How to install FTP server

In every company there is a need to send big files that it's impossible to send them by mail.
The most popular way to do it is to install a FTP server.
My favorite FTP package is ProFTPD .


add user proftpd
# useradd proftpd

download proftpd-1.3.2 from here:

After download the tar file, run:
# tar -zxvf proftpd-1.3.2.tar.gz
# cd proftod-1.3.2
# ./configure --prefix=/usr --sysconfdir=/etc \ --localstatedir=/var/run &&
# make
# make install


edit the configuration file
# vi /etc/proftpd.conf

copy/paste the next configuration to your proftpd.conf
ServerName                      "ProFTPD Default Installation"
ServerType                      standalone
DefaultServer                   on
RequireValidShell               off
Port                            21
PassivePorts                    60150 60200
UseReverseDNS                   off
IdentLookups                    off
ServerIdent                     on "Welcome to FTP Server"

AuthPAM                         on

Umask           022

SystemLog       /var/log/proftpd.log

MaxInstances    30

# Set the user and group under which the server will run.
User            proftpd
Group           proftpd

# Added this line to chroot users in their home dirs
#DefaultRoot     /var/www/html
DefaultRoot     ~

# Normally, we want files to be overwriteable.

AllowOverwrite          on

# A basic anonymous configuration, with no upload directories.
#User                    ftp
#Group                   ftp

# We want clients to be able to login with "anonymous" as well as "ftp".
#UserAlias               anonymous ftp

# Limit the maximum number of anonymous logins.
#MaxClients              10

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
#DisplayLogin            welcome.msg
#DisplayChdir            .message

# Limit WRITE everywhere in the anonymous chroot.
Create a file /etc/pam.d/ftp with the following content
(otherwise you will not be able to log in with system users using FTP):
# vi /etc/pam.d/ftp
auth    required     nullok
account required
session required


IF you useing IPTABLE add the lines to you iptable
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 60150:60200 -j ACCEPT
-A OUTPUT -p tcp --dport 22 -j REJECT
IF you want to Deny from FTP users access to the server via ssh run:
# vi /etc/ssh/sshd_config
and copy the next line to the end of the file
#FTP Group Block ssh Access
DenyGroups proftpd

No comments:

Post a Comment