How to Set Up FTP Server on Ubuntu VPS


This tutorial will show how to setup an FTP server on Ubuntu VPS. A vsftpd server will be used which is widely regarded as the quickest and most secure FTP server for UNIX-like systems out there.

FTP or File Transfer Protocol is a means to send and receive files over a network connection. Making use of a client/server framework and SSL/TLS security, FTP allows users to share files to (and receive from) remote computers via secure, efficient and reliable data transfer (using the TCP/IP protocols).

FTP functions in the same way HTTP or SMTP do; the only difference obviously is that it is responsible for the secure transport of files from a sender to a receiver instead of web pages from a server to a user or electronic mail throughout the internet. This tutorial will focus on guiding the users regarding FTP server setup on Ubuntu 16.04.

Note: The following tutorial is based on Ubuntu 16.04. But you can apply the same steps when creating an FTP server on Ubuntu 14.04

Step 1 – Installing Vsftpd

First things first, let’s get our package updates before we proceed with the vsftpd daemon installation. To begin, run the following command:

Wait for all the processes to complete and you will see a confirmation as soon as the update finishes.


Once that is out of the way, install the vsftpd daemon using the following command:

You will be prompted with a confirmation message, which will require you to type and hit Enter to continue with the installation.


After the installation completes, make a backup of the original file so that we can start our work with a blank configuration file:

Now we are ready to go to the next step and configure the firewall.

Step 2 – Allowing FTP traffic from the firewall

To allow the Ubuntu FTP server to communicate with the outside world, it needs to make its way through the firewall. Let’s first see whether the firewall is enabled on the machine or not. Run the following command to verify the status:

If you see the following message:

It means that the firewall is not installed and you may proceed to the next step.

However, if the output shows some defined rules or a message that firewall status is active, you will have to verify whether FTP traffic will work. Let’s go ahead and open ports 20 and 21 for the FTP traffic; ports 40000-50000 will be the reserved for the range of passive ports that will eventually be set in the configuration file and port 990 will be used when TLS will be enabled. Execute the following commands to do so:

Now let’s look at the status again:

The output should now look something like:

Now that we have all the necessary ports open and available to us, we can proceed to the next step.

Step 3 – Creating the user directory

As a 3rd step to creating an Ubuntu FTP server, we will need to select the user that is going to be making use of FTP access. For the sake of showing how it’s done, we will be adding a new user. To create it, use the following command:

When asked, enter a password for the user and fill in all other details. Ideally, FTP should be restricted to one a specific directory for security purposes. Vsftpd uses chroot jails to accomplish this. With chroot enabled, a local user is restricted to their home directory (by default). It is, however, possible that because of vsftpd security, a user might not be able to write to the directory. We will not remove write privileges from the home folder, instead, we will make an ftp directory which will act as the chroot along with a writable files directory that will be responsible for holding the pertinent files. Use the following command to create the FTP folder:

Set the ownership using:

Finally, remove the write permissions:

Now, use the following command to verify the permissions:

The output should look something like:

As a next step, we will create the file holding directory and assign the ownership:

Finally, add a test file to the directory which will be used when we test everything later on:

Step 4 – Configuring vsftpd

As the next step in our bid to set up an FTP server on Ubuntu VPS, we will be configuring vsftpd and our FTP access. In this tutorial, we will allow a single user to connect with FTP using a local shell account. The two key configurations required for this are already set in the configuration (vsftpd.conf) file. Firstly verify that the configuration file actually has settings matching to those mentioned below using the nano command:

In the same file, we will proceed by removing # and enabling the write_enable:

Chroot will also be uncommented to ensure that the user connected via FTP only accesses files within the allowed directory:

A few new values will also need to be added by hand. You may simply paste them at the bottom of the file. Firstly, a user_sub_token will be added into the local_root directory path. This will allow the configuration to work with the current user and any other users that are subsequently added:

To ensure that substantial amount of connections are available, we will limit the number of ports used in the configuration file:

In this tutorial, we plan to allow access on a case by case basis so let’s set the configuration up in a way that access only gets granted to users that have explicitly been added to a list:

The userlist_deny flag is responsible for toggling the logic; when set to “NO”, only those users specified on the list will be allowed access. Once done, click CTRL+X and confirm the file changes.

Lastly, we will proceed with the creation and addition of our user to the file:

Verify that the user is indeed active by running the following command:

The output should be “alex” as shown in this screenshot:


Restart the daemon using the following command to load the configuration changes:

Step 5 – Making FTP secure

By default, FTP doesn’t do any data encryption, so we will be using TTL/SSL to make things safer. As a first step, we need to create the SSL certificate and use it to secure the Ubuntu FTP server. To start, use the following command:

The –days flag makes the certificate valid for a year and we have included a 2048-bit private RSA key in the same command. Once prompted, enter the pertinent personal details in the field provided.

After you finish creating the certificate, open the configuration file again:

The end of the file should contain two lines that start with “_rsa”. Comment both of these lines like:

Instead we will point the configuration file to the certificate that we just created. Add the following lines:

Now we will enable SSL and ensure that only clients that have SSL enabled get to contact us. Change the value of ssl_enable to YES:

Now add the following lines to further secure things: (This will not allow any anonymous connections over SSL)

Configure the server to use TLS using:

Here we will add 2 more options. Firstly, SSL reuse will not be necessary because it can lead to many FTP clients breaking down. Secondly, we will use high encryption cipher suites, which will mean that key lengths are either equal to (or greater than) 128 bits.

Let’s restart once again to apply the new configurations:

Great work! You have now configured the FTP server on your Ubuntu VPS to work with SSL/TLS protocol.

Step 6 – Testing connections with FileZilla

Nowadays, most FTP clients support TLS encryption configurations, so it’s a great way to test whether your Ubuntu FTP server is working as intended. To test out the connection, we will be using a FileZilla FTP Client. To begin, launch FileZilla, click on the Site Manager icon.


Click the New Site button in the prompted window to begin entering the Ubuntu FTP server details.


Fill in all the required details with your newly created Ubuntu FTP server information. Since we configured it to use TLS, we may also mark the encryption to be explicit FTP over TLS. The final configuration should look like this:

Once ready, click Connect and a screen asking to enter the FTP user’s password will appear.


Finally, you will need to verify the SSL certificate of your FTP server on Ubuntu VPS.

After confirming, the root directory with the test file should now appear on your screen.


That’s all! Now, you can perform various files transfers from your computer to the Ubuntu FTP server and vice versa.


In this tutorial, we have gone through a step-by-step journey to create a way for a local user to securely transfer files via FTP with SSL/TLS on Ubuntu FTP server. We have also tested the connection using FileZilla to make sure everything is functional.

Add Comment

Click here to post a comment

Join thousands of subscribers worldwide

and get awesome deals & the newest tutorials to your email

Please wait...

Thank you for sign up!

More in VPS
How to Migrate Website from Shared hosting to VPS