Set up FTP server
Author: Sag47 (talk, contrib) |
This covers how to get an FTP server for networks to work under Linux, and various information about other servers and applications which go along with them.
FTP Server: proftpd instructions
Assumptions
I'm going to make a few assumptions:
- You have apache2 already installed (and maybe php5/mysql-server-5.1/mysql-client-5.1 but not required)
- You have a new to intermediate level of terminal knowledge (basics such as cd dirs and whatnot)
- Your apache web user is www-data like mine is (cat /etc/passwd | grep www)
- You are running all commands as root. Emulate a root login by typing "sudo bash" so you don't have to type the stupid sudo command a bunch.
Install proftpd
Okay lets get started with FTP! Install proftpd. If asked about running from inetd or standalone then choose standalone.
Debian/Ubuntu based install command.
sudo apt-get install proftpd
You can stop, start, get the status, and more from the following command.
/etc/init.d/proftpd # start server /etc/init.d/proftpd start # stop server /etc/init.d/proftpd stop
Since proftpd is located in /etc/init.d/ it will autostart when the system starts up.
Setup proftp to use system users
For the server and port settings you need to modify proftpd.conf which is located in /etc/ or /etc/proftpd/. Lets pretend we don't know where it is at all and search for it.
cd / #Here's two ways to find it find . -type f -name "proftpd.conf" find . | grep proftpd.conf
Modify your proftpd.conf and change any port settings or anonymous logins you wish and restart the server....
vim /etc/proftpd/proftpd.conf
You should uncomment the following lines in proftpd.conf
#if your machine is IPv4 only UseIPv6 off #jail all users in their homes DefaultRoot ~ #user does not require a valid shell to login RequireValidShell off #at the end of the file add the following... # Allow users from a group to login MaxLoginAttempts 5 <Limit LOGIN> AllowGroup ftpusers DenyALL </Limit>
Create an ftpusers group so that any user in the ftpusers group can login to their home via ftp.
groupadd ftpusers
Give existing users FTP access
Add any existing users you wish to have ftp access to the ftpusers group.
#my username is sam and I'm going to add myself usermod -a -G ftpusers sam #check to ensure the user was added to group groups sam
Set up your user webadmin to upload files to /var/www
Create your webadmin user (without a shell login) so that they may only login using ftp. Set their home to /var/www.
#setup user webadmin useradd webadmin -d /var/www -s /bin/false #set password for webadmin passwd webadmin
Add the user webadmin to the ftpusers group and give webadmin ownership to /var/www.
usermod -a -G ftpusers webadmin chown -R webadmin\: /var/www chmod -R 755 /var/www groups webadmin #check the ownership and permissions of /var/www ls -lah /var | grep www
Alternatively if you're using the PHP copy function you'll want to give ownership of /var/www to www-data (the apache user) and allow webadmin to modify the files and folders within.
usermod -a -G www-data webadmin chown -R www-data\: /var/www chmod -R 775 /var/www groups webadmin ls -lah /var | grep www
Troubleshooting proftpd
#check to see if proftpd is running /etc/init.d/proftpd status #if it is not running then check for processes using port 21 netstat -anp | grep 21 #use the kill command to kill a process based on it's PID and retry
Documentation Sources
http://www.proftpd.org/ - website
http://www.proftpd.org/docs/ - documentation
http://www.proftpd.org/docs/howto/Limit.html - Limits section in proftpd.conf
FTP Clients
Here is a comprehensive list of FTP Clients available to distros which users may have on your network.
Name | Linux | Mac OS X | Windows | Other |
---|---|---|---|---|
CrossFTP | Y | Y | Y | Y |
FileZilla FTP Client | Y | Y | Y | Y |
FileZilla Portable | N | N | Y | N |
FireFTP | Y | Y | Y | Y |
Kasablanca | Y | N | N | N |
KBear | Y | N | N | N |
Nautilus | Y | N | N | N |
WinSCP | N | N | Y | N |
WinSCP Portable | N | N | Y | N |