In this article, we will learn how to use Proftpd to set up an FTP server on a computer or server running Fedora22. ProFTPD is a GPL-authorized free open source FTP server software. It is a mainstream FTP server in Linux. It is designed to provide many advanced functions and provide users with a wide range of configuration options for easy customization. It has many configuration options that are still not available in some other FTP server software. Initially it was developed as wu-ftp
In this article, we will learn how to use Proftpd to set up an FTP server on a computer or server running Fedora 22. ProFTPD is a GPL-authorized free open source FTP server software. It is a mainstream FTP server in Linux. It is designed to provide many advanced functions and provide users with a wide range of configuration options for easy customization. It has many configuration options that are still not available in some other FTP server software. Initially, it was developed as a safer and Easier configuration alternative to the wu-ftpd server.
The FTP server is such a software that allows you to upload or download files and directories from the remote server where FTP is installed. The following are some main features of the ProFTPD server. For more information, visit http://www.proftpd.org/features.html.
- Each directory can contain the ". ftpaccess" file for access control, similar to Apache's ". htaccess"
- Supports multiple virtual FTP servers and multiple user logon and anonymous FTP services.
- The service can be started as an independent process or through inetd/xinetd.
- Its file/directory attributes, owner, and permissions are UNIX-based.
- It can run independently to protect the system from potential damages caused by root access.
- The modular design allows it to easily expand other modules, such as the LDAP server, SSL/TLS encryption, and RADIUS support.
- The ProFTPD server also supports IPv6.
The following are some simple steps to use ProFTPD to set up an FTP server on a computer running the Fedora 22 operating system.
1. Install ProFTPD
First, we will install the Proftpd software on the machine running Fedora 22. Because the yum package manager has been abandoned, we will use the latest and best Package Manager dnf. DNF is easy to use and is a user-friendly Package Manager on Fedora 22. We will use it to install proftpd software. This requires running the following command in sudo mode on the terminal or console.
$ sudo dnf -y install proftpd proftpd-utils
2. Configure ProFTPD
Now, we will modify some software configurations. To configure it, you must use a text editor to edit the/etc/proftpd. conf file./Etc/proftpd. confThe file is the main configuration file of the ProFTPD software. Any changes to this file will affect the FTP server. Here is the change we made in the initial step.
$ sudo vi /etc/proftpd.conf
After opening the file in a text editor, we want to change the ServerName and ServerAdmin to your domain name and email address. Below is our change.
ServerName"ftp.linoxide.com"
ServerAdmin arun@linoxide.com
After that, we will add the following settings to the configuration file so that the server can record access and authorization to the corresponding log file.
ExtendedLog/var/log/proftpd/access.log WRITE,READ default
ExtendedLog/var/log/proftpd/auth.log AUTH auth
Adjust ProFTPD settings
3. Add an FTP user
After setting the basic configuration file, we naturally want to add an FTP user with a specific directory as the root directory. Currently, you can use the FTP service to log on to the FTP server. However, in this tutorial, we will create a new user who uses the specified directory on the ftp server as the main directory.
Next, we will create a new user group named ftpgroup.
$ sudo groupadd ftpgroup
Then, we will add a new user arunftp as the directory/ftp-dir/as the main directory and add it to this group.
$ sudo useradd -G ftpgroup arunftp -s /sbin/nologin -d /ftp-dir/
After creating a user and joining the user group, we will set a password for the user arunftp.
$ sudo passwd arunftp
Changing password for user arunftp.
New password:
Retypenew password:
passwd: all authentication tokens updated successfully.
Now, we will use the following command to set the read and write permissions for the ftp user's home directory (LCTT: This is SELinux-related settings, if SELinux is not enabled, you can not use it ).
$ sudo setsebool -P allow_ftpd_full_access=1
$ sudo setsebool -P ftp_home_dir=1
Then, we will set that other users are not allowed to move or rename this directory and its contents.
$ sudo chmod -R 1777/ftp-dir/
4. Enable TLS support
Currently, the encryption method used by FTP is not secure. Anyone can monitor the network card to read data transmitted by FTP. Therefore, we will enable TLS encryption support for our servers. In this case, you need to edit the/etc/proftpd. conf configuration file. Before that, we need to back up the current configuration file to ensure that the file can be restored after the problem is rectified.
$ sudo cp /etc/proftpd.conf /etc/proftpd.conf.bak
Then, we can use our favorite text editor to modify the configuration file.
$ sudo vi /etc/proftpd.conf
Then, append the following lines to the content we added in step 1.
TLSEngine on
TLSRequired on
TLSProtocolSSLv23
TLSLog/var/log/proftpd/tls.log
TLSRSACertificateFile/etc/pki/tls/certs/proftpd.pem
TLSRSACertificateKeyFile/etc/pki/tls/certs/proftpd.pem
Enable TLS Configuration
After completing the settings above, save and exit.
Then, we need to generate the SSL Certificate proftpd. pem and put it/Etc/pki/tls/certs/Directory. In this case, you must first install openssl on Fedora 22.
$ sudo dnf install openssl
Then, you can generate an SSL Certificate by executing the following command.
$ sudo openssl req -x509 -nodes -newkey rsa:2048-keyout /etc/pki/tls/certs/proftpd.pem -out/etc/pki/tls/certs/proftpd.pem
The system will ask for some basic information that will be written into the credential. After filling in the information, a 2048-bit RSA private key is generated.
Generating a 2048 bit RSA private key
...................+++
...................+++
writing newprivate key to '/etc/pki/tls/certs/proftpd.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a DistinguishedNameor a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
CountryName(2 letter code)[XX]:NP
StateorProvinceName(full name)[]:Narayani
LocalityName(eg, city)[DefaultCity]:Bharatpur
OrganizationName(eg, company)[DefaultCompanyLtd]:Linoxide
OrganizationalUnitName(eg, section)[]:LinuxFreedom
CommonName(eg, your name or your server's hostname) []:ftp.linoxide.com
Email Address []:arun@linoxide.com
After that, we need to change the permissions of the generated credential file to increase security.
$ sudo chmod 600/etc/pki/tls/certs/proftpd.pem
5. allow FTP to use Firewall
Now, you need to allow the ftp port, which is generally blocked by the firewall by default. That is to say, the ftp port must be allowed to access through the firewall.
IfTLS/SSL encryption enabled, And execute the following command.
$ sudo firewall-cmd --add-port=1024-65534/tcp
$ sudo firewall-cmd --add-port=1024-65534/tcp --permanent
IfTLS/SSL encryption not enabled, And execute the following command.
$ sudo firewall-cmd --permanent --zone=public--add-service=ftp
success
Then, reload the firewall settings.
$ sudo firewall-cmd --reload
success
6. Start and activate ProFTPD
After all settings are complete, start ProFTPD and try again. Run the following command to start the proftpd ftp daemon.
$ sudo systemctl start proftpd.service
Then, we can set the boot start.
$ sudo systemctl enable proftpd.service
Created symlink from/etc/systemd/system/multi-user.target.wants/proftpd.service to /usr/lib/systemd/system/proftpd.service.
7. log on to the FTP server
Now, if all the settings are correct in this tutorial, we can connect to the ftp server and log on with the above settings. Here, we will configure the FTP client filezilla to useServer IP address or name *As the host name, select the Protocol *FTP, Enter the user nameArunftpThe password is set in step 1 above. If you enable TLS support in step 1, you also need to selectRequires explicit TLS-based FTPIf you do not want to enable or use TLS encryption, select the encryption type.Simple FTP.
FTP logon details
To do the preceding settings, you need to open the file in the menu, click site manager, click Create site, and then set as above.
Ftp ssl Certificate
The system then requires that the SSL Certificate be allowed. Click OK. Then, you can upload and download files and folders from our FTP server.
Summary
Finally, we successfully installed and configured the Proftpd FTP server on Fedora 22. Proftpd is a super powerful FTP daemon that can be highly customized and scalable. The preceding tutorial shows how to configure a secure FTP server with TLS encryption. We strongly recommend that you set up the FTP server to support TLS encryption because it allows you to use SSL certificates to encrypt data transmission and login. In this article, we have not configured anonymous FTP access, because it is generally not recommended for protected FTP systems. FTP access makes uploading and downloading easier and more efficient. We can also change user ports to increase security. Well, if you have any questions, suggestions, and feedback, please leave a message in the comment area below so that we can improve and update the article content. Thank you! Have fun :-)
Install ProFTPD http://www.linuxidc.com/Linux/2014-12/110046.htm on CentOS 7.0
Http://www.linuxidc.com/Linux/2013-06/86534.htm for ProFTPD installation and configuration in Linux
ProFTPD FTP server configuration http://www.linuxidc.com/Linux/2013-03/81302.htm under Ubuntu 12.04
Ubuntu installation and setup ProFTPD Server http://www.linuxidc.com/Linux/2012-12/77113.htm
Linux VPS vsftp/ProFTPD FTP time difference eight hours solution http://www.linuxidc.com/Linux/2011-06/36780.htm
For more information about Fedora, see Fedora topics page http://www.linuxidc.com/topicnews.aspx? Tid = 5
Via: Howto Configure FTP Server with Proftpd on Fedora 22
Author: Arun Pyasi Translator: zpl1025 Proofreader: wxy
This article was originally translated by LCTT and launched with the Linux honor in China
This article permanently updates the link address: Http://www.linuxidc.com/Linux/2015-08/121055.htm