In a web hosting environment, running a FTP server is an essential function and it give client access to file servers. In this blog post lets look at how to install and configure ProFTPD on a Linux server.
The File Transfer Protocol (FTP) is a standard network protocol used for the transfer of files between a client and server on a computer network. FTP is built on a client-server architecture and uses separate control and data connections between the client and the server. The FTP functions are used to open, login and close connections, as well as upload, download, rename, delete, and get information on files from file servers.
ProFTPD (short for Pro FTP daemon) is one of the a most popular FTP servers in Unix based environments. This is the most feature rich server with highly configurable options. It is designed to be light-weight and is fast & secure.
- Proftpd Easy configuration
- Configure Multiple virtual FTP
- Anonymous FTP services
- Secure code for admin and developers
- Allows SQL databases, LDAP servers, SSL/TLS encryption on transfer
To install and configure ProFTPD, you need to download ProFTPD packages with latest version using wget command and extract that file from the archive which you have downloaded on the server.
# cd /opt/download
# wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.5.tar.gz
# tar -xf proftpd-1.3.5.tar.gz
Configure and setup proftpd on the server
# ./configure –prefix=/usr –with-includes=/usr/local/ssl/include –with-libraries=/usr/local/ssl/lib –enableopenssl
# make && make install
You can find out the ProFTPD installed location by whereis command:
# whereis proftpd
proftpd: /usr/sbin/proftpd /etc/proftpd /usr/etc/proftpd.conf /usr/lib/proftpd /usr/include/proftpd
To know more on the Proftd version used, configuration details, modules installed, and the location of the configuration file, you can this single command:
Configure Secure FTP:
We have to modify the few configuration on the configuration file for connecting secure FTP. So, carry out the below given changes in the proftpd.conf file on the server.
# This is a basic ProFTPD configuration file (rename it to # 'proftpd.conf' for actual use. It establishes a single server # and a single anonymous login. It assumes that you have a user/group # "nobody" and "ftp" for normal operation and anon. ServerName "ProFTPD Default Installation" ServerType standalone DefaultServer on SFTPEngine on SFTPLog /etc/proftpd/sftp.log AuthPAM off # Port 21 is the standard FTP port. Port 1615 # Don't use IPv6 support by default. UseIPv6 off # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 SFTPHostKey /etc/ssh/ssh_host_rsa_key SFTPHostKey /etc/ssh/ssh_host_dsa_key SFTPAuthorizedUserKeys file:/root/.ssh/authorized_keys SFTPCompression delayed MaxLoginAttempts 4 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd). MaxInstances 30 # Set the user and group under which the server will run. User root Group nobody # To cause every FTP user to be "jailed" (chrooted) into their home # directory, uncomment this line. DefaultRoot ~ AuthUserFile /etc/proftpd/passwd.vhosts # Normally, we want files to be overwriteable. AllowOverwrite on # Bar use of SITE CHMOD by default DenyAll # A basic anonymous configuration, no upload directories. If you do not # want anonymous users, simply delete this entire section. User ftp Group ftp # We want clients to be able to login with "anonymous" as well as "ftp" UserAlias anonymous ftp # Limit the maximum number of anonymous logins MaxClients 20 # We want 'welcome.msg' displayed at login, and '.message' displayed # in each newly chdired directory. DisplayLogin welcome.msg DisplayChdir .message # Limit WRITE everywhere in the anonymous chroot DenyAll
How to Start, Stop, and Restart the ProFTPD Service:
To initiate the proftpd services everytime the computer boots, do run the below commands on linux.
# cp /opt/download/proftpd-1.3.5/contrib/dist/rpm/proftpd.init.d /etc/init.d/proftpd
# cd /etc/init.d
# chmod 0755 proftpd
Start proftpd service, once you have done the configuration.
# /etc/init.d/proftpd start
Starting proftpd: [ok]
# /etc/init.d/proftpd stop
Shutting down proftpd: [ok]
# /etc/init.d/proftpd status
proftpd (pid 16555) is running
Now that you have installed and configured the ProFTPD, here is the command to ensure if it is connecting to the correct port 1615
#netstat -anp | grep proftpd
tcp 0 0 0.0.0.0:1615 0.0.0.0:* LISTEN 16555/proftpd
unix 2 [ ] DGRAM 87318336 16555/proftpd
Now your server is ready to connect through Secure FTP (SFTP) and you may use Filezilla or or any other File Transfer client software for uploading/downloading files.