Having a quick and easy way to transfer files is essential in web development. using the ProFTPd packages is pretty painless. Once ProFTPd is operational, uploads/downloads are quick and using it is easy.
Please Use Extreme Caution: ProFTPd transmits username and password data in an unsecure/plain text format. To ensure the security of your FTP server, you need to be careful to only allow access to a limited number of users, only using it when it is absolutely necessary, and changing user’s password often.
- At the Debian GNU/Linux w/ KDE Welcome Screen, chose the “Menu” option in the lower left part of the screen.
- In the Menu chose the “Console Login” option. (You Can also simply click ALT+N from the Debian GNU/Linux w/ KDE Welcome Screen, in place of the first two steps in this section. This is a shortcut to the Console or “CONSOLE MODE”.)
- At the Login prompt type: “root” and hit the [enter] key.
- Type in the Password of the “root” user and hit the [enter] key. You would have set this password up during installation. See our Installing Debian 4 on a PC guide.
- Then you will type the following code:
test:~# apt-get update
then press the [enter] key. This will download the latest, most up to date installation packages. Do not try to continue until it has completed the package header downloads.
- Once all the package headers have been downloaded, type:
test:~# apt-get install proftpd
then press the [enter] key. This will start the install process for the ProFTPd server.
- You will get a ProFTPd configuration screen asking if you want the ftp server to run as a standalone server or a inetd service. (I use the inetd option, so this document will include that option.)
- Use your arrow keys to select inetd and hit the [enter] key.
- The installation will continue and the configuration option you just chose will be applied. Once the installation is complete the screen will tell you that the ProFTPd is started, and return you to the # Command Prompt.
Congratulations, you now have a fully working FTP Server for your Debian System!
Don’t Stop Here! You need to configure a few security options for your new ProFTPd FTP Server.
CONFIGURING SECURITY OPTIONS FOR YOUR PROFTPD FTP SERVER. There are several security options you can enable on your ProFTPd Server. (The configuration of your ProFTPd server is handled by the ProFTPd configuration file found at “/etc/proftpd.conf”)
(The next set of instructions assume you are still at the the # Command Prompt. from the instructions above.)
- To stop the server prior to more configuration type:
test:~# /etc/init.d/proftpd stop
then press the [enter] key. This will stop the ProFTPd Server processes for modification.
- To use TLS security you will need to generate a key, and update your server’s configuration file to use it.
Generating a key is simple enough with the openssl command, which is contained in the openssl package:
test:~# mkdir /etc/proftpd
then press the [enter] key to create the directory. Next type:
test:~# cd /etc/proftpd
then press the [enter] key to change to that directory. Now enter the command:
test:~# openssl req -new -x509 -days 365 -nodes -out ftpd-rsa.pem -keyout ftpd-rsa-key.pem
then press the [enter] key.
- With the files generated you can add the following to your proftpd.conf file:
<ifmodule mod_tls.c> TLSEngine on TLSLog /var/log/proftpd-tls.log TLSProtocol TLSv1 # Are clients required to use FTP over TLS when talking to this server? TLSRequired off TLSRSACertificateFile /etc/proftpd/ftpd-rsa.pem TLSRSACertificateKeyFile /etc/proftpd/ftpd-rsa-key.pem # Authenticate clients that want to use FTP over TLS? TLSVerifyClient off </ifmodule>
You can also limit users to specific directories. To limit the user “bamajr” to the starting directory “/tmp” you can use:
DefaultRoot /tmp bamajr
Another approach is to generally restrict all users to their own home directory. This can be accomplished with:
This causes all users to be presented with the contents of their home directory (as specified by /etc/passwd) when they log in.
- When you are done with the configuration, you can start the ProFTPd server back up by typing:
test:~# /etc/init.d/proftpd start
then press the [enter] key. This will start the ProFTPd Server processes for use. You could also reboot the system by typing:
test:~# shutdown now -r
then press the [enter] key. This will shut your Debian System off and reboot it.
Once you add users, your ProFTPd server is ready for action.
CREATE USERS – I have not developed a set of instructions for creating ProFTPd users just yet (You should easily be able to find information on how to do so, from the link I site below).
TESTING SECTION – I have not developed a set of instructions for testing this installation just yet either (Again, you should easily be able to find information on how to do so, from the link I site below).
Portions of this guide were taken from an article available online here.