<---- template headericclude ----->
how-to: PROFTPD on Fedora 10
FedoraForum.org - Fedora Support Forums and Community
Results 1 to 15 of 15
  1. #1
    Join Date
    Feb 2009
    Posts
    130
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    how-to: PROFTPD on Fedora 10

    Hi, this will be my first how-to on these forums, so bare with me! Any pointers or advice are very welcome.


    First, let's start with proftpd. What, Why and How?

    link: http://www.proftpd.org/
    I have had no previous experience with setting up an ftp whatsoever in the past, but this week, I got bored with constantly accessing my external hard drive for every file I need to transfer between my computers. Therefore, i needed something easy and quick to install, without having to configure too much. If you need to know more about the history of proftpd, plz click the link above.
    The next how-to is based on several (outdated) websites I read, together with my own experiences. I hope it'll help someone who wants to do the same thing.

    Installation

    If you don't have internet (like I did my first month on Fedora, damn wifi support :P), you can download proftpd manually from any repository (assuming you have another computer with internet off course): http://rpm.pbone.net/

    If you do have internet (like a sensible person does), just use yum. First check if it isn't installed allready, if not then go ahead and install it.

    yum info proftpd
    sudo yum install proftpd

    Configuration

    first of all, you can create a new account on your linux machine if needed. This will be the account which can be used by the ftp server.

    > Menu > Administration > Users and Groups (enter root password)
    > Add User
    -------> User Name: ftp (or whatever you want)
    -------> Password: ftp (or whatever you want)
    -------> Create home directory: tick this off... we don't need it
    -------> Login Shell: /sbin/nologin

    Check whether the 'ftp' user is in the 'ftp' group!

    Next up is the actual proftpd configuration. For this, we need to edit the file /etc/proftpd.conf. First start by making a backup file for when things go wrong. Afterwards, open the config file and start editing:

    sudo cp /etc/proftpd.conf /etc/proftpd.conf_backup
    sudo nano /etc/proftpd.conf (use whatever editor you like, i always use nano :P)
    I copy-pasted a very basic configuration file below. Make sure that the 'User' and 'Group' settings are related to the account you made above.

    HTML Code:
    #make sure this file is /etc/proftpd.conf
    #and is owned by 'root' who has read+write rights
    
    ServerName			"LOLLYSERVER"
    ServerIdent			on "LOLLYSERVER ready."
    ServerAdmin			lollysticky@LOLLYSERVER.com
    ServerType			standalone
    DefaultServer			on
    Port				21		#standard FTP port
    Umask 				022		#prevent new dirs and files to be writable by everyone
    MaxInstances			10		#maximum number of child processes
    TimeoutStalled			100		#maximum number of seconds a data connection is allowed to stall
    
    User				nobody	        #user and group that the server runs at
    Group				ftp		#group with little privileges
    AuthPAM				off
    
    
    
    <Global>
            DefaultRoot             ~	         #put '~' here if you want non-anonymous users to be chrooted to their homedir
            ListOptions             "-a"             #list 'invisible' directories and files
    </Global>
    
    <Anonymous ~ftp>
            User                    ftp
            Group                   ftp
            UserAlias               anonymous ftp   #be able to login as both 'ftp' and 'anonymous'
            MaxClients              10 "Sorry, max %m users -- try again later"
            DefaultChdir            /pub            #/var/ftp/pub
            RequireValidShell	off             #don't give a valid shell to user ftp
            DisplayLogin            welcome.msg
            #DisplayFirstChdir	.message
            AccessGrantMsg          "User %u logged in."
    </Anonymous>


    After editing the configuration file to your liking, it is probably very wise to check it for errors. When performing this command, you should get "Syntax check complete." back in the console window. Check if it displays errors. If it does, you need to recheck your configuration file to find the errors.

    sudo proftpd -td5
    Make sure that the '/etc/sysconfig/proftpd' file contains this line at the bottom (to enable anonymous login)
    PROFTPD_OPTIONS="-DANONYMOUS_FTP"

    If everything went well, it is time to start the ftp server and check if everything works well.

    sudo /etc/init.d/proftpd start
    ps -ef | grep proftpd
    The first command should return "Starting proftpd: [ OK ]". The second one should return something similar to:

    [lollysticky@LOLLYSTICKY Documents]$ ps -ef | grep proftpd
    proftpd 4328 1 0 19:19 ? 00:00:00 proftpd: (accepting connections)
    500 4339 4269 0 19:21 pts/1 00:00:00 grep proftpd

    Connecting

    Let's try to connect to the ftp:
    you can connect using your normal linux username (in my case: lollysticky), or you can use 'ftp' or 'anonymous' to connect. With the accounts 'ftp' and 'anonymous', you only need to enter your email (or nothing) as a password.
    If you logged in with the linux username, you'll be directed to your home directory. When you use 'ftp' or 'anonymous' to login, the linux system will 'chroot' you to /var/ftp/, which will be seen as the ftp 'root'.


    I then tried to connect remotely to my ftp server with several programs (Transmit, FileZilla,...). This succeeded both from my own home network as from a remote area.


    I hope this will helpe someone. If there is need for more pictures, just ask!

    -lollysticky-
    Last edited by lollysticky; 30th September 2010 at 01:15 PM. Reason: Due to some different configurations in recent ProFTPD versions, I updated this post

  2. #2
    Join Date
    Feb 2009
    Posts
    130
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'll be updating this thread while I keep on discovering things:

    next up: security...

    anonymous logins are well... but virtually anyone could access the ftp. The next step is to assign passwords to the accounts as a first line of defence


    How?
    You can do it manually By going to the User Manager (see first post). If you don't see the user 'ftp' in the list, click Edit > Preferences and tick off the "Hide system users and groups" option. Now you'll see a whole bunch of users. Locate 'ftp' and click Properties to assign a password. You could also do it via the console:

    sudo passwd ftp
    (fill in the password you like)
    After doing that we'll have to edit the /etc/proftpd.conf file again.
    locate the <Anonymous ~ ftp> section and make the first lines look like this (and recheck your config after you edit with the command from the first post):

    <Anonymous ~ftp>
    User ftp
    Group ftp
    AnonRequirePassword on
    restart the ftp (sudo /etc/init.d/proftpd restart). When you connect to the ftp (using both the usernames 'ftp' and 'anonymous'), you'll be prompted for a password. This will be the password of the ftp user you previously configured.
    Last edited by lollysticky; 30th September 2010 at 01:12 AM.

  3. #3
    Join Date
    Jul 2009
    Posts
    16
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Login failed...

    [root@localhost ftp]# ftp localhost
    Trying ::1...
    Connected to localhost (::1).
    220 ProFTPD 1.3.2d Server (Basic FTP server) [::1]
    Name (localhost:riko): ftp
    331 Anonymous login ok, send your complete email address as your password
    Password:
    530 Login incorrect.
    Login failed.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    ftp>
    =============
    I have followed the tutorial above but get login failed...
    Anyone can help?

    Tx

  4. #4
    Join Date
    Feb 2009
    Posts
    130
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: how-to: PROFTPD on Fedora 10

    Did you try logging in as a non-anonymous user?

  5. #5
    Join Date
    Jul 2009
    Posts
    16
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: how-to: PROFTPD on Fedora 10

    i haven't login with user...
    how can i test anonymous user?

    tx

  6. #6
    Join Date
    Feb 2009
    Posts
    130
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: how-to: PROFTPD on Fedora 10

    Quote Originally Posted by bianchi77
    i haven't login with user...
    how can i test anonymous user?

    tx
    Have you set up any accounts or enabled anonymous login like I explained above? i'm starting to wonder if you've read my how-to

    in your example you log in as 'ftp' user; that only works if you have an ftp user on your linux OS...
    try logging in as anonymous by:
    1) when it asks your name, enter 'anonymous' (without the ' marks)
    2) as a password, either just ENTER, or give in your email (just ENTER )

    that should do the trick if you have followed my guide correctly

    P.S. if you have also enabled the password for the anonymous account, you should not ENTER, but provide this password.

  7. #7
    Join Date
    Oct 2008
    Location
    Slovakia
    Posts
    32
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question Re: how-to: PROFTPD on Fedora 10

    i did everything as you wrote in the how-to, but everytime i have a login failed message.
    it does not matter if i use ftp, anonymous or linux user accounts.
    the result is still the same :-()
    any idea ?

    my goal is to use filezilla (on my windows 7 OS) later on to access to my linux ftp.

    thanks a lot,

    A.

    Quote Originally Posted by lollysticky
    Have you set up any accounts or enabled anonymous login like I explained above? i'm starting to wonder if you've read my how-to

    in your example you log in as 'ftp' user; that only works if you have an ftp user on your linux OS...
    try logging in as anonymous by:
    1) when it asks your name, enter 'anonymous' (without the ' marks)
    2) as a password, either just ENTER, or give in your email (just ENTER )

    that should do the trick if you have followed my guide correctly

    P.S. if you have also enabled the password for the anonymous account, you should not ENTER, but provide this password.

  8. #8
    Join Date
    Feb 2009
    Posts
    130
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: how-to: PROFTPD on Fedora 10

    euhm confused here... is it the exact same message/error as the person above?

    Could you provide the error displayed on your terminal screen when logging in? I will try to answer your question as soon as possible but atm I don't have access to my F10 server
    Last edited by lollysticky; 6th September 2010 at 01:08 PM.

  9. #9
    Join Date
    Jul 2007
    Posts
    370
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: how-to: PROFTPD on Fedora 10

    Thanks for this guide but using Filezilla or any other programs that save passwords in PLAIN TEXT is a bad idea. I made the mistake of using Filezilla once to log on to my ftp site and what do you know, shortly after that the site was infected with javascript.
    these command lines are like casino slot machines, every time I input commands NOTHING HAPPENS

  10. #10
    Join Date
    Feb 2009
    Posts
    130
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: how-to: PROFTPD on Fedora 10

    Quote Originally Posted by errorxp
    Thanks for this guide but using Filezilla or any other programs that save passwords in PLAIN TEXT is a bad idea. I made the mistake of using Filezilla once to log on to my ftp site and what do you know, shortly after that the site was infected with javascript.
    I can only concur with this...

  11. #11
    Join Date
    Oct 2008
    Location
    Slovakia
    Posts
    32
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: how-to: PROFTPD on Fedora 10

    Quote Originally Posted by lollysticky
    euhm confused here... is it the exact same message/error as the person above?

    Could you provide the error displayed on your terminal screen when logging in? I will try to answer your question as soon as possible but atm I don't have access to my F10 server
    here it is :-)
    this it a test with ftp account and just ENTER (blank) as password
    Attached Images Attached Images

  12. #12
    Join Date
    Oct 2008
    Location
    Slovakia
    Posts
    32
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question Re: how-to: PROFTPD on Fedora 10

    ok, so i discovered that writing PROFTPD_OPTIONS="-DANONYMOUS_FTP"
    in /etc/sysconfig/proftpd make the ftp or anonymous connection works.

    but how can i make any authenticated user (for example myself under account "alain") connect to this FTP server and directly go to /var/www/html/ folder ?

    thanks a lot.

    A.

  13. #13
    Join Date
    Feb 2009
    Posts
    130
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: how-to: PROFTPD on Fedora 10

    ok I checked everything out and apparently proftpd has changed quite a bit since I installed it (which was allmost 2 years ago)... I've updated proftpd to the latest version and my configuration file is now giving problems where it didn't yesterday. Hence why this guide isn't working anymore I guess :P
    I will try to setup my proftpd server again and update the 'guide'... (it will take some time tho... work and stuff :P)



    EDIT 1: changed entire guide... everything works now according to the latest proftpd update.... Tested all cases:
    * Anonymous login works, both with username 'anonymous' and 'ftp'
    * Password login works with username 'anonymous' and 'ftp' if 'AnonRequirepassword on' is set
    * Username (f.e. lollysticky) login to home directory succesful.

    Please see the first post to get the new basic user details, configuration files,...
    However, I would strongly advice everyone to switch to vsftpd both for usability and safety reasons!


    EDIT 2: to Alain
    If you wish that all authenticated users are chrooted to /var/www/html folder, then change
    DefaultRoot /var/www/html
    In this example, all authenticated users will be chrooted to /var/www/html, and all anonymous users will go to /var/ftp/pub (as described in the configuration file above). I tested this and it all works
    Last edited by lollysticky; 30th September 2010 at 01:28 AM.

  14. #14
    Join Date
    Mar 2004
    Location
    In your closet
    Posts
    16,270
    Mentioned
    5 Post(s)
    Tagged
    0 Thread(s)

    Re: how-to: PROFTPD on Fedora 10

    Great job LollySticky. I just configured an FTP server here at home and by following your guide I was easily able to get this working the way I wanted. I now have a betrer basic understanding of how this is done. Thank you.

  15. #15
    Join Date
    Feb 2009
    Posts
    130
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: how-to: PROFTPD on Fedora 10

    Thanks.. I'm glad it worked

Similar Threads

  1. proftpd on Fedora 11
    By GrahamK in forum Using Fedora
    Replies: 0
    Last Post: 13th August 2009, 09:11 AM
  2. proftpd on fedora 8
    By Kybo in forum Servers & Networking
    Replies: 0
    Last Post: 13th January 2008, 01:52 PM
  3. ProFTPd...
    By HarshReality in forum Using Fedora
    Replies: 2
    Last Post: 9th September 2005, 05:43 AM
  4. proftpd
    By ieuuk in forum Servers & Networking
    Replies: 1
    Last Post: 9th January 2005, 01:18 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
[[template footer(Guest)]]