ProFTPD - installation and configuration of the FTP server on Ubuntu
In today's article I will present, step by step how to "bet" on their VPS FTP server using the very popular and often featured package ProFTPD.
Install the ftp server
1 | apt-get -y install proftpd openssl |
of the options which we displayed during the installation, we select
1 | Run proftpd: <-- standalone |
ProFTPD open the configuration file using a simple text editor, for example,. nano
1 | nano /etc/proftpd/proftpd.conf |
We find in it a few items, you should adjust according to your needs:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | ServerName "Serwer FTP" #nazwa serwera DisplayLogin welcome.msg #nazwa pliku z tekstem powitalnym DefaultRoot ~ #katalog główny dla łączących się użytkowników #powoduje zamknięcie użytkowników w ich katalogach domowych #(tzw. jail) #zakomentuj, aby usunąć to ograniczenie RequireValidShell off #wymaga, aby użytkownicy posiadali poprawny shell Port 21 #domyślny port FTP, można zmienić dla bezpieczeństwa User proftpd #domyślny użytkownik (i grupa), który jest wykorzystywany Group nogroup #do uruchamiania serwera |
Stożymy TLS certificate for FTP Server
1 | mkdir /etc/proftpd/ssl |
1 | openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/ssl/proftpd.cert.pem -keyout /etc/proftpd/ssl/proftpd.key.pem |
I answer questions:
1 2 3 4 5 6 7 | Country Name (2 letter code) [AU]: <-- PL"). State or Province Name (full name) [Some-State]:<-- Poland. Locality Name (eg, city) []:<-- Warszawa. Organization Name (eg, company) [Internet Widgits Pty Ltd]:<-- serwerweb.pl. Organizational Unit Name (eg, section) []:<--serwerweb.pl. Common Name (eg, YOUR name) []:<-- node.serwerweb.pl. Email Address []:<-- kontakt@serwerweb.pl. |
we give permission for the file
1 | chmod 600 /etc/proftpd/ssl/proftpd.* |
Run TLS settings ftp
1 | nano /etc/proftpd/proftpd.conf |
and from commenting Include /etc/proftpd/tls.conf
1 2 3 4 5 6 | [...] # # This is used for FTPS connections # Include /etc/proftpd/tls.conf [...] |
Edit your /etc/proftpd/tls.conf
1 | nano /etc/proftpd/tls.conf |
And edit in the following manner
1 2 3 4 5 6 7 8 9 10 11 12 | <IfModule mod_tls.c> TLSEngine on TLSLog /var/log/proftpd/tls.log TLSProtocol TLSv1.2 TLSCipherSuite AES128+EECDH:AES128+EDH TLSOptions NoCertRequest AllowClientRenegotiations TLSRSACertificateFile /etc/proftpd/ssl/proftpd.cert.pem TLSRSACertificateKeyFile /etc/proftpd/ssl/proftpd.key.pem TLSVerifyClient off TLSRequired on RequireValidShell no </IfModule> |
We make a server restart proftpd
1 | systemctl restart proftpd.service |
Add the FTP user permissions and give it close in the directory
1 | useradd --shell /bin/false uzytkownikftp |
1 | mkdir /home/uzytkownikftp |
1 | chown uzytkownikftp:uzytkownikftp /home/uzytkownikftp/ |
We do change the password for the user uzytkownikftp
1 | passwd uzytkownikftp |
That's all, we can log into our ftp server 😉
This page is one big mistake
You could write why you think so ?
Pawel :.)….
Pawel
There are no spaces in the code, kinda weird <– for that they are ...
Where exactly?