciated.
Categories
- Backup (3)
- Control Panel (1)
- DNS (5)
- FTP (4)
- General (7)
- Kernel (2)
- Mail (21)
- Media (1)
- Monitoring (13)
- MySQL (16)
- Networking (5)
- PostgreSQL (1)
- Release (95)
- Security (18)
- Ubuntu (8)
- Jaunty Jackalope (8)
- Karmic Koala (8)
- Video (2)
- Virtualization (5)
- Web (27)
- X (1)
January 2nd, 2010 - 23:20
Hi.
NICE howto!
How do I create a symbolic link to an other virtual users files?
October 24th, 2010 - 04:30
Thanks – this description worked for me when others failed (e.g.:
http://howto.gumph.org/content/setup-virtual-users-and-directories-in-vsftpd/
)
August 1st, 2011 - 12:15
Amazing tutorial! Very simple, clear, and best of all, ACCURATE.
I have been trying different tutorials for hours now, and all of them were missing critical steps, such as setting up a local user, or setting permissions for the var/www/user1 folder.
I didn’t think it would be so hard to remember all the steps and put them in a tutorial…. But apparently it is very difficult!
Thank you, thank you, and thank you! You are one in a million!
April 26th, 2012 - 13:43
One minor change that finally got it working for me. Add /bin/false to /etc/shells to make it a valid login shell for your virtual user.
May 9th, 2012 - 11:17
Thanks a lot… Great work … Worked like a charm ….
May 22nd, 2012 - 09:06
If you use Ubuntu Server 12.04 LTS you need to use the -d in htpasswd since newer versions seems to use MD5 instead of Crypt that was default before.
Example to create a new ftpd.passwd file:
htpasswd -cd /etc/ftpd.passwd user1
Example of adding a new user to an existing ftpd.passwd file:
htpasswd -d /etc/ftpd.passwd user2
August 11th, 2012 - 12:59
i cant login no matter what i try.
already added users without password.
always get :FAIL LOGIN in the log
September 5th, 2012 - 17:06
Malte, make sure you really have removed all the content of /etc/pam.d/vsftpd before you add the two lines (auth and account) to it! I had an really hard time getting the login to work but that solved it for me
September 26th, 2012 - 16:02
The newest vsftpd from Ubuntu has a “security” update that fundamentally breaks most use cases for ftp.
It disallows writeable access to the chroot_dir
look here
http://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot/
http://askubuntu.com/questions/128180/vsftpd-stopped-working-after-update
November 3rd, 2012 - 23:02
Claes: that comment about htpasswd defaulting to md5? thank you so much. you just helped me solve a totally unrelated issue! woohoo!
More interesting information from the pam_pwdfile developer here: http://cpbotha.net/software/pam_pwdfile/
January 29th, 2013 - 10:24
First, thanks for the ‘how-to’ – Excellent and clear to follow. I couldn’t get the “security” update to work by changing vsftpd.conf. But I was able to get it to work by adding a sub-folder to the root folder in step 7 with these changes. Make user1 unwriteable, make uploads writable. Minor nuisance, but it works.
mkdir /var/www/user1
mkdir /var/www/user1/uploads
chown -R vsftpd:nogroup /var/www/user1
chmod a-w /var/www/user1
May 13th, 2013 - 16:45
Ditto and ditto! Super clear instructions. Newbie in both linux and raaspberry, but managed is setting up raspian server from a Slitaz machine via ssh only.
Saw the same problems mentioned in comments, and solved them the same way.
Thnks to writer and commenteers for a great tutorial!!
/Pete