FTP Copy with vsftpd FTP server

Owned by Edwin Elia
Nov 14, 2020
1 min read

One of the most common way to set up FTP server on a VM is to use vsftpd. However, leaving the default configuration and opening port 21 (default FTP port) in the firewall ingress rule will not make FTP Copy work. This document will explain the additional configuration required for vsftpd FTP server.

Background Information

FTP Copy transfer data using FTP passive mode. The FTP port (default port 21) is only used to establish TCP connection and authenticates. The data transfer will proceed with on the passive ports. Therefore, the FTP server have to define the passive port range, and the firewall ingress rule for the FTP server have to allow that specific range.

vsftpd Configuration

  1. Edit the vsftpd configuration, located at /etc/vsftpd.conf

  2. Add the following configurations (in this case with the port range from 12000 to 12100)

pasv_min_port=12000 pasv_max_port=12100

3. Restarts the vsftpd

sudo /etc/init.d/vsftpd restart

Firewall rule

Open Firewall ingress for TCP port 12000-12100, in addition to port 21.