Learn Linux Series (#2) - Proftpd management and configuration
Learn Linux Series (#2) - Proftpd management and configuration
What Will I Learn?
- What is proftpd
- How to install Proftpd
- How to configure Proftpd
- Starting, restarting and stopping the server
- Restrictions about IP and hosts from which you can log in
- Logging in as an anonymous user to the server
- Server load constraints
- Troubleshooting ProFTPD
Requirements
- Linux system installed
- Basic knowledge of terminal operation
- Average knowledge of linux commands
- Motivation when something goes wrong
Difficulty
Intermediate
Learn Linux Series (#2) - Proftpd management and configuration
- What is proftpd
FTP allows you to transfer files between a server computer and a client computer.
The connection via the FTP protocol can work in two modes:
active
passive.
In active mode, FTP uses port 21 for commands and port 20 for data transfer. In passive mode, FTP uses port 21 for commands and a port number above 1024 for data transmission.
- Proftpd Installation
In the terminal, we must execute the command to download the proftpd software.
To do this, enter the command:
apt-get install proftpd
if a message pops up that we do not have administrator rights, we must execute the command:
sudo -s
(this command gives us administrator privileges, and keeps them at all times while the terminal is running).
After downloading the software, it's time to launch it.
- Starting, restarting and stopping the server
We will need these commands:
Server launch:
/etc/init.d/proftpd start
Message that should appear when the Proftpd server is successfully started:
Server restart:
/etc/init.d/proftpd restart
Server stop:
/etc/init.d/proftpd stop
If we already know how to install, run, disable, restart the server, then we have to get to the configuration.
- Proftpd configuration
The basic configuration file is /etc/proftpd.conf
The simplest, enabling the server to work properly, the configuration file is:
ServerName "utopian"
ServerAdmin [email protected]
ServerType standalone
DefaultServer on
DefaultRoot ~
Port 21
Umask 002
User utopian
Group utopian
- Restrictions about IP and hosts from which you can log in
Sometimes it happens that we have to set access restrictions to the server.
Limitations can be determined in two ways.
Method 1:
By default, let everyone in, except for some addresses.
<Limit LOGIN>
Order allow,deny
Deny from c.utopian.io
Deny from p.utopian2.io
</Limit>
Computers from "Deny from" will not be allowed into the server. All others will be let in.
Method 2:
By default, allow selected people, and the rest do not allow.
<Limit LOGIN>
Order deny,allow
Allow from c.utopian.io
</Limit>
Only computers entered in "Allow from" will be allowed to the server.
- Logging in as an anonymous user to the server
Anonymous is a special user that have allowed access to public server resources. We can log in without entering the password and freely download the software available.
An example configuration of an anonymous account:
User ftp - user
Group ftp - group
AnonRequirePassword off - loggining without password
UserAlias anonymous ftp - user's aliases
DisplayLogin .welcome.msg - welcome message
DisplayFirstChdir .message -message that appears after entering the catalog
GroupOwner ftp
Umask 002
<Limit WRITE>
DenyAll
<Limit>
<Limit READ DIRS>
IgnoreHidden on
<Limit>
- Server load constraints
It happens that the traffic on the server is so big, it overloads the server so much that it can not be operated. In this case, we need to introduce server load constraints.
We use two commands for this:
MaxClients
and
MaxClientsPerHost
Sample configuration:
MaxClients 100 "There are currently too many people on the utopian server, try again later!"
MaxClientsPerHost 12 "You have too many open connections, you can not enter to utopian."
- Troubleshooting ProFTPD
Error messages can be found in
/var/log/proftpd/proftpd.log
by default, if the Proftpd server does not work after installation, you can check this file.
Sometimes, the server is delayed and you can not access the server. The message "Connection refused" will then pop up. It is not a problem. You must restart the ProFTPD server until it works.
Default log message if everything is okay:
2018-03-08 13:04:35,072 vitusc-utopian proftpd[2205] vitusc-utopian: ProFTPD 1.3.5d (maint) (built Thu Ja$
Curriculum
Part 1 - TCP/IP Computer Adaptation
Posted on Utopian.io - Rewarding Open Source Contributors
Thank you for the next tutorial on the linux system.
Thank you for the contribution. It has been approved.
You can contact us on Discord.
[utopian-moderator]
Thanks a lot for approve. Can you tell me what do you think about my part 1?