Managing users on an Ubuntu FTP server primarily involves using vsftpd (Very Secure FTP Daemon), the most common FTP server software. Below is a structured guide covering installation, user creation/deletion, permission management, and key configurations.
Before managing users, install vsftpd via the terminal:
sudo apt update
sudo apt install vsftpd
During installation, you’ll be prompted to start the service automatically—select Yes.
Edit the vsftpd configuration file to enable core user-related features:
sudo nano /etc/vsftpd.conf
Set the following key options (uncomment or modify as needed):
local_enable=YES: Allow local system users to log in.write_enable=YES: Enable file uploads/downloads.chroot_local_user=YES: Restrict users to their home directories (security best practice).allow_writeable_chroot=YES: Permit writes in chroot directories (required if chroot_local_user=YES).userlist_enable=YES: Use a user list to control access.userlist_file=/etc/vsftpd.user_list: Path to the user list file.userlist_deny=NO: Allow only users in the list to log in (set to YES to deny them).Use the adduser command to create a new user (this also creates a home directory):
sudo adduser ftpuser
Follow prompts to set a password and optional details (e.g., full name).
To prevent the user from logging into the system via SSH, modify their shell to /sbin/nologin:
sudo usermod -s /sbin/nologin ftpuser
Ensure the user’s home directory is owned by them and has correct permissions:
sudo chown ftpuser:ftpuser /home/ftpuser
sudo chmod 755 /home/ftpuser
This allows the user to read/write files in their directory while restricting access to others.
The /etc/vsftpd.user_list file controls which users can log in. By default, it’s empty—add allowed users one per line:
sudo nano /etc/vsftpd.user_list
Enter usernames (e.g., ftpuser), save, and exit.
After modifying the user list or config file, restart the service:
sudo systemctl restart vsftpd
Use the deluser command to remove the user and their home directory:
sudo deluser ftpuser --remove-home
This deletes the user account and all associated files.
If you want to retain the user but block FTP access, simply remove their username from /etc/vsftpd.user_list and restart vsftpd.
Fine-tune user access with these common settings in /etc/vsftpd.conf:
chroot_local_user=YES: Locks users to their home directories (prevents accessing other parts of the server).chroot_list_enable=YES: Allows specific users to bypass chroot (useful for admins). Create /etc/vsftpd.chroot_list and add exempt users.write_enable=YES: Enables file modifications (uploads/deletes).local_umask=022: Sets default file permissions (e.g., 755 for directories, 644 for files).Ensure anonymous access is turned off:
anonymous_enable=NO
Use an FTP client (e.g., FileZilla) or command line to verify user access:
ftp your_server_ip
Enter the FTP username and password. If configured correctly, you should be able to log in and access the user’s home directory.
By following these steps, you can effectively manage FTP users on Ubuntu, ensuring secure and controlled access to your server. Always remember to restart vsftpd after making configuration changes to apply them.
