To establish reliable network connectivity and enable file transfers on an Ubuntu 22.04 server, configuring a static IP address and deploying a secure FTP service are foundational steps. This guide walks through both procedures using modern, declarative configuration methods and industry-standard tools.

Assigning a Static IP Address

Ubuntu 22.04 uses Netplan for network configuration. Begin by identifying the active interface:

ip -br link show | grep UP

This typically returns an interface like ens33 or eth0. Next, locate the Netplan configuration file:

ls /etc/netplan/*.yaml

Edit the primary configuration (e.g., /etc/netplan/01-network-manager-all.yaml) with elevated privileges:

sudo nano /etc/netplan/01-network-manager-all.yaml

Replace its contents with a static IPv4 configuration — for example, assigning 192.168.1.11/24 with gateway and DNS:

network:
  version: 2
  renderer: networkd
  ethernets:
    ens33:
      dhcp4: no
      addresses: [192.168.1.11/24]
      routes:
        - to: default
          via: 192.168.1.1
      nameservers:
        addresses: [8.8.8.8, 1.1.1.1]

Apply changes and verify:

sudo netplan apply
ip a show ens33 | grep "inet "
ping -c 3 www.google.com

Remote Server Management via SSH

Once the static IP is confirmed, configure local hostname resolution. On Windows, add the following line to C:\Windows\System32\drivers\etc\hosts:

192.168.1.11 test-001

Then open PowerShell and connect securely:

ssh ubuntu@test-001

Replace ubuntu with your actual username. Use key-based authentication for improved security.

Deploying a Secure FTP Service with vsftpd

Install and initialize the FTP daemon:

sudo apt update && sudo apt install -y vsftpd
sudo systemctl enable vsftpd
sudo systemctl start vsftpd

Confirm operational status:

systemctl is-active vsftpd

Edit the main configuration file:

sudo nano /etc/vsftpd.conf

Apply these essential settings to enforce authentication, confinement, and write access:

anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
allow_writeable_chroot=YES
local_root=/srv/ftp/uploads

Create the designated upload directory with appropriate permissions:

sudo mkdir -p /srv/ftp/uploads
sudo chown -R ubuntu:ubuntu /srv/ftp/uploads
sudo chmod 755 /srv/ftp/uploads

Restart the service to load changes:

sudo systemctl restart vsftpd

Testing File Transfers

From a Windows PowerShell session, initiate an FTP client connection:

ftp test-001

After authenticating, switch to binary mode and upload a test file:

bin
put "C:\temp\sample.pdf" sample.pdf

To download it back:

lcd C:\temp\downloads
get sample.pdf

Verify uploaded content on the server:

ls -l /srv/ftp/uploads

Attempting navigation outside the chroot (e.g., cd /etc) should fail — confirming effective directory isolation.

Security Notes

• Avoid chmod 777 in production; prefer restrictive ownership and group-based access control.
• Consider enabling TLS via ssl_enable=YES and certificate configuration for encrypted transfers.
• Firewall rules (e.g., ufw allow 20,21,990,40000:41000/tcp) may be required if UFW is active.