Manage cookies that are used for advertising, such as ad personalization, remarketing, and ad effectiveness analysis.
5.3.8. Install and configure ProFTPd
Instead of configuring FTP access, you can use connect via SFTP.
To connect to a server via FTP, you need to install and configure on the server special software — FTP server. One of the most popular and convenient FTP servers is ProFTPd.
Install
Connect to the server via SSH or VNC, install ProFTPd and edit the configuration files. The procedure depends on the OS you are using.
- Install EPEL repository:
yum install epel-release - Install ProFTPd:
yum install proftpd - Open ports for FTP operations:
firewall-cmd --permanent --add-port=20-21/tcp firewall-cmd --permanent --add-port=40900-40999/tcp firewall-cmd --reload - Enable ProFTPd to start at system startup and run it:
systemctl enable proftpd systemctl start proftpd - Change the ProFTPd configuration file.
- Install ProFTPd:
apt-get install proftpd - Change the ProFTPd configuration file.
- Execute command:
echo "/bin/false" >> /etc/shells
- Install ProFTPd:
emerge --ask net-ftp/proftpd - Copy the configuration file (if it does not exist):
cp /etc/proftpd/proftpd.conf.distrib /etc/proftpd/proftpd.conf - Change the ProFTPd configuration file.
- Enable ProFTPd to start at system startup and run it:
- For OpenRC:
rc-update add proftpd default rc-service proftpd start - For systemd:
systemctl enable proftpd systemctl start proftpd
- Install ProFTPd:
dnf -y install proftpd - Change the ProFTPd configuration file (located in
/etc/proftpd.conf). At the end of the file, add the line:PassivePorts 21000 21020 - Enable ProFTPd to start at system startup and run it:
systemctl enable proftpd systemctl start proftpd - Configure SElinux (if you have it) and the firewall:
setsebool -P ftp_home_dir=1 setsebool -P allow_ftpd_full_access=1 # Firewall firewall-cmd --permanent --add-port=21/tcp firewall-cmd --add-port=21000-21020/tcp --permanent firewall-cmd --reload
Create users
ProFTPd can use both virtual users and system users as users.
- Create an FTP user:
useradd example -d /var/www --shell /bin/false --ingroup www-dataexample— name of the FTP user./var/www— home directory of the FTP user.www-data— group to which the web server or other app that will use the uploaded files belongs (www-datais the default group for the Apache web server).
- Grant the user permissions to edit files in the desired directories:
chown example:www-data -R /var/wwwexample— created FTP user.www-data— group to which the web server or other app that uses the uploaded files belongs (www-datais the default group for the Apache web server)./var/www— directory for which permissions are changed (usually the directory with site files, by default/var/www).
Configure
- Edit the ProFTPd configuration file:
nano /etc/proftpd/proftpd.confChange the lines:
ServerName— server name.ServerType— startup mode:standalone— automatic startup at system startup (by default).inetd— only manual startup.
# DefaultRoot— remove the#character at the beginning of the line. This parameter specifies access to the default directory. To specify default access to the user's directory, specify~.- Add the line
UseReverseDNS offbefore the line# Use this to jail all users in their homes(by default is line 34). - Check that the configuration file is correct:
proftpd -t
- Restart ProFTPd:
/etc/init.d/proftpd restart
Comments
Додамо цю інформацію до статті.