Debian Tutorials

Debian Tutorials


Step by step tutorials showing you how to install and configure various applications and services on Debian based Linux distros.

December 2024
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Categories


Installing vsftpd using text file for virtual users

Ástþór IPÁstþór IP
Notice

This tutorial is for older Debian versions and may not work for current versions. Please refer to the links below to find a newer tutorial.

vsftpd is a secure, fast and stable FTP server. In this tutorial we’ll install the server and make it check in a flat text file for virtual users allowed to login.

1. Install required packages

apt-get install vsftpd libpam-pwdfile

2. Configure vsftpd (pico /etc/vsftpd.conf)

Edit these variables in the config file and leave everything else with the default value.

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
nopriv_user=vsftpd
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
local_root=/var/www/$USER
chroot_local_user=YES
hide_ids=YES
guest_username=vsftpd

Set the local_root to the parent directory where the user’s home directories are located

3. Configure PAM to check the passwd file for users (pico /etc/pam.d/vsftpd)

auth required pam_pwdfile.so pwdfile /etc/ftpd.passwd
account required pam_permit.so

Make sure you remove everything else from the file

4. Create the passwd file containing the users

htpasswd -c /etc/ftpd.passwd user1

You can later add additional users to the file like this:

htpasswd /etc/ftpd.passwd user2

5. Create a local user that’s used by the virtual users to authenticate

useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd

6. Restart vsftpd

/etc/init.d/vsftpd restart

7. Create user’s home directory since vsftpd doesn’t do it automatically

mkdir /var/www/user1
chown vsftpd:nogroup /var/www/user1

Comments 12
  • Jacob Fich
    Posted on

    Jacob Fich Jacob Fich

    Author

    Hi.

    NICE howto!

    How do I create a symbolic link to an other virtual users files?


  • John
    Posted on

    John John

    Author

    Thanks – this description worked for me when others failed (e.g.:
    http://howto.gumph.org/content/setup-virtual-users-and-directories-in-vsftpd/
    )


  • Phil
    Posted on

    Phil Phil

    Author

    Amazing tutorial! Very simple, clear, and best of all, ACCURATE.

    I have been trying different tutorials for hours now, and all of them were missing critical steps, such as setting up a local user, or setting permissions for the var/www/user1 folder.

    I didn’t think it would be so hard to remember all the steps and put them in a tutorial…. But apparently it is very difficult!

    Thank you, thank you, and thank you! You are one in a million!


  • jim
    Posted on

    jim jim

    Author

    One minor change that finally got it working for me. Add /bin/false to /etc/shells to make it a valid login shell for your virtual user.


  • Mahidul
    Posted on

    Mahidul Mahidul

    Author

    Thanks a lot… Great work … Worked like a charm ….


  • Claes
    Posted on

    Claes Claes

    Author

    If you use Ubuntu Server 12.04 LTS you need to use the -d in htpasswd since newer versions seems to use MD5 instead of Crypt that was default before.

    Example to create a new ftpd.passwd file:
    htpasswd -cd /etc/ftpd.passwd user1

    Example of adding a new user to an existing ftpd.passwd file:
    htpasswd -d /etc/ftpd.passwd user2


  • malte
    Posted on

    malte malte

    Author

    i cant login no matter what i try.
    already added users without password.

    always get :FAIL LOGIN in the log


  • Emilnd
    Posted on

    Emilnd Emilnd

    Author

    Malte, make sure you really have removed all the content of /etc/pam.d/vsftpd before you add the two lines (auth and account) to it! I had an really hard time getting the login to work but that solved it for me 🙂


  • shane
    Posted on

    shane shane

    Author

    The newest vsftpd from Ubuntu has a “security” update that fundamentally breaks most use cases for ftp.

    It disallows writeable access to the chroot_dir
    look here
    http://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot/
    http://askubuntu.com/questions/128180/vsftpd-stopped-working-after-update


  • Taco Bob
    Posted on

    Taco Bob Taco Bob

    Author

    Claes: that comment about htpasswd defaulting to md5? thank you so much. you just helped me solve a totally unrelated issue! woohoo!

    More interesting information from the pam_pwdfile developer here: http://cpbotha.net/software/pam_pwdfile/


  • dan
    Posted on

    dan dan

    Author

    First, thanks for the ‘how-to’ – Excellent and clear to follow. I couldn’t get the “security” update to work by changing vsftpd.conf. But I was able to get it to work by adding a sub-folder to the root folder in step 7 with these changes. Make user1 unwriteable, make uploads writable. Minor nuisance, but it works.

    mkdir /var/www/user1
    mkdir /var/www/user1/uploads
    chown -R vsftpd:nogroup /var/www/user1
    chmod a-w /var/www/user1


  • Pete
    Posted on

    Pete Pete

    Author

    Ditto and ditto! Super clear instructions. Newbie in both linux and raaspberry, but managed is setting up raspian server from a Slitaz machine via ssh only.
    Saw the same problems mentioned in comments, and solved them the same way.
    Thnks to writer and commenteers for a great tutorial!!
    /Pete