In this tutorial we will cover the steps needed to install and configure the FTP server software ProFTPd.

Requirements

* Linux server with installed Ubuntu/Debian/CentOS distribution

* SSH access with root privileges

* Basic skills for working in a Linux environment

Installing ProFTPD server

The pro-ftpd package can be installed with the following command:

For Debian/Ubuntu:

sudo apt-get install proftpd

Once you execute it, you will be prompted to choose if you want to use the server as an inetd or standalone server. You need to choose the "standalone server" option.

For CentOS:

yum install proftpd

After the package and all its dependencies are installed successfully, you can begin with the pro-ftpd configuration.

Configuring ProFTPD

There are many available configuration options which depend on your needs. We will list some of the most important and default changes that should be made if you want to run an FTP server with virtual users.

NOTE: For Debian/Ubuntu - the configuration file is located at: /etc/proftpd/proftpd.conf

NOTE: For CentOS - the configuration file is located at: /etc/proftpd.conf

- Set a server name (usually, the server's hostname is added here):

ServerName example.com

- Remove the comment from DefaultRoot option. This will prevent the FTP users from going outside of their default directory and, for example, to access other users' folders.

- Define the range of ports for passive mode connections (this option exists only in the configuration file of Debian/Ubuntu packages).

- Define the files which we will use for authentication. The AuthUserFile and AuthGroupFile files will be created later, but we can define them now to complete the configuration.

These changes will be enough. The next thing is to configure the iptables firewall rules in order to allow access to the FTP ports.

Configuring iptables

We need to open ports 20, 21 and the port range that we have specified in the config file for the Passive connections.

And execute a save command in order to commit the changes:

iptables-save

We can save the current iptables configuration in a file and reload it if we make changes and we want to restore these settings later:

iptables-save > /path/to/file.txt

We are ready with the FTP server configuration and we should be able to connect successfully. The only thing left is to create and configure virtual users.

Creating FTP Virtual Users

First, we need to create the configuration files which will contain our users and groups. We can create the files in a random directory. In this example we will use /etc/proftpd/. The config files are created automatically when you attemp to add a user to a non-existing file.

mkdir /etc/proftpdcd /etc/proftpd

To add user in ftpd.conf use the command below:

NOTE: Please note that the folder that you set as default for the user (--home=/default/user/folder) must exist!

Once you execute it, you will be prompted to enter password for this user twice.

The exact options that the command contains are:

--name - the username of the ftp account
--home - its default directory
--shell - the shell folder
--uid - user ID
--gui - group ID

By executing this command, a file ftpd.passwd will be generated automatically, and the user we have created will be added in it.

After that we need to create the group:

ftpasswd --group --gid=500 --name=group_name

After we have done all these changes we need to restart the proftpd service and it will be ready for use:

/etc/init.d/proftpd restart