How to setup vsftpd FTP with SSL on Ubuntu 12.04

This tutorial teaches you, how to setup vsftpd server on Linux based dedicated Web server. The tutorial also teaches you how to add the ftp users and lock the directory to individual users(In this scenario,lock the users into their individual web directory).

In Ubuntu 12.04, vsftpd with chrooted users gives the following error message:

500 OOPS: vsftpd: refusing to run with writable root inside chroot ()

To overcome this problem, we need to add the following vsftpd PPA:

sudo add-apt-repository ppa:thefrontiergroup/vsftpd

Updates the local repository (package list):

sudo apt-get update

Install the vsftpd using the following command:

sudo apt-get install vsftpd

Create the directory to store SSL Certificate:

sudo mkdir /etc/vsftpd

Change the directory to /etc/vsftpd/ and create a SSL certificate for vsftpd:

cd /etc/vsftpd/

/usr/bin/openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem

Edit the configuration file:

sudo nano /etc/vsftpd.conf

Delete everything inside the file and add the following lines (or adjust it according to your need):


In my case, three virtual hosts are running on this Web server, so I’ll create three users(one for each) without shell access and their web directory as their home directory:

sudo useradd -d /var/www/tendo -s /usr/sbin/nologin tendo
sudo useradd -d /var/www/rbgeek -s /usr/sbin/nologin rbgeek
sudo useradd -d /var/www/linuxsoft -s /usr/sbin/nologin linuxsoft

Setup a password for each user:

sudo passwd tendo
sudo passwd rbgeek
sudo passwd linuxsoft

To enable the users to read and write data in their home directory, change the group ownership (or ownership as per your requirement):

cd /var/www/
sudo chown -R www-data:linuxsoft linuxsoft 
sudo chown -R www-data:rbgeek rbgeek
sudo chown -R www-data:tendo tendo

Change the permission too (adjust as per your requirement):

sudo chmod -R 0775 linuxsoft
sudo chmod -R 0775 rbgeek
sudo chmod -R 0775 tendo

Check the permission after modification:

ls -l

After completing all these steps,add a nologin to the shell set:

sudo nano /etc/shells

Add this line at the end:


Restart the vsftpd service:

sudo service vsftpd restart

FileZilla settings for Windows,we need to select “Require explicit FTP over TLS“,so that user can log in with SSL:

When user connect, it will be required to accept the certificate, either self-signed or the default for vsftp:

After successful connection, user will see his home directory:

Hope this will help you!

Please Remember me in your prayers!

Enjoy :-)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: