Steps for installing the proftpdftp server on ubuntu Server

This document describes how to install proftpdftp on a ubuntu server, including configuring, starting, stopping, and restarting the server.

I. Installation

Copy codeThe code is as follows:
Sudo apt-get install proftpd

During installation, Standalone and Inetd are selected. The former is in single server mode and the latter is in super server mode,
Standalone I selected.

II. configuration

Copy codeThe code is as follows:
Sudo vim/etc/shells

Add the following code:

Copy codeThe code is as follows:
/Bin/false

Create User ftpuser1 and user group ftp and set the password. This user does not need a valid shell (more secure), so select/bin/false
To fptuser1

Copy codeThe code is as follows:
Sudo groupadd ftp
Sudo useradd ftpuser1-p pass-g ftp-d/home/ftp-s/bin/false

Create and modify the upload and download directories in the/home/ftp directory

Copy codeThe code is as follows:
Cd/home/ftp
Sudo mkdir download
Sudo mkdir upload
Cd/home
Sudo chmod 755 ftp
Cd/home/ftp
Sudo chmod 755 downloading
Sudo chmod 777 upload

3. modify the proftpd core configuration file proftpd. conf

Copy codeThe code is as follows:
Sudo vim/etc/proftpd. conf
#
#/Etc/proftpd. conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#
# Includes DSO modules
Include/etc/proftpd/modules. conf
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 off # We do not need IPv6, so off
ServerName "xiaoyigeng's FTP Server" # Modify the Server name
ServerType standalone # server running mode. set this parameter to standalone or
Inetd
DeferWelcome on # whether the user displays the welcome information during login
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600 # can be reduced to 100
TimeoutIdle 1200 # daze timeout
DisplayLogin welcome. msg # if the preceding DeferWelcom is set to on
Content in welcome. msg
DisplayFirstChdir. message # content displayed when the directory is changed
ListOptions "-l"
DenyFilter \*.*/
# Use this to jail all users in their homes
DefaultRoot/home/ftp # ftp users are restricted in this directory
# Users require a valid shell listed in/etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell off # Anonymous users must select on
# Port 21 is the standard FTP port.
Port 21 # Service running Port
# In some cases you have to specify passive ports range to by-pass
# Firewall limitations. Ephemeral ports can be used for that,
# Feel free to use a more narrow range.
# PassivePorts 49152 65534 # port used in PASV mode
# If your host was NATted, this option is useful in order
# Allow passive tranfers to work. You have to use your public
# Address and opening the passive ports used on your firewall as well.
# MasqueradeAddress 1.2.3.4
# To prevent DoS attacks, set the maximum number of child processes
# To 30. If you need to allow more than 30 concurrent connections
# At once, simply increase this value. Note that this ONLY works
# In standalone mode, in inetd mode you shoshould use an inetd server
# That allows you to limit maximum number of processes per service
# (Such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs.
User nobody # The server runs under the nobody User
Group nobody # The server runs under the nobody Group
# Umask 022 is a good standard umask to prevent new files and dirs
# (Second parm) from being group and world writable.
Umask 022 022 # default file creation permission
# Normally, we want files to be overwriteable.
AllowOverwrite on # the file can be overwritten.
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd off
# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# In downloads. That is not needed for uploads rates.
#
# UseSendFile off
# Choose a SQL backend among MySQL or PostgreSQL.
# Both modules are loaded in default configuration, so you have to specify the backend
# Or comment out the unused module in/etc/proftpd/modules. conf.
# Use 'mysql' or 'Sale s' as possible values.
#
#
# SQLBackend mysql
#
TransferLog/var/log/proftpd/xferlog # Transfer file logs
SystemLog/var/log/proftpd. log # system operation log

TLSEngine off


QuotaEngine on


Ratios on

# Delay engine reduces impact of the so-called Timing Attack described in
# It is on by default.

DelayEngine on


ControlsEngine on
ControlsMaxClients 2
ControlsLog/var/log/proftpd/controls. log
ControlsInterval 5
ControlsSocket/var/run/proftpd. sock


AdminControlsEngine on

# A basic anonymous configuration, no upload directories.
#
# User ftp
# Group nogroup
# We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp
# Cosmetic changes, all files belongs to ftp user
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# RequireValidShell off
#
# Limit the maximum number of anonymous logins
# MaxClients 10
#
# We want 'Welcome. msg 'displayed at login, and'. message' displayed
# In each newly chdired directory.
# DisplayLogin welcome. msg
# DisplayFirstChdir. message
#
# Limit WRITE everywhere in the anonymous chroot
#
#
# DenyAll
#
#
#
# Uncomment this if you're brave.
##
### Umask 022 is a good standard umask to prevent new files and dirs
### (Second parm) from being group and world writable.
# Umask 022 022
##
# DenyAll
##
##
# AllowAll
##
##
#
#
# Valid Logins # Set user permissions

AllowUser ftpuser1
DenyAll


Umask 022 022
AllowOverwrite off

DenyAll



Umask 022 022
AllowOverwrite off

DenyAll



Umask 022 022
AllowOverwrite on

DenyAll


AllowAll

4. start, stop, and restart the server

Copy codeThe code is as follows:
Sudo/etc/init. d/proftpd start
Sudo/etc/init. d/proftpd stop
Sudo/etc/init. d/proftpd restart

5. maintenance

You can view logs in the/var/log/proftpd directory.

View ftp server load command ftptop
View the login server ftpwho

PS: Limit usage in proftpd

Most of the operations we use may be the use of Limit. Limit has the following actions, which can basically cover all permissions.

CMD: Change Working Directory Change Directory
MKD: MaKe Directory permission for creating directories
RNFR: ReName FRom change directory name permission
DELE: DELEte permission for deleting objects
RMD: ReMove Directory permission to delete Directory
RETR: RETRieve permission for downloading data from the server to the client
STOR: the permission for STORe to upload data from the client to the server.
READ: READ permission, excluding the column directory permission, equivalent to RETR, STAT, etc.
WRITE: permission to WRITE files or directories, including MKD and RMD.
DIRS: whether to allow column directories, which is equivalent to LIST, NLST, and other permissions. it is more practical.
ALL: ALL permissions
LOGIN: Permitted to log on
Objects applied to the above Limit include the following
The Limit allowed by AllowUser for a user
DenyUser's Limit for a user
The Limit allowed by AllowGroup for a user group
DenyGroup's Limit for a user group
AllowAll Limit allowed for all user groups
DenyAll indicates the Limit forbidden by all users.

The maximum speed is:
TransferRate STOR | RETR speed (Kbytes/s) for the user