How to setup vsftpd FTP with SSL on Ubuntu 12.04 Rumi, December 7, 2015December 7, 2015 This tutorial teaches you, how to setup vsftpd server on Linux based dedicated Web server. The tutorial also teaches you how to add the ftp users and lock the directory to individual users(In this scenario,lock the users into their individual web directory). In Ubuntu 12.04, vsftpd with chrooted users gives the following error message: 500 OOPS: vsftpd: refusing to run with writable root inside chroot () To overcome this problem, we need to add the following vsftpd PPA: sudo add-apt-repository ppa:thefrontiergroup/vsftpd Updates the local repository (package list): Install the vsftpd using the following command: sudo apt-get install vsftpd Create the directory to store SSL Certificate: sudo mkdir /etc/vsftpd Change the directory to /etc/vsftpd/ and create a SSL certificate for vsftpd: cd /etc/vsftpd/ /usr/bin/openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem Edit the configuration file: sudo nano /etc/vsftpd.conf Delete everything inside the file and add the following lines (or adjust it according to your need): listen=YES anonymous_enable=YES local_enable=YES write_enable=YES dirmessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES chroot_local_user=YES allow_writeable_chroot=YES secure_chroot_dir=/var/run/vsftpd/empty pam_service_name=vsftpd ssl_enable=Yes force_local_data_ssl=YES force_local_logins_ssl=YES ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO rsa_cert_file=/etc/vsftpd/vsftpd.pem In my case, three virtual hosts are running on this Web server, so I’ll create three users(one for each) without shell access and their web directory as their home directory: sudo useradd -d /var/www/tendo -s /usr/sbin/nologin tendo sudo useradd -d /var/www/rbgeek -s /usr/sbin/nologin rbgeek sudo useradd -d /var/www/linuxsoft -s /usr/sbin/nologin linuxsoft Setup a password for each user: sudo passwd tendo sudo passwd rbgeek sudo passwd linuxsoft To enable the users to read and write data in their home directory, change the group ownership (or ownership as per your requirement): cd /var/www/ sudo chown -R www-data:linuxsoft linuxsoft sudo chown -R www-data:rbgeek rbgeek sudo chown -R www-data:tendo tendo Change the permission too (adjust as per your requirement): sudo chmod -R 0775 linuxsoft sudo chmod -R 0775 rbgeek sudo chmod -R 0775 tendo Check the permission after modification: ls -l After completing all these steps,add a nologin to the shell set: sudo nano /etc/shells Add this line at the end: /usr/sbin/nologin Restart the vsftpd service: sudo service vsftpd restart FileZilla settings for Windows,we need to select “Require explicit FTP over TLS“,so that user can log in with SSL: When user connect, it will be required to accept the certificate, either self-signed or the default for vsftp: After successful connection, user will see his home directory: Src: https://rbgeek.wordpress.com/2012/11/20/how-to-setup-vsftpd-ftp-with-ssl-on-ubuntu-12-04/ Administrations DebianFTPSSLUbuntuvsftpd