Setup ProFTP in FreeBSD

Instructions for setting up an internal FTP server on a FreeBSD 10 machine. Note that this machine is not setup for public access and hence no specific security steps have been taken.

 

Installing

portmaster ftp/profptd

 

Configuration

We will set up a user called ftpuser with a password to be used for ftp login.

The configuration file for proftp will be in /usr/local/etc/proftpd.conf

We will use the default settings.

 

 

#
# For more information about Proftpd configuration
# see http://www.proftpd.org/
#
# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName			"ProFTPD Default Installation"
ServerType			standalone
DefaultServer			on
ScoreboardFile		/var/run/proftpd/proftpd.scoreboard

# Port 21 is the standard FTP port.
Port				21

# Use IPv6 support by default.
UseIPv6				on

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask				022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances			30

CommandBufferSize	512

# Set the user and group under which the server will run.
User				nobody
Group				nogroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite		on

# Bar use of SITE CHMOD by default

  DenyAll


# A basic anonymous configuration, no upload directories.  If you do not
# want anonymous users, simply delete this entire  section.

#########################################################################
#                                                                       #
# Uncomment lines with only one # to allow basic anonymous access       #
#                                                                       #
#########################################################################

#
#   User				ftp
#   Group				ftp

  ### We want clients to be able to login with "anonymous" as well as "ftp"
  # UserAlias			anonymous ftp

  ### Limit the maximum number of anonymous logins
  # MaxClients			10

  ### We want 'welcome.msg' displayed at login, and '.message' displayed
  ### in each newly chdired directory.
  # DisplayLogin			welcome.msg
  # DisplayFirstChdir		.message

  ### Limit WRITE everywhere in the anonymous chroot
  # 
  #   DenyAll
  # 
#



Testing

Run service profptd start

If it gives an error about hostname not found or hostname cannot be resolved then make sure you have entered the IP assignment for your local machine in /etc/hosts

Eg. if your machine name is unixbox then in etc/hosts you need to put

127.0.0.1 unixbox

If the service starts now then you should be able to test ftp login.

 

To start the service on bootup, put

proftpd_enable = “YES”

in /etc/rc.conf

 

Then copy profptd into /etc/rc.d

cp /usr/local/etc/rc.d/profptd    /etc/rc.d

 

 

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.