To home page

Creating an FTP account via SSH

How to set up a dedicated FTP user on your server without a control panel.

Out of the box, your server only has the root superuser — and connecting to FTP as root is a bad idea. FTP transmits credentials in plain text, so exposing your root account over it is a serious security risk.

If your server doesn't have a control panel (cPanel, BeAdmin, aaPanel, CloudPanel, etc.), you can create a dedicated FTP user manually over SSH. Here's how.

1. Install ProFTPD (if it isn't already)

Ubuntu / Debian:

sudo apt update
sudo apt install proftpd-basic -y

CentOS / Rocky / AlmaLinux:

sudo yum install proftpd -y

Once installed, start the service and set it to launch on boot:

sudo systemctl start proftpd
sudo systemctl enable proftpd

2. Jail users to their home directory (recommended)

This step prevents FTP users from wandering outside their designated folder — a must for any multi-user setup.

Open the ProFTPD config file:

  • Ubuntu/Debian: sudo nano /etc/proftpd/proftpd.conf
  • CentOS/Rocky: sudo nano /etc/proftpd.conf

Add this line at the end of the file:

DefaultRoot ~

Save, then restart ProFTPD:

sudo systemctl restart proftpd

Our products and services

Web HostingReliable hosting services for websites of any scale.
Order
VPSFlexible cloud infrastructure with full root access.
Order
Dedicated ServersBare metal servers for maximum performance.
Order

3. Create the FTP user

An FTP user doesn't need shell access — in fact, granting it would be a security hole. We'll assign /bin/false as their shell to keep things locked down.

  1. Register /bin/false as a valid shell (if it isn't already):
echo '/bin/false' | sudo tee -a /etc/shells
  1. Create the user:
sudo useradd ftpuser -d /home/ftpuser -m -s /bin/false
  1. Set a password:
sudo passwd ftpuser

You can replace ftpuser with any username you like. The home directory /home/ftpuser will be created automatically.

4. Lock down permissions

To prevent the user from modifying anything outside their designated upload folder, tighten the permissions like this:

sudo chmod 555 /home/ftpuser
sudo mkdir /home/ftpuser/upload
sudo chown ftpuser:ftpuser /home/ftpuser/upload

The user will now only be able to upload files into the upload subfolder — nothing else is writable.

A few things to keep in mind

  • Whenever possible, prefer SFTP over FTP — it encrypts the connection, including your credentials.
  • Never use root for FTP connections, under any circumstances.
  • After creating the user, test the connection right away using an FTP client like FileZilla or WinSCP.
  • If you need to manage multiple FTP users, a control panel (aaPanel, BeAdmin, CloudPanel, cPanel, etc.) will save you a lot of time.

Help

If you have any questions or need assistance, please contact us through the ticket system — we're always here to help!

Need help?Our engineers will help you free of charge with any question in minutesContact us