ProFTPd – Install with Virtual Users on CentOS 6.8

ProFTPd - Install with Virtual Users on CentOS 6.8

 

ProFTPD is an Open Source FTP Server and one of the most used, secure and reliable file transfer daemons on Unix environments, due to its file configurations simplicity speed and easy setup.

This tutorial will guide you on how you can install and use ProFTPD Server on CentOS/RHEL 6 Linux distributions for a simple file transfer from your local system accounts to remote systems.

Step 1: Install ProFTPD Server

1. Official RHEL/CentOS 6 repositories doesn’t provide any binary package for ProFTPD Server, so you need to add extra package repositories on your system provided by EPEL 6 Repo, using the following command.

2. Now it’s time to install ProFTPD Server on your system and some required ftp utilities that we will be using later by issuing following command.

 

Step 2: Configure ProFTPD

The default configuration file is located at /etc/proftpd.conf. To edit the configuration file, enter:

Checking the syntax of the configuration file

 

Open /etc/proftpd.conf file:

1. Set a server name (usually, the server’s hostname is added here):

2. Remove the comment from DefaultRoot option. This will prevent the FTP users from going outside of their default directory and, for example, to access other users’ folders.

3. Define the range of ports for passive mode connections

4. Define the files which we will use for authentication. The AuthUserFile and AuthGroupFile files will be created later, but we can define them now to complete the configuration.

5. Disable PAM authentication

6. Don’t check against /etc/shells

 

Create the files /etc/proftpd/ftpd.passwd and /etc/proftpd/ftpd.group and change the permission and ownership of the files and the proftpd folder as below :

ProFTPD runs as user nobody in the server by default. The User option from the /etc/proftpd.conf can be used to change the user under which ProFTPD is being run. Please make sure to change the ownership of the files and ProFTPD directory accordingly in case, the user has been modified.

After making these changes, restart ProFTPD using the command :

 

Step 3: Configuring iptables

We need to open ports 20, 21 and the port range that we have specified in the config file for the Passive connections.

Load ip_conntrack_ftp modul

make modprobe ip_conntrack_ftp persist a reboot

Edit /etc/sysconfig/iptables-config and add the module to IPTABLES_MODULES. The delimiter is a space. For example:

 

Step 4: Virtual users authentication configuration

When you install ProFTPD, it is almost ready to use by anonymous users, you only have to uncomment anonymous section in /etc/proftpd.conf but if you want authenticated access then you must configure extra directives, keep in mind these to virtual users authentication.

 

Check for the UID and GID of the user under which the Virtual users are created

Example

Once the UID and GID has been identified use the ftpasswd command to add the Virtual user

Add members to the group

 

Check the files /etc/proftpd/ftpd.passwd and /etc/proftpd/ftpd.group make and sure that details of the user and group have been added

 

Restart ProFTPD using the command :

 

Test yours ProFTPD Server

 

DONE

 

Sample /etc/proftpd.conf