Instructions for setting up an internal FTP server on a FreeBSD 10 machine. Note that this machine is not setup for public access and hence no specific security steps have been taken.
Installing
portmaster ftp/profptd
Configuration
We will set up a user called ftpuser with a password to be used for ftp login.
The configuration file for proftp will be in /usr/local/etc/proftpd.conf
We will use the default settings.
# # For more information about Proftpd configuration # see http://www.proftpd.org/ # # This is a basic ProFTPD configuration file (rename it to # 'proftpd.conf' for actual use. It establishes a single server # and a single anonymous login. It assumes that you have a user/group # "nobody" and "ftp" for normal operation and anon. ServerName "ProFTPD Default Installation" ServerType standalone DefaultServer on ScoreboardFile /var/run/proftpd/proftpd.scoreboard # Port 21 is the standard FTP port. Port 21 # Use IPv6 support by default. UseIPv6 on # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd). MaxInstances 30 CommandBufferSize 512 # Set the user and group under which the server will run. User nobody Group nogroup # To cause every FTP user to be "jailed" (chrooted) into their home # directory, uncomment this line. #DefaultRoot ~ # Normally, we want files to be overwriteable. AllowOverwrite on # Bar use of SITE CHMOD by default DenyAll # A basic anonymous configuration, no upload directories. If you do not # want anonymous users, simply delete this entire section. ######################################################################### # # # Uncomment lines with only one # to allow basic anonymous access # # # ######################################################################### # # User ftp # Group ftp ### We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp ### Limit the maximum number of anonymous logins # MaxClients 10 ### We want 'welcome.msg' displayed at login, and '.message' displayed ### in each newly chdired directory. # DisplayLogin welcome.msg # DisplayFirstChdir .message ### Limit WRITE everywhere in the anonymous chroot # # DenyAll # #
Testing
Run service profptd start
If it gives an error about hostname not found or hostname cannot be resolved then make sure you have entered the IP assignment for your local machine in /etc/hosts
Eg. if your machine name is unixbox then in etc/hosts you need to put
127.0.0.1 unixbox
If the service starts now then you should be able to test ftp login.
To start the service on bootup, put
proftpd_enable = “YES”
in /etc/rc.conf
Then copy profptd into /etc/rc.d
cp /usr/local/etc/rc.d/profptd /etc/rc.d
Leave a Reply