sudo apt-get update
sudo apt install vsftpd
sudo cp /etc/vsftpd.conf /etc/vsftpd.conf_default
sudo nano /etc/vsftpd.conf
#Configuration for TLS (we'll create the cretificates later)
rsa_cert_file=/etc/ssl/certs/vsftpdcertificate.pem
rsa_private_key_file=/etc/ssl/private/vsftpdserverkey.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
require_ssl_reuse=NO
ssl_ciphers=HIGH
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
#Assign Passive port range
pasv_min_port=12001
pasv_max_port=12005
sudo useradd –m testuser
sudo password testuser
You can limit the user access to the home the home directory, so to change user's home directory to /var/www/
usermod --home /var/www/ testuser
And to limit the access you must enable the following line in the vsftp config file (/etc/vsftpd.conf) by removing the hashtag, if the line is not present you can add it
chroot_local_user=YES
Using the command:
sudo openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ssl/private/vsftpdserverkey.pem -out /etc/ssl/certs/vsftpdcertificate.pem -days 365
if you change any of the names used in here you can, but remember to also change them in the /etc/vsftpd.conf file.
sudo systemctl restart vsftpd
you can check the status using
sudo systemctl status vsftpd