Unlock cybersecurity expertise, protect digital frontiers, secure your future today! Join Now
Home
Cyber Security

FTP Server : Setup and Usage (VSFTPd)

Introduction to FTP

FTP (File Transfer Protocol) is a standard network protocol used for transferring files between a client and a server over the internet or a local network. It is built on a client-server architecture and operates on ports 20 and 21. FTP servers facilitate data sharing, remote storage, and file management.


In this guide, we will delve into FTP server setup, client interaction, commands, and outputs, ensuring clarity in every step.

Part 1: Setting Up an FTP Server

1. Choose an FTP Server Software

There are many FTP server applications available. Common ones include:

  • vsftpd (Very Secure FTP Daemon)
  • FileZilla Server
  • ProFTPD
  • Pure-FTPd

For this guide, we’ll use vsftpd on a Linux system.

2. Install vsftpd

On a Debian-based system (e.g., Ubuntu), open the terminal and run:

sudo apt update
sudo apt install vsftpd

For Red Hat-based systems:

sudo yum install vsftpd

3. Configure vsftpd

Edit the configuration file:

sudo nano /etc/vsftpd.conf

Key settings to modify:

  • Enable local user access:
    local_enable=YES
  • Allow file uploads:
    write_enable=YES
  • Set the chroot jail (restrict users to their home directory):
    chroot_local_user=YES
  • Specify allowed users: Uncomment or add:
    userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO

Save and close the file (Ctrl+O, Ctrl+X).

4. Add Users

Create a new user for FTP access:

sudo adduser ftpuser

Add the user to the vsftpd.userlist:

echo "ftpuser" | sudo tee -a /etc/vsftpd.userlist

5. Restart vsftpd

Restart the FTP service to apply changes:

sudo systemctl restart vsftpd

Part 2: Connecting to the FTP Server

1. Using an FTP Client

Popular FTP clients include:

  • FileZilla
  • Cyberduck
  • Command-line FTP clients

2. Command-Line Connection

To connect to the FTP server via the terminal, use:

ftp <server-ip-address>

Example:

ftp 192.168.1.100

The server prompts for a username and password:

Connected to 192.168.1.100.
220 (vsFTPd 3.0.3)
Name (192.168.1.100:username): ftpuser
331 Please specify the password.
Password:
230 Login successful.

3. Passive vs Active Modes

FTP operates in two modes:

  • Active Mode: The client opens a random port, and the server connects back to it.
  • Passive Mode: The server provides a port for the client to connect. Use this mode if firewalls block the active connection.

Set passive mode in the vsftpd.conf file:

pasv_enable=YES
pasv_min_port=40000
pasv_max_port=50000

Part 3: FTP Commands with Examples

1. Navigational Commands

  1. pwd (Print Working Directory): Displays the current directory on the FTP server.

    ftp> pwd
257 "/home/ftpuser" is the current directory.

  2. ls (List Files): Lists files and directories in the current directory.

    ftp> ls
200 PORT command successful.
150 Here comes the directory listing.
file1.txt
file2.txt
226 Directory send okay.

  3. cd (Change Directory): Moves to another directory.

    ftp> cd documents
250 Directory successfully changed.

  4. lcd (Local Change Directory): Changes the local system’s directory.

    ftp> lcd /home/user/ftp_files
Local directory now /home/user/ftp_files.

2. File Transfer Commands

  1. get (Download a File): Downloads a file from the server.

    ftp> get file1.txt
200 PORT command successful.
150 Opening BINARY mode data connection for file1.txt.
226 Transfer complete.

  2. mget (Download Multiple Files): Downloads multiple files using wildcards.

    ftp> mget *.txt

  3. put (Upload a File): Uploads a file to the server.

    ftp> put localfile.txt
200 PORT command successful.
150 Ok to send data.
226 Transfer complete.

  4. mput (Upload Multiple Files): Uploads multiple files using wildcards.

    ftp> mput *.jpg

3. Miscellaneous Commands

  1. delete (Remove a File): Deletes a file from the server.

    ftp> delete file1.txt
250 Delete operation successful.

  2. mkdir (Make Directory): Creates a directory on the server.

    ftp> mkdir newfolder
257 "/home/ftpuser/newfolder" created.

  3. rmdir (Remove Directory): Removes an empty directory.

    ftp> rmdir newfolder
250 Remove directory operation successful.

  4. bye or quit: Ends the FTP session.

    ftp> bye
221 Goodbye.

Part 4: Securing Your FTP Server

  1. Enable SSL/TLS: Install an SSL certificate and configure vsftpd to use FTPS (FTP Secure):

    ssl_enable=YES
rsa_cert_file=/etc/ssl/certs/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.key

  2. Restrict Anonymous Access: Ensure the following is set in vsftpd.conf:

    anonymous_enable=NO

  3. Enable Logging: Enable logging for monitoring and troubleshooting:

    xferlog_enable=YES
log_ftp_protocol=YES
xferlog_file=/var/log/vsftpd.log

  4. Use a Firewall: Configure your firewall to allow only necessary FTP ports.

Conclusion

FTP servers are invaluable for file sharing and storage but require proper setup and security measures. By following this guide, you can set up a robust FTP server, understand key FTP commands, and manage file transfers efficiently. Always prioritize security by using FTPS and monitoring server activity regularly.