In this blog we will show how to setup an FTP on AWS machine. They heydays of FTP (File Transfer Protocol) maybe over and it is not as popular as it used to be. I personally have not used FTP for several years. Several professional IP and CCTV cameras support FTP. It is an easy way to setup a central repository for all your CCTV cameras online. All the CCTV cameras can upload the camera feed or snapshots to an FTP server. This server can serve as a repository for one or more cameras. We will now look at how to setup FTP on an AWS EC2 Ubuntu machine. AWS provides a service called SFTP, which is too expensive. Setting up an FTP server on an EC2 machine is a much better alternative.
Step 1: Create an EC2 machine with Ubuntu 16.04 AMI
Log in to your AWS account and launch an Ubuntu 16.04 machine. You can use the smallest machine to begin with. The storage will be a function of the amount of data you want to store. We will use a 20 GB machine in the demo.
Step 2: Security groups
Expose ports 20-21 for FTP access and ports 1024-1048 as passive ports.
Step 3: Installation of vsftpd
VSFTPD or very secure file transfer protocol deamon is an open source FTP server for unix based systems.
sudo apt-get update sudo apt-get install vsftpd
Step 4: Updates to the config file
Open the vsftpd file as super user for editing
sudo vim /etc/vsftpd.conf
Make the following edits
- Enable listening for IPV4
- Disable anonymous access
- Permit any form of FTP write command
- Make sure PORT transfer connections originate from port 20 (ftp-data) by uncommenting this line
- Add the following lines at the end of file. These lines are required to enable passive access, which means a client can now initiate a connection to the server. The public IP address of the server is also required here.
- The final lines specify the file valid user names
pasv_enable=YES pasv_min_port=1024 pasv_max_port=1048 pasv_address=220.127.116.11 port_enable=YES userlist_enable=YES userlist_file=/etc/vsftpd.userlist userlist_deny=NO
Step 5: Add user and setup directory
We will now create a user and prepare the directory for access. We will call the user aloka for now, when prompted add a password and you can just press enter for the other prompts, letting the defaults continue.
sudo adduser aloka
Create the user file list and the new user
echo "aloka" | sudo tee -a /etc/vsftpd.userlist
Restart FTP service so that the new configuration is activated
sudo service vsftpd start
Your FTP service is now ready for use. You can connect to your FTP server using the command with your public IP address. The default directory will the home of the user, which in this case is /home/aloka
ftp -p <public_ip>
Use the credentials created in step 5 to access the FTP service.
Step 6 Congratulations
Your FTP service is now up and ready to use.