Ubuntu – Set Up Single Directory FTP Access for Customer

amazon-web-servicesftpUbuntuusers

I have a user who like to use the our Bitnami AWS ec2 instance to store podcasts. Up to this point they have been using http://www.lemonzdream.com/podcastmaker/ with MobileMe. Now that MM is dead, they just need some dedicated space to serve files from.

They aren't very tech savvy and setting up SFTP for them isn't ideal. I would like to give them a separate FTP account that will restrict access to a single web directory that they can upload to. The cloud image currently has a FTP server running but listening only in 127.0.0.1. The bitnami admin account is the only user.

Thoughts on how to do this?

Best Answer

Install vsftpd

apt-get install vsftpd

First, be sure to open ports 35000:36000 on the firewall to permit PASV FTP.

Then for your /etc/vsftpd.conf 

listen=YES
anonymous_enable=NO
local_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
hide_ids=YES
use_localtime=YES
nopriv_user=ftp
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
guest_enable=YES
guest_username=ftp
user_config_dir=/etc/vsftpd_user_conf
ftpd_banner=My FTP Server
virtual_use_local_privs=YES
anon_upload_enable=NO
async_abor_enable=YES
pasv_min_port=35000
pasv_max_port=36000
pasv_enable=YES
port_enable=YES
write_enable=NO

Then to create a user, run,

/bin/htpasswd /etc/ftpd.passwd myusername

Then create the accompanying file in /etc/vsftpd_user_conf/myusername

guest_username=myuser
local_root=/home/myuser
write_enable=yes

The user connects as the guest_username stated, so it allows you to have multiple FTP users with different access, but all the while, preserving important file-level owner permissions.

That will give you a nice simple, chrooted, secure, isolated and manageable FTP configuration.

You're welcome.

Related Topic