Very Secure FTP server

Folder sharing with FTP is fast and simple way how to exchange and share data between computers. Find out how to setup vsftp daemon.


First you need to install package vsftpd (very secure ftp daemon). Then you can open the configuration file /etc/vsftpd.conf. The file is pretty big, you can set almost everything. My file contains only necessary settings:

anon_mkdir_write_enable=YES # enable to create directories for anonymous users
anon_root=/var/ftp # ftp root
anon_upload_enable=YES # enable upload
anonymous_enable=YES # enable anonymous login
chroot_local_user=YES
ftpd_banner=Welcome @ KrisKo # welcome message
  idle_session_timeout=300 # idle time after the user will be disconnected
listen=YES
local_enable=NO
local_root=/var/ftp
log_ftp_protocol=NO
max_clients=3 # maximum clients
max_per_ip=3
pasv_enable=YES
pasv_max_port=40500
pasv_min_port=40000
ssl_enable=NO
ssl_sslv2=YES
ssl_sslv3=NO
ssl_tlsv1=NO
syslog_enable=NO
write_enable=YES
chown_uploads=YES # change owner for the uploaed files
chown_username=krisko # change owner to user krisko
chown_upload_mode=0744 # set the permissions for uploaded files (-rwxr--r--)
anon_umask=0002

After connecting to the ftp server, you will be redirected to the directory /var/ftp/. This directory is at the time empty, you can mount here various folders to share.

Add to the file /etc/fstab:
/home/krisko/templates /var/ftp/templates none ro,bind 0 0
/home/krisko/public /var/ftp/upload none rw,bind 0 0
- first line mounts folder templates, read-only
- second line mounts public folder serving as upload

In /var/ftp create the folders templates and upload. In /home/krisko is the public folder with permissions 777. After uploading a file, krisko will be the owner, the group will be ftp (the user krisko should be in the ftp group) and the file will have 744 permissions.