Blog

How to Install and Configure ProFTPD in RHEL / CentOS / Fedora Linux

  |   Uncategorized   |   No comment
Want create site? With Free visual composer you can do it easy.

Install ProFTPD server

Type the following command as root user:

# yum install proftpd

Start ProFTPD when the system reboot:

# chkconfig --level 3 proftpd on

To start proftpd ftp service, enter:

# service proftpd start

To Stop proftpd ftp server, enter:

# service proftpd stop

To restart proftpd ftp service, enter:

# service proftpd restart

To reload the configuration file, enter:

# service proftpd reload

/etc/proftpd.conf – Proftpd configuration file

The default configuration file is located at /etc/proftpd.conf. To edit the configuration file, enter:

# vim /etc/proftpd.conf

Checking the syntax of the configuration file

# proftpd -t6 

Virtual users authentication configuration

When you install ProFTPD, it is almost ready to use by anonymous users, you only have to uncomment anonymous section in /etc/proftpd.conf but if you want authenticated access then you must configure extra directives, keep in mind these to virtual users authentication.

  • AuthUserFile : Specify the users file, has the same format as /etc/passwd
  • AuthGroupFile : Specify the groups file, has the same format as /etc/group

Open /etc/proftpd.conf file:
# vi /etc/proftpd.conf 
These files can be created with ftpasswd tool, here is an example:
# ftpasswd --passwd --name {username} --file /etc/ftpd.passwd --uid {5000} --gid {5000} --home /var/ftp/username-home/ --shell /bin/false
# ftpasswd --group --name group1 –file /etc/ftpd.group --gid 5000 --member username

For example, add a ftp user called tom for cyberciti.biz domain (ftpcbz group):
# ftpasswd --passwd --name tom --file /etc/ftpd.passwd --uid 5001 --gid 5001 --home /var/ftp/tom/ --shell /bin/false
# ftpasswd --group --name ftpcbz –file /etc/ftpd.group --gid 5000 --member tom

Then the above directives must be set in this way :

AuthUserFile /etc/ftpd.passwd
AuthGroupFile /etc/ftpd.group

Warnings! The created user must have UNIX permission under his home directory.
The value of –shell option must be set to /bin/false if you want to improve the security of the FTP server.
Sometimes ProFTPD throws many errors when you try to authenticated trough virtual users then you must look these directives and theris recommend values.
Don’t check against /etc/shells
RequireValidShell off
Don’t check against /etc/passwd, use only AuthUserFile
AuthOrder mod_auth_file.c.
Disable PAM authentication
PersistentPasswd off
AuthPAM off

To jail users to theirs respective home directories, add following to config file:
DefaulRoot ~

Playing with files access permission

The general syntax is as follows:
Umask FILEMODE DIRMODE.
Sets the mask of the newly created files and directories. FILEMODE and DIRMODE must be an octal mode, in the format 0xxx. If DIRMODE is omitted then DIRMODE = FILEMODE.

Some examples:

Umask 022

  • The owner has rw permissions over the files and full access over directories.
  • The group has r permission over the files and rx over directories.
  • The world has r permission over the files and rx over directories.

More restrictive:
Umask 026 027 

  • The owner has rw permissions over the files and full access over directories.
  • The group has r permission over the files and rx over directories.
  • The world doesn’t have any permission over the files neither over directories.

To Deny every one except admin changes files permission via ftp put this in your context:

AllowUser admin

Did you find apk for android? You can find new Free Android Games and apps.