vsFTPD – Lightweight FTP server with virtual users on Debian 8 Jessie

In this tutorial, we will show you how to easily create an FTP server with virtual users using the vsFTP daemon on Debian 8. First, you need to update your Debian VPS:

apt-get update && apt-get upgrade

If you do not have Apache2 web server or if you are using NGINX then you will have to install apache2-utils which is needed to generate passwords for users.

apt-get install apache2-utils

Service installation vsFTPD:

apt-get install vsftpd libpam-pwdfile

Edit the config file vsFTPD and uncomment the lines below. Use vim editor or nano… List the lines that are not present in the config file at the bottom.

# vim /etc/vsftpd.conf

listen=YES
listen_ipv6=NO
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
nopriv_user=vsftpd
chroot_local_user=YES
allow_writeable_chroot=yes
guest_username=vsftpd
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
local_root=/var/www/$USER
hide_ids=YES

# Исключите это, если вы делаете это руководство на свой собственный сервер
seccomp_sandbox=NO

Next, we must change our file /etc/pam.d/vsftpdto check the user / password file we are about to create.

First, create a backup of the file and then edit the existing one:

cp /etc/pam.d/vsftpd{,.bak}

vim /etc/pam.d/vsftpd

Remove everything from the file and add these lines:

auth required pam_pwdfile.so pwdfile /etc/ftpd.passwd
account required pam_permit.so

Create a master user to be used by virtual users for authentication:

useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd

Once this is done, we can create a user / password file.

Note: passwords used this way can be up to 8 characters long. If you want to read vsFTPD with strong passwords, you can look for another pam module.

htpasswd -cd /etc/ftpd.passwd andreyextest1

Add another user and add him to ftpd.passwd file, flag -c omitted here.

htpasswd -d /etc/ftpd.passwd andreyextest2

Then add directories for users as vsFTPD won’t create them automatically.

## Для andreyextest1
mkdir /var/www/andreyextest1
chown vsftpd:nogroup /var/www/andreyextest1
chmod +w /var/www/andreyextest1

## Для andreyextest2
mkdir /var/www/andreyextest2
chown vsftpd:nogroup /var/www/andreyextest2
chmod +w /var/www/andreyextest2

Finally, start the vsFTPD daemon and set it to start automatically at system boot.

systemctl start vsftpd && systemctl enable vsftpd

Check the status to make sure the service is running:

# systemctl status vsftpd
● vsftpd.service - vsftpd FTP server
Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled)
Active: active (running) since Sat 2016-12-03 11:07:30 CST; 23min ago
Main PID: 5316 (vsftpd)
CGroup: /system.slice/vsftpd.service
├─5316 /usr/sbin/vsftpd /etc/vsftpd.conf
├─5455 /usr/sbin/vsftpd /etc/vsftpd.conf
└─5457 /usr/sbin/vsftpd /etc/vsftpd.conf

Check your settings

Use FileZilla, WinSCP or any other FTP client to log into the VPS using the username and password you created earlier. Create a test directory and a test file from clients.

Server check that the files have been successfully created:

ls -l /var/www/andreyextest1
ls -l /var/www/andreyextest2

Sidebar