Set up a reliable ftp server with proftpd
If you have a need for an ftp server, and you have a Linux machine on your network, then you need look no further than proftpd. The proftpd project came about to fill the need for a secure and reliable ftp server for the Linux operating system. Proftpd uses a single configuration file, so it's simple to set up. This ftp server was also based on an admiration for Apache, so there are many similarities between the two. For instance, where Apache uses .htaccess, proftpd uses .ftpaccess for per-directory configuration.Proftpd also support anonymous ftp access and can be run as a stand alone server or using inetd control.
The aim of this article is to show you how to quickly set up an ftp server for user access and anonymous access on your Linux server.
Installing proftpd is simple. If you are in a gui environment, open up your Add/Remove Software utility, do a search for proftpd, select the resulting proftpd entry, and apply the changes. If you are not in a gui environment you can issue a command similar to:
sudo apt-get install proftpd
yum install proftpd
To install the tool.
The configuration file for proftpd is /etc/proftpd.conf. The first portion of the configuration file is dedicated to the main configuration options. If you are setting up a basic ftp server the only thing you may want to edit in this section is the ServerAdmin email address. In this same section you can switch the server from a stand-alone server (default) to an inetd-based by uncommenting the type you want and commenting out the type you don't want.
Interestingly enough, once installed, by default you will have user-level ftp access by just starting the proftpd daemon. To do this issue the command:
depending upon your distribution.
When your users log into their ftp account they will default to their home directory and can not navigate above their ~/ directory.
Now if you want to add anonymous ftp access you have to visit another section of the /etc/proftpd.conf file. If you scroll down to around line 104 of this file you will see the opening anonymous tag "<Anonymous>". Everything between this tag and the closing tag, "</Anonymous>" refers to anonymous configuration.
By default all of the anonymous configuration is commented out. To create a simple anonymous ftp server setup you will want to uncomment out the following lines:
< Anonymous >
UserÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â ftp
GroupÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â ftp
AccessGrantMsgÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â "Anonymous login ok, restrictions apply."
UserAliasÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â anonymous ftp
MaxClientsÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 10 "Sorry, max %m users -- try again later"
DefaultChdirÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â /pub
< /Anonymous >
NOTE: There will be no spaces in the opening and closing tags.
Once you uncomment out them, restart the proftpd server and anonymous access will have been granted to users. When anonymous users log in to the server they will be confined to the /var/ftp directory (although to the user it will appear as "/"). Anonymous users will have access to two directories: pub and uploads. The pub directory is where anonymous users can download files and the uploads directory is where anonymous users can upload files.
Proftpd is one of the easiest ftp servers to get up and running. It is safe, reliable, and allows simple configuration for anonymous access. If you are looking for an ftp server that requires little hardware, can be deployed quickly, and will "just work" then proftpd is the logical choice.Advertisement
(well really sftp/scp ftw, but you know what i mean)
Why would anyone choose ftp over sftp/scp/ssh these days?
@Pharrisee: for compatibility with older applications or to use it as some kind of NAS, as i do.
one reason some people would choose ftp over sftp/scp is that some graphical front ends for ftp might not work well with those protocols. but you KNOW they will work with ftp. on top of that – if it is within a secure local network the use of sftp or scp might be redundant.