Source environment: Ubuntu
1. Install vsftpd
apt-get install vsftpd
2. Edit default config at /etc/vsftpd.conf
Make sure the you enable these:
# (default follows)
Ensure this is disabled:
and add the following to the end:
pasv_address=18.104.22.168 # REPLACE THIS WITH YOUR IP
max, min ports could be anything high enough not to overlap with other services. Those ports will also need to be open in your security group if you’re using EC2
3. Create/edit /etc/vstfp.chroot_list
Add usernames that you don’t want to chroot.
4. Create users for FTP access:
5. Ensure the home folder of a user is not writable(!) This is new since VSFTP 2.3.5 I believe.
chmod a-w /home/USERNAME
6. Create folders under /home/USERNAME for a user to upload stuff to, since a user won’t be able to upload to the root of /home/USERNAME