Many web programmers, newcomers, when switching from Windows to Linux, think that these systems are similar (programs) and in order to create a local server they just need to download OpenServer, but this is far from the case. Today you are presented with a program running the Linux operating system, which allows you to use VDS / VPS using an FTP client.
How to install ProFTPD?
Everything is pretty simple. First, we go to our server with administrator rights and in the standard way we execute the command:
apt-get install proftpd
I would like to note that the ProFTPD configuration for CentOs, Debian or Ubuntu is the same, and this algorithm is suitable for most other distributions, if not for all.
We install this program and proceed to its phased configuration, fortunately it is not so difficult to do this, since it is not resource-demanding and extremely easy to configure, so most users choose it.
ProFTPD: user configuration
1. First, go to the following directory: /etc/proftpd/proftpd.conf
In this configuration file, we must write the following value:
AuthUserFile /etc/proftpd/ftpd.passwd
This file, which is written at the end, is responsible for the data for user login. All user login information is recorded there. No need to strain in order to create this file yourself, the system will do it for you.
If you need to specify which directory the user will be in by default, then add the following line:
DefaultRoot /www/testit.org
In order to create a user, we need to enter this command:
ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=first_num --shell=/bin/bash --home=/var/first_user/www/data/ --uid=106 --gid=65534
Everything is very simple here.
--name = user_num_one - user login when entering the server.
--home = / var / user_some_one / www / data / - when the user logs in, he will be put into this directory by default.
After pressing Enter, you will need to enter a password for the created user.
3. Next, we need to add the ftpaccess file. You can do this with a simple command:
touch /var/first_user/www/data/.ftpaccess
This file helps you select users who can visit this directory. In our case, a user named first_user can do this. If you want to specify several users who will be able to visit this place, then simply enter the name of another separated by commas.
Configuring ProFTPD: Creating a Certificate
In order to create a reliable connection, we need to create a security certificate. This can be done with the help of three teams, which must be registered in turn.
openssl req -new -x509 -days 365 -nodes -out \ /etc/ssl/certs/proftpd.cert.pem -keyout \ /etc/ssl/certs/proftpd.key.pem
Creates a certificate for a year.
After that, we need to fill out a simple form:
Country Name (2 letter code) [AU]: RU State or Province Name (full name) [SomeState]: Moskow Locality Name (eg, city) []: Moskow Organization Name (eg, company) [Internet Widgits Pty Ltd]: usemind.org Organizational Unit Name (eg, section) []: IT Common Name (eg, YOUR name) []: testit.org Email Address []: testit@gmail.com
Everything is very clear here. We enter all the necessary information and continue.
After that, you need to edit the tls.conf file. This can be done very simply by running the command:
nano /etc/proftpd/tls.conf
It will open a window in which we need to change the following lines.
TLSEngine on TLSLog /var/log/proftpd/proftpd_tls.log TLSProtocol SSLv23 TLSOptions NoCertRequest TLSRSACertificateFile /etc/ssl/certs/proftpd.cert.pem TLSRSACertificateKeyFile /etc/ssl/certs/proftpd.key.pem TLSVerifyClient on TLSRequired off
In this situation, it is very important that you monitor the absence of repetitions of these lines.
The next step is to enable TLS in the ProFTPD configuration file.
To do this, run the command to edit text files:
nano /etc/proftpd/proftpd.conf
After that, you need to uncomment this line:
Include /etc/proftpd/tls.conf
If this line is completely absent, then just add it. Done, the TLS configuration is enabled and you can finish setting up the encryption of the connection. Let's move on to the next step.
You need to add lines to the same ProFTPD configuration file:
<Global> RootLogin off </Global>
Saving Settings
Server setup is complete. The final step is to replace the files on the server. After replacement, we need to execute these commands:
/etc/init.d/proftpd stop
/etc/init.d/proftpd start
This completes the configuration of ProFTPD. You can use the ready, customized version of the server.
Let's talk about the main errors that you may encounter while restarting the server.
The server closes the connection. What to do?
What to do if you saw this error: ProFTPd Failed to retrieve directory listing - Connection closed by server
The solution is quite simple. First, go to the familiar ProFTPD configuration file and uncomment the following lines:
PassivePorts 49152 65534
If this also did not help in solving this problem, then in the same file we remove the comment from the line:
Include /etc/proftpd/modules.conf
If you didnβt find this line, then simply add it to any free place. Thus, the problem should be solved, and you can enjoy the working version of the server. I would also like to note that setting up ProFTPD for Ubuntu and some other operating systems is the same, so it makes no sense to look for manuals for your operating system.
Conclusion
In this article, we described in detail and in an accessible language about installing and configuring a program called ProFTPD, described not only how to configure this program to run, but also how to add and edit access privileges for users. It was also told about how to create an ssl-security certificate, which will help to encrypt traffic and prevent attackers from taking possession of files that you do not want to share. In addition to all this, we learned about the reason for the disconnection and ways to solve this problem, and it turned out to be not so difficult to solve, itβs enough just to remove the comments on some lines and use the working servers. This article is about to end, we really hope that it was useful to you and helped to find answers to all your questions.