I am creating custom AMI from very well prepared Ubuntu 9.04 Jaunty (Server) AMI by Eric Hammond. In process, I decided to ship vsftpd (simple and very stable ftp server) by default with my AMI. So, I went on with installing vsftpd:
apt-get install vsftpd
I further configured installed FTP server (/etc/vsftpd.conf):
anonymous_enable=NO # don't want anonymous access pasv_enable=YES # enable passive mode pasv_min_port=50000 pasv_max_port=50100 pasv_address=YOUR_INSTANCE_ASSOCIATED_IP local_enable=YES # enable local users to login into system write_enable=YES # enable local users to execute FTP write commands
Everything is pretty much simple, probably except for pasv ports. In a nutshell, passive mode means server handles which ports are used for data transfers, and we are using ports in range of 50000-50100. Now any system user should be able to login into your server via ftp. If you need further info regarding laying down the user accounts read my previous post.
One last thing – data ports should be accessible (which is obvious but I have spent half an hour figuring out why I can login via ftp, but cannot execute LIST command), so configure your authorization group accordingly:
ec2-authorize default -p 50000-50100 #open ports for default group
I hope it saves you some time.
Have a nice weekends!
If you need more info on how FTP functions here is good overview.
