grommer
25th March 2004, 10:46 PM
This is my first howto, so bare with me on this.
Edit:
Why use ProFTP you might ask?? Well, first off, it's easy as heck to setup, there's not many dependencys for it. For me it's been about a 100% more secure than Vsftp (very secure ftp). Then again, security is always relative to how your particular system is setup.
Let's first start by actually getting proftp. If you're using apt-get, simply at a command line
apt-get install proftpd
If you're using yum I believe (I dont use yum so feel free to correct me here) it would be
yum install proftpd.
Adding users and securing them. We want to make sure our ftp server is secure, so let's make sure users dont get access to a valid shell.
We need to first edit
/etc/shells
and add the line
/bin/false
to the file. False does absolutely nothing. Look at the man pages on it if you dont believe me :)
After that we need to create some users that can actually access the server. Decide on a base directory where you want your users to be able to upload and download. Since my FTP server is mostly there just so I can upload my web pages to it I like to set mine to the directory of which Apache (httpd) serves pages from i.e /var/www/html. Next, let's set permissions on this directory structure
chown -R 770 /var/www/html
So, using groupadd or under the main menu, go to system settings > users and groups . From there click on add group. I called mine ftp-users, but you can call them whatever you want. Let's go ahead and add some users now. Again using the user and groups tools, add a user, and make sure the shell is set to /bin/false. It should be in the dropdown menu since we've added it to the /etc/shells. Set the default directory of the users to that of where the main upload and download folders will be. In my case it is /var/www/html
Now looking at the users and groups you should see a user or multiple users, the group they belong to which should be ftp-users, their login shell must be /bin/false and their home directory should be /whatever/ or again in my case /var/www/html
The config file of proftpd is located at /etc/proftpd.conf , it's quite simple and straightforward. I've never had to change much in there except for perhaps the port number, or the welcome message. It can get pretty complicated if you're wanting to work with virtual directorys and anonymous users. After that, it should be up and running. You stop and start it through the main menu > system settings > server settings.
If there's something I've missed, or you need help with, feel free to send me a private message, I'd love to help. !!
Edit:
Why use ProFTP you might ask?? Well, first off, it's easy as heck to setup, there's not many dependencys for it. For me it's been about a 100% more secure than Vsftp (very secure ftp). Then again, security is always relative to how your particular system is setup.
Let's first start by actually getting proftp. If you're using apt-get, simply at a command line
apt-get install proftpd
If you're using yum I believe (I dont use yum so feel free to correct me here) it would be
yum install proftpd.
Adding users and securing them. We want to make sure our ftp server is secure, so let's make sure users dont get access to a valid shell.
We need to first edit
/etc/shells
and add the line
/bin/false
to the file. False does absolutely nothing. Look at the man pages on it if you dont believe me :)
After that we need to create some users that can actually access the server. Decide on a base directory where you want your users to be able to upload and download. Since my FTP server is mostly there just so I can upload my web pages to it I like to set mine to the directory of which Apache (httpd) serves pages from i.e /var/www/html. Next, let's set permissions on this directory structure
chown -R 770 /var/www/html
So, using groupadd or under the main menu, go to system settings > users and groups . From there click on add group. I called mine ftp-users, but you can call them whatever you want. Let's go ahead and add some users now. Again using the user and groups tools, add a user, and make sure the shell is set to /bin/false. It should be in the dropdown menu since we've added it to the /etc/shells. Set the default directory of the users to that of where the main upload and download folders will be. In my case it is /var/www/html
Now looking at the users and groups you should see a user or multiple users, the group they belong to which should be ftp-users, their login shell must be /bin/false and their home directory should be /whatever/ or again in my case /var/www/html
The config file of proftpd is located at /etc/proftpd.conf , it's quite simple and straightforward. I've never had to change much in there except for perhaps the port number, or the welcome message. It can get pretty complicated if you're wanting to work with virtual directorys and anonymous users. After that, it should be up and running. You stop and start it through the main menu > system settings > server settings.
If there's something I've missed, or you need help with, feel free to send me a private message, I'd love to help. !!