Ubuntu FTP Server User Management Guide

Managing users on an Ubuntu FTP server primarily involves using vsftpd (Very Secure FTP Daemon), the most common FTP server software. Below is a structured guide covering installation, user creation/deletion, permission management, and key configurations.

1. Install vsftpd

Before managing users, install vsftpd via the terminal:

sudo apt update
sudo apt install vsftpd

During installation, you’ll be prompted to start the service automatically—select Yes.

2. Configure vsftpd for User Management

Edit the vsftpd configuration file to enable core user-related features:

sudo nano /etc/vsftpd.conf

Set the following key options (uncomment or modify as needed):

• local_enable=YES: Allow local system users to log in.
• write_enable=YES: Enable file uploads/downloads.
• chroot_local_user=YES: Restrict users to their home directories (security best practice).
• allow_writeable_chroot=YES: Permit writes in chroot directories (required if chroot_local_user=YES).
• userlist_enable=YES: Use a user list to control access.
• userlist_file=/etc/vsftpd.user_list: Path to the user list file.
• userlist_deny=NO: Allow only users in the list to log in (set to YES to deny them).

3. Create FTP Users

Add a System User for FTP

Use the adduser command to create a new user (this also creates a home directory):

sudo adduser ftpuser

Follow prompts to set a password and optional details (e.g., full name).

Restrict Shell Access (Optional but Recommended)

To prevent the user from logging into the system via SSH, modify their shell to /sbin/nologin:

sudo usermod -s /sbin/nologin ftpuser

Set Home Directory Permissions

Ensure the user’s home directory is owned by them and has correct permissions:

sudo chown ftpuser:ftpuser /home/ftpuser
sudo chmod 755 /home/ftpuser

This allows the user to read/write files in their directory while restricting access to others.

4. Manage User Access via User List

The /etc/vsftpd.user_list file controls which users can log in. By default, it’s empty—add allowed users one per line:

sudo nano /etc/vsftpd.user_list

Enter usernames (e.g., ftpuser), save, and exit.

Restart vsftpd to Apply Changes

After modifying the user list or config file, restart the service:

sudo systemctl restart vsftpd

5. Delete FTP Users

Option 1: Delete the System User (Recommended)

Use the deluser command to remove the user and their home directory:

sudo deluser ftpuser --remove-home

This deletes the user account and all associated files.

Option 2: Remove from User List Only

If you want to retain the user but block FTP access, simply remove their username from /etc/vsftpd.user_list and restart vsftpd.

6. Configure User Permissions

Fine-tune user access with these common settings in /etc/vsftpd.conf:

Chroot Restrictions

• chroot_local_user=YES: Locks users to their home directories (prevents accessing other parts of the server).
• chroot_list_enable=YES: Allows specific users to bypass chroot (useful for admins). Create /etc/vsftpd.chroot_list and add exempt users.

Write Permissions

• write_enable=YES: Enables file modifications (uploads/deletes).
• local_umask=022: Sets default file permissions (e.g., 755 for directories, 644 for files).

Anonymous Access (Disable for Security)

Ensure anonymous access is turned off:

anonymous_enable=NO

7. Test FTP Connectivity

Use an FTP client (e.g., FileZilla) or command line to verify user access:

ftp your_server_ip

Enter the FTP username and password. If configured correctly, you should be able to log in and access the user’s home directory.

By following these steps, you can effectively manage FTP users on Ubuntu, ensuring secure and controlled access to your server. Always remember to restart vsftpd after making configuration changes to apply them.

声明：本文内容由网友自发贡献，本站不承担相应法律责任。对本内容有异议或投诉，请联系2913721942#qq.com核实处理，我们将尽快回复您，谢谢合作！