Home  |  About  | Last |  Submit  |  Contact
AllQuests.com



Previous Question:  Java Firefox  x86 64 bit UsersNext Question:  Hardy CD label!  Art Design
Question HOWTO Create FTP server user access proftpd ( Ubuntu Forums Tutorials Tips )
Updated: 2008-05-11 07:46:19 (1070)
HOWTO Create FTP server user access proftpd

There's some support for this guide in the hoary section
Some questions are already answered in the OLD THREAD ,if you need support you should read it before posting here.


I created this How to for people who want to share files with friends using FTP protocol, like FTPservU under windows. The way i give you is not the only one, I hope my How to is enough clear.
This FTP server will allow only users with the good password (persons to whom you gave the password and username). So you will be sure that only known persons will access your FTP server.

A- The GUI way (for beginners only)

For those who are new to linux and don't want to use a FTP server without GUI, or just for those who don't use often their FTP server and wish to set it quickly without a high level of security, there is a GTK GUI for proftpd.
Be careful, it's less secure than configuring yourself your server.

1- Install proftpd and gproftpd with synaptic or with this command :
Code:
sudo apt-get install proftpd gproftpd
2-Play with the GUI and set up quickly your server.

Feel free to post here if you have some problems with gproftpd but it shouldn't be too hard to use (it took me 2 minutes to set up a small FTP server ).


B- The secure way


1-
Install proftpd with synaptic or with this command :
Code:
sudo apt-get install proftpd
2- Add this line in /etc/shells file (sudo gedit /etc/shells to open the file) :
Code:
/bin/false
Create a /home/FTP-shared directory :
Code:
cd /home
sudo mkdir FTP-shared
Create a user named userftp which will be used only for ftp access. This user don't need a valid shell (more secure) therefore select /bin/false shell for userftp and /home/FTP-shared as home directory (property button in user and group window).
To make this section clearer, i give you the equivalent command line to create the user, but it would be better to use the GUI (System > Administration > User & Group) to create the user since users here often got problems with the user creation and the password (530 error) with the command line, so i really advice to use the GUI :
Code:
sudo useradd userftp -p your_password -d /home/FTP-shared -s /bin/false
sudo passwd userftp
In FTP-shared directory create a download and an upload directory :
Code:
cd /home/FTP-shared/
sudo mkdir download
sudo mkdir upload
Now we have to set the good permissions for these directories :
Code:
cd /home
sudo chmod 755 FTP-shared
cd FTP-shared
sudo chmod 755 download
sudo chmod 777 upload
3- OK, now go to the proftpd configuration file :
Code:
sudo gedit /etc/proftpd.conf
or for edgy eft (ubuntu 6.10) :
Code:
sudo gedit /etc/proftpd/proftpd.conf
and edit your proftpd.conf file like that if it fit to your need :
Code:
# To really apply changes reload proftpd after modifications.
AllowOverwrite on
AuthAliasOnly on

# Choose here the user alias you want !!!!
UserAlias sauron userftp

ServerName			"ChezFrodon"
ServerType 			standalone
DeferWelcome			on

MultilineRFC2228 on
DefaultServer			on
ShowSymlinks			off

TimeoutNoTransfer 600
TimeoutStalled 100
TimeoutIdle 2200

DisplayFirstChdir               .message
ListOptions                	"-l"

RequireValidShell 		off

TimeoutLogin 20

RootLogin 			off

# It's better for debug to create log files ;-)
ExtendedLog 			/var/log/ftp.log
TransferLog 			/var/log/xferlog
SystemLog			/var/log/syslog.log

#DenyFilter			\*.*/

# I don't choose to use /etc/ftpusers file (set inside the users you want to ban, not useful for me)
UseFtpUsers off

# Allow to restart a download
AllowStoreRestart		on

# Port 21 is the standard FTP port, so you may prefer to use another port for security reasons (choose here the port you want)
Port				1980

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 8

# Set the user and group that the server normally runs at.
User                  nobody
Group                 nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask				022	022

PersistentPasswd		off

MaxClients 8
MaxClientsPerHost 8
MaxClientsPerUser 8
MaxHostsPerUser 8

# Display a message after a successful login
AccessGrantMsg "welcome !!!"
# This message is displayed for each access good or not
ServerIdent                  on       "you're at home"

# Set /home/FTP-shared directory as home directory
DefaultRoot /home/FTP-shared

# Lock all the users in home directory, ***** really important *****
DefaultRoot ~

MaxLoginAttempts    5

#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
DenyALL
</Limit>

<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
	<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
	DenyAll
	</Limit>
</Directory>

<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
	<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
	DenyAll
	</Limit>
</Directory>

<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
	<Limit READ RMD DELE>
      	DenyAll
    	</Limit>

    	<Limit STOR CWD MKD>
      	AllowAll
    	</Limit>
</Directory>
Ok you have done proftpd configuration. Your server is on port 1980 (in this exemple) and the access parameters are
user : sauron
password : the one you've set for userftp

4- To start/stop/restart your server :
Code:
sudo /etc/init.d/proftpd start
sudo /etc/init.d/proftpd stop
sudo /etc/init.d/proftpd restart
To perform a syntax check of your proftpd.conf file :
Code:
sudo proftpd -td5
To know who is connected on your server in realtime use "ftptop" command (use "t" caracter to swich to rate display), you can also use the "ftpwho" command.
other informations here


C- Advanced tricks

1- Enable TLS/SSL encryption (FTPS)
The FTP file sharing protocol is an old protocol which was created when internet was still a secure place, therefore the default FTP protocol is not that secure.
For example the password and username for login are transmitted in plain text which obviously isn't secure.
That why, to fit the needs of our generation, encryption solutions were developed and one of them is TLS/SSH encryption.
This will encrypt the username and password and all the data you send, obviously to use it the FTP client must support SFTP protocol.

here are the steps to enable TLS/SSH encryption (FTPS):

Paste these commands in a terminal :
Code:
sudo apt-get install build-essential
sudo apt-get install libssl-dev
cd /etc
sudo mkdir ftpcert
cd ftpcert/
sudo openssl genrsa -des3 -out server.key 1024
sudo openssl req -new -key server.key -out server.csr
sudo openssl genrsa -des3 -out ca.key 1024
sudo openssl req -new -x509 -days 365 -key ca.key -out ca.crt 
sudo wget http://frodubuntu.free.fr/ubuntu/sign.sh
sudo chmod +x sign.sh
sudo ./sign.sh server.csr
Then add this section to yout proftpd.conf file :
Code:
<IfModule mod_tls.c>
    TLSEngine on
    TLSLog /var/ftpd/tls.log
    TLSProtocol TLSv1

    # Are clients required to use FTP over TLS when talking to this server?
    TLSRequired off

    # Server's certificate
    TLSRSACertificateFile /etc/ftpcert/server.crt
    TLSRSACertificateKeyFile /etc/ftpcert/server.key

    # CA the server trusts
    TLSCACertificateFile /etc/ftpcert/ca.crt

    # Authenticate clients that want to use FTP over TLS?
    TLSVerifyClient off
</IfModule>
If you use edgy or proftpd 1.3 in general add this line at the beginning of your proftpd.conf file, it will load all the extra modules like mod_tls.c :
Code:
Include /etc/proftpd/modules.conf
Note - Use TLSRequired ON to force the use of TLS. OFF means that the use of TLS is optional.

Optional step:
You will notice that you will be asked for the password you set for the server.key file each time you start/stop/restart the server, it is because the RSA private key is encrypted in the server.key file.
The solution is to remove the encryption of the RSA private key but it makes the key readable in the server.key file which is obviously less secure, anyway if you do that make sure that the server.key is readable only by root.
Once you know that it's less secure here are the command lines to remove the encryption of the RSA private key :
Code:
cd /etc/ftpcert
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
Here are some links to read in case of problems or just to get more informations :
http://www.modssl.org/docs/2.7/ssl_faq.html#cert-ownca
http://www.castaglia.org/proftpd/doc...HOWTO-TLS.html

To use your TLS encrypted FTP server you will need a FTP client which support it like the latest versions of filezilla (the one present in the feisty repository has the TLS support).
In filezilla the option to use is called FTPES.

Thanks to nix4me for the help he provided and for the instructions.

2- Restrict access for some users
Some of you wish, for different reasons, to create more than one user and give a different access depending on the user.
For example if i create 2 users, one called user1 and the second called user2 and then want to deny access to the download directory for user2, You can do it as following :

First create the 2 users like userftp in the guide and give them alias names if you use aliases. Then allow your 2 users in the general LIMIT LOGIN section :
Code:
#VALID LOGINS
<Limit LOGIN>
AllowUser user1
AllowUser user2
DenyALL
</Limit>
Once done here is how to modify the directory sections to chose who is able to use which directory :
Code:
<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off

        <Limit ALL>
		Order Allow,Deny
		AllowUser user1
		Deny ALL
	</Limit>

	<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
	DenyAll
	</Limit>
</Directory>

<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on

       <Limit ALL>
		Order Allow,Deny
		AllowUser user1
                AllowUser user2
		Deny ALL
	</Limit>

	<Limit READ RMD DELE>
      	DenyAll
    	</Limit>

    	<Limit STOR CWD MKD>
      	AllowAll
    	</Limit>
</Directory>
Note - user2 will see the download directory but will not be able to enter the directory.

That's all


Misc
Best Common Practices - Everyone should read this
http://www.castaglia.org/proftpd/doc...HOWTO-BCP.html

ProftpTools 1.0.1
ProftpTools is a script I wrote thanks to swoop's feedback. This script allow you to start/stop proftpd, mount/unmount auto/manually directories, show your IP, ... and all of that with a GUI in order to use proftpd in a really easy way !
To install ProftpTools, download ProftpTools-v1.0.2.tar.gz (at the bottom of the page) if the wget command don't work and untar it where you want and then move the ProftpTools file in /usr/bin :
Code:
wget http://frodubuntu.free.fr/ubuntu/ProftpTools-v1.0.2.tar.gz
tar -xzvf ProftpTools-v1.0.2.tar.gz
cd ProftpTools-v1.0.2/
sudo mv ProftpTools /usr/bin/
Then add these lines in your .bashrc (it's in your home directory : gedit /home/username/.bashrc) file in order to specify what is the ProftpTools directory path, YOU MUST REMOVE THE "/" CHARACTER at the end of the path. I give you an exemple if your ProftpTools directory is in your home directory :
Code:
ProftpTools_dir=/home/username/ProftpTools-v1.0.2
export ProftpTools_dir
Now all you have to do is to type ProftpTools in a terminal and .... enjoy
You need zenity installed to use this script.

Don't hesitate to post in this thread or send me PM to report bugs, ask new features, correct my english, suggest improvement and thank you to give me feedback about this tool.

useful trick :
This trick is integrated in ProftpTools.
If you don't want (like me ) to use space in your /home directory, and use space on another hard drive, or if you just want to share a directory from another partition ... you can mount the directory you want in your download or upload directory without changing anything in proftpd.conf file, use these commands :
Code:
sudo mount -o bind the_directory_you_want_to_share /home/FTP-shared/download
or
sudo mount -o bind the_directory_you_want_to_use_for_upload /home/FTP-shared/upload
This command will not overwrite the directory, the idea is just to mount a directory in another one without overwritng anything, so when someone will log in your server he will see and use the mounted directory if you have mounted one. To unmout a directory (download directory for exemple):
Code:
sudo umount /home/FTP-shared/download
Permanent mount :
If you don't want to re-mount your directories after a reboot you can add a line in fstab file like that (sudo gedit /etc/fstab to open the file) :
Code:
the_directory_to_mount /home/FTP-shared/download vfat bind 0 0
thanks reet

If you want to create other directories in FTP-shared, think to add it in proftpd.conf file.
Don't hesitate to test yourself your server using gFTP for exemple, it's really helpful to debug your server.

Other stuff
If you have a router you should read that, it describe the 2 commands to add in proftpd.conf and why.
If you have a dynamic DNS have a look here, you can also use ddclient(maybe easier for newbies).
Most of informations you're looking for are here
To get more debug informations : http://www.proftpd.org/localsite/Use...ked/x1058.html
You can specify a specific passive port range using PassivePorts command, it's very useful when you use a firewall in order to know which ports to allow.

For those who have a firewall/router i advice to read this excelent post from mssm

Thanks for feedback, and sorry if my english is sometimes really bad

Don't hesitate to post questions about proftpd in this thread.

Answers: HOWTO Create FTP server user access proftpd ( Ubuntu Forums Tutorials Tips )
HOWTO Create FTP server user access proftpd

As i explained several post ago this error don't prevent the good work of the FTP server, it is just that you don't use ipv6.
I think you will find some useful posts in this thread and for sure in the forum if you want to remove this error message.

frodon

HOWTO Create FTP server user access proftpd

ok and if I want to use the GUI, how can I start it, because now I want to create users?

sorry for all this questions, i'm very new to ubuntu.


thx again,

r0ot5

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by r0ot5
ok and if I want to use the GUI, how can I start it, because now I want to create users?

sorry for all this questions, i'm very new to ubuntu.


thx again,
sudo apt-get install gproftp

this will install the GUI version of proftp. However if you just want to simply add another user i don't think you need the GUI to do so....

if you want to learn Ubuntu, command line is the only way to go in my opinion anwyays, i'm still very unfamiliar with linux but i can say one thing i've learned alot more by punching out commands as i would of done by doing everythign thru GUI

guilly

HOWTO Create FTP server user access proftpd

Alright, so using the default port 21 I was able to get to work the FTP server once I opened up the port in my DI-604 Virtual Server list (public 21, private 21, ip - internal IP). But unfortunately(?) I have to use my external IP to connect.

Is using my external IP and port 21 to login a bad thing?

Does anyone else who has a DI-604 know how to use a different port and set up proftpd to work with the DI-604 settings?

Thanks

trenog

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by frodon
Why such a need ? It makes your computer more secure to require root rights to run or modify services
Basic security. Any service running as root is really dangerous. Its best to run it as a user with specific access rights so that critical access permissions are always followed.

anpk

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by anpk
Basic security. Any service running as root is really dangerous. Its best to run it as a user with specific access rights so that critical access permissions are always followed.
Yes but anyone would be able to gain access easily and configure the FTP server to share other directories.
Anyway i think it would be good to ask this question in the proftpd forum, im' curious to know what the proftpd experts think of the question :
http://forums.proftpd.org/smf/

If you have any interesting feedback about this in the proftpd forum please share it with us

frodon

HOWTO Create FTP server user access proftpd

this password 530 error, how do I fix it?
No, I can't use the GUI way because this is on a server without GUI, I'm just using SSH + terminal to update things.

I'm adding the users with aliases and everything. The thing is that when I installed the server I added users without any problems, but if I try to change password or add users now it doesn't work

Poka64

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by Poka64
this password 530 error, how do I fix it?
No, I can't use the GUI way because this is on a server without GUI, I'm just using SSH + terminal to update things.

I'm adding the users with aliases and everything. The thing is that when I installed the server I added users without any problems, but if I try to change password or add users now it doesn't work
THe 530 error is in general a problem with the user creation and especially the password so in general resetting the password solve the problem.

It is stange that you can't change the password however, it is not supposed to behave like that.

frodon

HOWTO Create FTP server user access proftpd

yes, It's very strange, can't add user or change password for current users.

The thing is, the user can login through bash but they get dissconnected because I set /bin/false

Poka64

HOWTO Create FTP server user access proftpd

noob questions: how can i access to my FTP

when i write ftp://69.70.242.31/ or ftp://69.70.242.31/FTP-shared/ i get unable to connect to host

i did open a port on my router like that:
http://img381.imageshack.us/img381/1421/captureqw9.png

but i dont know if it is the right way, my local ip is 192.168.1.100 and my ip is 69.70.242.31 according to my router

ProFTP is running

EDIT: I can connect locally (127.0.0.1)

Elv13

HOWTO Create FTP server user access proftpd

either you have a firewall rules on your Ubuntu machine, check with
sudo iptables -L
or you didn't forward the correct port? Plus if you have a router/firewall between you and the cable modem or dls connection, you need to be using passive mode I believe. There's always issues for newbies trying to get it to work thru a hardware firewall. You need to read the links at the bottom of the guide about opening up all ports from 1025 to 65535 or whatever it says, then adding a passive line within proftpd.conf. Just read the bottom of the guide where it talks about being behind a router. The problem is that the connection is done thru port 21 but I think the data connection is done on ports above 1024 so it doesn't work because you don't have those higher ports open (something along those lines). Also, I just ran nmap on your external ip address and it does NOT show port 21 open just so you know so you can't have forwarded port 21 on your router to your internal ip's address port 21. Also, what does this command return:
netstat -pant
you should be able to see something like 0.0.0.0:21, that means that your ftp server is listening on the external interface and not just to localhost. Good luck.

dannyboy79

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by frodon
Yes but anyone would be able to gain access easily and configure the FTP server to share other directories.
Anyway i think it would be good to ask this question in the proftpd forum, im' curious to know what the proftpd experts think of the question :
http://forums.proftpd.org/smf/

If you have any interesting feedback about this in the proftpd forum please share it with us
Thanks frodon for your prompt replies . I've posted to the proftpd forums, hopefully someone else has tried it before

anpk

HOWTO Create FTP server user access proftpd

Thanks everybody for this valuable information ....

salehid

HOWTO Create FTP server user access proftpd

Hey guys...
I have been trying to get this to work but the only thing that I get when I give the start comand is a "FAIL"

This is my conf file:

HTML Code:
# To really apply changes reload proftpd after modifications.
AllowOverwrite on
AuthAliasOnly on

# Choose here the user alias you want !!!!
UserAlias jose userftp

ServerName			"Monark"
ServerType 			standalone
DeferWelcome			on

MultilineRFC2228 on
DefaultServer			on
ShowSymlinks			off

TimeoutNoTransfer 600
TimeoutStalled 100
TimeoutIdle 2200

DisplayFirstChdir               .message
ListOptions                	"-l"

RequireValidShell 		off

TimeoutLogin 20

RootLogin 			off

# It's better for debug to create log files ;-)
ExtendedLog 			/var/log/ftp.log
TransferLog 			/var/log/xferlog
SystemLog			/var/log/syslog.log

#DenyFilter			\*.*/

# I don't choose to use /etc/ftpusers file (set inside the users you want to ban, not useful for me)
UseFtpUsers off

# Allow to restart a download
AllowStoreRestart		on

# Port 21 is the standard FTP port, so you may prefer to use another port for security reasons (choose here the port you want)
Port				1980

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 8

# Set the user and group that the server normally runs at.
User                  nobody
Group                 nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask				022	022

PersistentPasswd		off

MaxClients 8
MaxClientsPerHost 8
MaxClientsPerUser 8
MaxHostsPerUser 8

# Display a message after a successful login
AccessGrantMsg "welcome !!!"
# This message is displayed for each access good or not
ServerIdent                  on       "you're at home"

# Set /home/FTP-shared directory as home directory
DefaultRoot /home/FTP-shared

# Lock all the users in home directory, ***** really important *****
DefaultRoot ~

MaxLoginAttempts    5

#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
DenyALL
</Limit>

<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
	<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
	DenyAll
	</Limit>
</Directory>

<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
	<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
	DenyAll
	</Limit>
</Directory>

<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
	<Limit READ RMD DELE>
      	DenyAll
    	</Limit>

    	<Limit STOR CWD MKD>
      	AllowAll
    	</Limit>
</Directory>
And this is when I run -td5:

HTML Code:
monark@monark-desktop:/home/FTP-shared$ sudo proftpd -td5
Checking syntax of configuration file
 - mod_ctrls/0.9.4: binding ctrls socket to '/var/run/proftpd/proftpd.sock'
 - parsing '/etc/proftpd/proftpd.conf' configuration
 - <Directory /home/FTP-shared>: deferring resolution of path
 - <Directory /home/FTP-shared/download/*>: deferring resolution of path
 - <Directory /home/FTP-shared/upload/>: deferring resolution of path
 - IPv6 getaddrinfo 'monark-desktop' error: No address associated with hostname
monark-desktop - 
monark-desktop - Config for Monark:
monark-desktop - /home/FTP-shared/upload/
monark-desktop -  Limit
monark-desktop -   AllowAll
monark-desktop -  Limit
monark-desktop -   DenyAll
monark-desktop -  Umask
monark-desktop -  DirUmask
monark-desktop -  AllowOverwrite
monark-desktop -  AuthAliasOnly
monark-desktop -  UserAlias
monark-desktop -  ShowSymlinks
monark-desktop -  DisplayFirstChdir
monark-desktop -  ListOptions
monark-desktop -  RequireValidShell
monark-desktop -  RootLogin
monark-desktop -  TransferLog
monark-desktop -  UseFtpUsers
monark-desktop -  AllowStoreRestart
monark-desktop -  MaxClients
monark-desktop -  MaxClientsPerHost
monark-desktop -  MaxClientsPerUser
monark-desktop -  MaxHostsPerUser
monark-desktop -  AccessGrantMsg
monark-desktop - /home/FTP-shared/download/*
monark-desktop -  Limit
monark-desktop -   DenyAll
monark-desktop -  Umask
monark-desktop -  DirUmask
monark-desktop -  AllowOverwrite
monark-desktop -  AuthAliasOnly
monark-desktop -  UserAlias
monark-desktop -  ShowSymlinks
monark-desktop -  DisplayFirstChdir
monark-desktop -  ListOptions
monark-desktop -  RequireValidShell
monark-desktop -  RootLogin
monark-desktop -  TransferLog
monark-desktop -  UseFtpUsers
monark-desktop -  AllowStoreRestart
monark-desktop -  MaxClients
monark-desktop -  MaxClientsPerHost
monark-desktop -  MaxClientsPerUser
monark-desktop -  MaxHostsPerUser
monark-desktop -  AccessGrantMsg
monark-desktop - /home/FTP-shared
monark-desktop -  Limit
monark-desktop -   DenyAll
monark-desktop -  Umask
monark-desktop -  DirUmask
monark-desktop -  AllowOverwrite
monark-desktop -  AuthAliasOnly
monark-desktop -  UserAlias
monark-desktop -  ShowSymlinks
monark-desktop -  DisplayFirstChdir
monark-desktop -  ListOptions
monark-desktop -  RequireValidShell
monark-desktop -  RootLogin
monark-desktop -  TransferLog
monark-desktop -  UseFtpUsers
monark-desktop -  AllowStoreRestart
monark-desktop -  MaxClients
monark-desktop -  MaxClientsPerHost
monark-desktop -  MaxClientsPerUser
monark-desktop -  MaxHostsPerUser
monark-desktop -  AccessGrantMsg
monark-desktop - Limit
monark-desktop -  AllowUser
monark-desktop -  DenyAll
monark-desktop - AllowOverwrite
monark-desktop - AuthAliasOnly
monark-desktop - UserAlias
monark-desktop - DeferWelcome
monark-desktop - DefaultServer
monark-desktop - ShowSymlinks
monark-desktop - TimeoutNoTransfer
monark-desktop - TimeoutStalled
monark-desktop - TimeoutIdle
monark-desktop - DisplayFirstChdir
monark-desktop - ListOptions
monark-desktop - RequireValidShell
monark-desktop - TimeoutLogin
monark-desktop - RootLogin
monark-desktop - ExtendedLog
monark-desktop - TransferLog
monark-desktop - UseFtpUsers
monark-desktop - AllowStoreRestart
monark-desktop - UserID
monark-desktop - UserName
monark-desktop - GroupID
monark-desktop - GroupName
monark-desktop - Umask
monark-desktop - DirUmask
monark-desktop - MaxClients
monark-desktop - MaxClientsPerHost
monark-desktop - MaxClientsPerUser
monark-desktop - MaxHostsPerUser
monark-desktop - AccessGrantMsg
monark-desktop - ServerIdent
monark-desktop - DefaultRoot
monark-desktop - DefaultRoot
monark-desktop - MaxLoginAttempts
monark-desktop - mod_ctrls/0.9.4: binding ctrls socket to '/var/run/proftpd/proftpd.sock'
Syntax check complete.
monark@monark-desktop:/home/FTP-shared$ 
Please any help I would like to get this to work so I will not get frustated...

JOWIROMA

HOWTO Create FTP server user access proftpd

As i repeat every 3 or 4 posts (read the thread you will see more than 10 posts about this) the Ipv6 error don't prevent the FTP server to work so you can just ignore it, if you can't ignore this error message do as following :
http://ubuntuforums.org/showthread.p...68#post2295568

frodon

HOWTO Create FTP server user access proftpd

HTML Code:
As i repeat every 3 or 4 posts (read the thread you will see more than 10 posts about this) the Ipv6 error don't prevent the FTP server to work so you can just ignore it, if you can't ignore this error message do as following :
http://ubuntuforums.org/showthread.p...68#post2295568
Yeah frodon I already ignored the error but what would be the cause of my problem???
when I put the start comand it just goes:
HTML Code:
starting proftpd server                                                             [FAIL]
Could you be so kind to show me a way to find a debug log for this or is there anything else I would have to look into??

please help me.....

thanks anyways for replying.

What a better place to look for help that your "UBUNTU FORUMS"

JOWIROMA

HOWTO Create FTP server user access proftpd

If your server fail to start then you may have another problem, anyway first fix your Ipv6 hostname so we will be sure that it don't create problems on your computer.
As i said you can ignore the Ipv6 error except if you are using Ipv6 adresses.

So do as explained here (replace bohdan-ubuntu by monark-desktop in your case):
http://ubuntuforums.org/showpost.php...68&postcount=2

Then restart your server and post back here the errors log if your server still fail to start.

frodon

HOWTO Create FTP server user access proftpd

HTML Code:
If your server fail to start then you may have another problem, anyway first fix your Ipv6 hostname so we will be sure that it don't create problems on your computer.
As i said you can ignore the Ipv6 error except if you are using Ipv6 adresses.

So do as explained here (replace bohdan-ubuntu by monark-desktop in your case):
http://ubuntuforums.org/showpost.php...68&postcount=2

Then restart your server and post back here the errors log if your server still fail to start.
Pardon my ignorance but where would i find the "error log"
or I just have to run -5td again and just see what it says???

Thank you so much fur your help... and time... and patience...

JOWIROMA

HOWTO Create FTP server user access proftpd

Just restart the server using a terminal, error messages should appear in the terminal if the server fail to start.
You can also run the proftpd -td5 command, it will give some more infos.

frodon

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by Palcrypt
Ok, so I got the ftp set up to work. I decided I wanted the ftps to work. The problem is that I am behind a firewall on my router. proftpd's website says this is because with the encrypted credentials the router gets confused with somethings. It says the solution is to set:

TLSRequired auth+data
instead of
TLSRequired off

The problem is when I do that (or just set it to auth) when I restart the server I get this error:
- Fatal: TLSRequired: bad parameter on line 95 of '/etc/proftpd/proftpd.conf'

auth and auth+data are supposed to be valid parameters for TLSRequired. Any suggestions?
just noticed that the problem is that apt-get of proftpd only installs version 1.3.0 and the auth+data parameters are only handled in 1.3.1. I tried doing a manual build and install of the newest version, but still had issues. Looks like no SSL for me.

Palcrypt

HOWTO Create FTP server user access proftpd

Ok, I'm still having 530 issues. I also cannot connect from my wifi-connected laptop within the network, so it's not a modem problem, and I don't think it's the router. I'm thinking it's either a configuration problem (I have checked the folder permissions) or a firewall problem somewhere. I understand that ubuntu has a built-in firewall somewhere? How can I check up on this and see if it's the issue? I'm going to try switching from port 1980 to port 21 but I'm not sure if that will help. When I do localhost it says that the Connection is refused, so I don't think I'm even getting in. Any clues?

-Dan

dbsoundman

HOWTO Create FTP server user access proftpd

Hi, i followed the guide using the gproftpd set up. I have been having issues setting it up so that i can get to more than one directory with a single user.

offramp13

HOWTO Create FTP server user access proftpd

how do I open up the FTP server?

Deviltongue

HOWTO Create FTP server user access proftpd

very nice howto thanks

linux noooob

HOWTO Create FTP server user access proftpd

i have set up my domain name and it goes strait to my router how do i make it all forward to my server?

linux noooob

HOWTO Create FTP server user access proftpd

Hello

I used your Guide, Im currrently on Ubuntu Gutsy Gibbon. Created the directory /home/FTP-shared with the two download and upload subdirectories. The ftp works fine, tested it out on the LAN with filezilla.

Now I wanted to share my NTFS partition in the download folder so i used the code u posted which said something like

Code:
sudo mount -o /media/sda5 /home/FTP-shared/download
i restarted the FTP server and tried logging in with my ftp client. I can connect fine into the server but when i try to open the download directory it says

Code:
Error : 550. Permission Denied.
Please advise.

Much appreciated.
G.Mathews

Georgie.Mathews

HOWTO Create FTP server user access proftpd

The problem with NTFS is that it doesn't support unix rights system therefore the rights on it depends only on how you mounted the drive.
Keep in mind that when you mount a directory into another one it will have the rights of the source directory (here your NTFS directory).
So check the rights of the directory you are trying to mount, if they are not at minimum 755 then you have the cause of your issue.

frodon

HOWTO Create FTP server user access proftpd

I had proftpd working on 5.10, and I just removed that installation and installed 7.10. Copied over my .conf file from the old configuration, and I get the following message when attempting to restart the service.

* Stopping ftp server proftpd [ OK ]
* Starting ftp server proftpd - IPv6 getaddrinfo 'basement' error: No address associated with hostname
[ OK ]

I am thinking it has something to do with /etc/hosts or an ip route table. Any thoughts????

This guide is awesome, and was very helpful when I set the ftp server up on 5.10, I am going to take notes this time, so I don't forget all the places I have to touch.

Thanks,

Rob

splendid

HOWTO Create FTP server user access proftpd

You will find the answer in previous posts in the thread, start a search on this thread using the "Search this thread" button under the poll with ipv6 as key word and you will find the posts which contain the fix.
Anyway this error message is not important if you don't use IPV6, so if you use srtandard IPV4 you can ignore it.

frodon

HOWTO Create FTP server user access proftpd

it seems masqueradeaddress is required if outside people are to access the server.. however.. using masqueradeaddress I cant seem to be able to access the server from the inside.. or at least not from the PC that the server is running on.. I've had a few friends try accessing it from the outside with success..

another thing I was wondering.. why is it when I enter the URL I setup on dyndns into say firefox, it tries to access my router? will setting up a web server and redirecting port 80 to the web server make it so that the URL will open up a webpage on the web server instead of the router? just for the record.. I got this router from NTT.. think it's called a Web Caster V110.. oh yes.. I live in Japan..

dzul1983

HOWTO Create FTP server user access proftpd

I'm using version 6.10

I'm also having another issue, I can log onto the server with no prolbems from within the network but when I try it externally I get

"No connection could be made because the target machine actively refused it "

Thanks for all the help.

espo100583

HOWTO Create FTP server user access proftpd

So try to re-install proftpd because you should have this directory if you use ubuntu edgy eft. For your second problem this is surely related to your firewall.

frodon

HOWTO Create FTP server user access proftpd

i was wondering if some one might be able to help me.

i have proftpd get up and its running. but i need to add some users.
the usernames:
patrick ftphome: /home/patrick/
dstamp ftphome: /home/dstamp/
var-user ftphome: /var/www/
and they need full controll. how would i do this as im normlly do it in gproftpd but i have gone full command prompt so no gui.

many thanks
patrick king

patty522

HOWTO Create FTP server user access proftpd

Just take example of the proftpd.conf in the first post and make some tests, the upload directory is a good example for you because it gives full rights.

frodon

HOWTO Create FTP server user access proftpd

Hi,

I've tried to reinstall proftpd but it still has not created the dir/ file you mentioned.

I'm guessing this could be down to my cource file so here is a copy of it, I got this from a link on this thread to another post which recomended this source list. I have a backup of the source list I had on install but it couldn't find proftpd when I trie apt-get.

Code:
deb http://archive.ubuntu.com/ubuntu breezy main restricted
deb-src http://archive.ubuntu.com/ubuntu breezy main restricted

## Major bug fix updates produced after the final release of the
## distribution.
deb http://archive.ubuntu.com/ubuntu breezy-updates main restricted
deb-src http://archive.ubuntu.com/ubuntu breezy-updates main restricted

## Uncomment the following two lines to add software from the 'universe'
## repository.
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## universe WILL NOT receive any review or updates from the Ubuntu security
## team

deb http://archive.ubuntu.com/ubuntu breezy universe multiverse
deb-src http://archive.ubuntu.com/ubuntu breezy universe multiverse

## Security Updates
deb http://security.ubuntu.com/ubuntu breezy-security main restricted
deb-src http://security.ubuntu.com/ubuntu breezy-security main restricted

deb http://security.ubuntu.com/ubuntu breezy-security universe multiverse
deb-src http://security.ubuntu.com/ubuntu breezy-security universe multiverse

## official backports
deb http://archive.ubuntu.com/ubuntu breezy-backports main restricted universe multiverse

# If you get errors about missing keys follow these command's :
# gpg --keyserver subkeys.pgp.net --recv 33BAC1B3
# gpg --export --armor 33BAC1B3 | sudo apt-key add -
#
# Cipherfunk multimedia packages (packages, GPG key: 33BAC1B3)
deb ftp://cipherfunk.org/pub/packages/ubuntu/ breezy main

## plf primary repo
## http 100mbit/s mirror provided thanks to OVH http://ovh.com
deb http://packages.freecontrib.org/ubuntu/plf/ breezy free non-free
deb-src http://packages.freecontrib.org/ubuntu/plf/ breezy free non-free

## plf mirror. use if primary repo is offline
## FTP mirror from http://free.fr (french ISP)
## deb ftp://ftp.free.fr/pub/Distributions_Linux/plf/ubuntu/plf/ breezy free non-free
## deb-src ftp://ftp.free.fr/pub/Distributions_Linux/plf/ubuntu/plf/ breezy free non-free

##
## Use the following repos ONLY if you need them.
## To use one remove the "##"  from the line that starts with "## deb".
##

## official wine apt repository
##deb http://wine.budgetdedicated.com/apt breezy main
##deb-src http://wine.budgetdedicated.com/apt breezy main


## opera web browser
## deb http://deb.opera.com/opera/ etch non-free

## Oo2 final - you can optionally use this one until OOo2 final arrives in backports
## deb http://people.ubuntu.com/~doko/OOo2 ./

## skype
## deb http://download.skype.com/linux/repos/debian/ stable non-free
Thanks for the help.

espo100583

HOWTO Create FTP server user access proftpd

From what i see you are using ubuntu breezy 5.10 and not ubuntu edgy 6.10 or you are using a wrong source.list file.
If you are really using ubuntu edgy you should have the 2.6.17.11 kernel, the command "uname -a" will give you your kernel version.

frodon

HOWTO Create FTP server user access proftpd

I have ran the command and got this

Linux WBSRV01 2.6.17-11-generic #2 SMP Thu Feb 1 19:52:28 UTC 2007 i686 GNU/Linux

I have the original source list if I need to revert back to this, but I'm guessing I will need to add some sources to enable me to get proftpd using apt as when I first tried it with th original source the package could not be found.

Thanks
Phil

espo100583

HOWTO Create FTP server user access proftpd

Yep your source.list is really wrong, replace all the words "breezy" by "edgy" and it should be good.

frodon

HOWTO Create FTP server user access proftpd

ok i'm pretty much a complete noob to linux
but i instaled GproftpD and when i try to run it it tells me i have to run it as a root (the window will close in 10 secs) wth does that mean and how do i run it as root?

progrockusa

HOWTO Create FTP server user access proftpd

Real nice, thanks. gproftpd really helped me. I've been looking for something as good as bulletproof, and this is good enough for me.

Orunitia

HOWTO Create FTP server user access proftpd

Password incorrect, all the time.

I've followed the steps exactly.

Looking up localhost
Trying localhost.localdomain:1980
Connected to localhost:1980
220 you're at home
USER sauron

331 Password required for sauron.
PASS xxxx
530 Login incorrect.
Disconnecting from site localhost

Stormx

HOWTO Create FTP server user access proftpd

Is there any way to make it so that I can let the people logging in put their name for the username, and just have a set password?

Orunitia

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by Stormx
Password incorrect, all the time.

I've followed the steps exactly.

Looking up localhost
Trying localhost.localdomain:1980
Connected to localhost:1980
220 you're at home
USER sauron

331 Password required for sauron.
PASS xxxx
530 Login incorrect.
Disconnecting from site localhost
Re-create your user with the GUI if you used the command line to create it and check that the name of the directories you use for the FTP server are good in your system and in your config file, the 530 error is just a small configuration problem (wrong path names, password issues, ...). Don't forget to have a look in the hoary thread which contain a lot of support (link at the top of the first post).

frodon

HOWTO Create FTP server user access proftpd

Great Howto....I've using it for months. I installed gproftpd about a month ago and everything was fine...good for easy admin of the server. Then, all the sudden (noticed it after installing 3ddesk, which i've since removed), gproftpd started segmentation faulting when running it as root. I can run it as a user but that does me little good -- understandandably, you cant do much as a user. I uninstalled everything, wrote a new config file, tried changing theme info for root (its caused problems before), but i cant get it to run as root again. Wierdness...anyone got any ideas? I'm stumped....

Thanks,

Mak

makisupa123

HOWTO Create FTP server user access proftpd

I get this error when I try to connect the server.

Code:
 - getaddrinfo 'ftp://guldkant.mine.nu' error: Name or service not known
 - Fatal: Bind: : unable to resolve "ftp://guldkant.mine.nu" on line 6 of '/etc/proftpd.conf'
what have I done wrong?

Murmeldjuret

HOWTO Create FTP server user access proftpd

Could you post your proftpd.conf file ?

It sounds like a domain name problem.

frodon

HOWTO Create FTP server user access proftpd

Frodon, I would like to add myself as an ftp user who can browse all directories. What should I do? Thanks in advance

mssm

HOWTO Create FTP server user access proftpd

Well, all the security of this guide is based on the FTP-shared directory because all is lock in this directory and therefore you're sure that nobody will go outside this directory.
There are different ways to do that. What i would do if i was you is to add your user or create a new one (maybe better because you will not use you user password which may be the same one than you use for sudo ... up to you).
So just add a line for your user :
Code:
#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
AllowUser Your_user
DenyALL
</Limit>
Create a directory under FTP-shared called my_root for exemple and give it the good rights (755 for a download only directory and 777 for a download/upload directory).
Then add a section at the end of the file like that for a download only directory :
Code:
<Directory /home/FTP-shared/my_root/*>
Umask 022 022
AllowOverwrite off
       <Limit ALL>
		Order Allow,Deny
		AllowUser your_user
		Deny ALL
	</Limit>
	<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
	DenyAll
	</Limit>
</Directory>
All the ftp users will see this directory but they won't be able to list or access it.
Then all you have to do is to mount in this directory the directory or the partition you want, there's some explainations on how to do it at the end of the guide (you could add a line in fstab if you want to do it on startup).

frodon

HOWTO Create FTP server user access proftpd

ServerType standalone
DefaultServer on
Umask 022
ServerName "ftp://guldkant.mine.nu"
ServerIdent on "guldkant"
Bind "ftp://guldkant.mine.nu"
ServerAdmin xxxxxxx@hotmail.com
IdentLookups off
UseReverseDNS off
Port 22
PassivePorts 49152 65534
#MasqueradeAddress None
TimesGMT off
MaxInstances 30
MaxLoginAttempts 3
TimeoutLogin 300
TimeoutNoTransfer 120
TimeoutIdle 120
User oscar
Group nobody
DirFakeUser off nobody
DirFakeGroup off nobody
DefaultTransferMode binary
AllowForeignAddress on
AllowRetrieveRestart on

Murmeldjuret

HOWTO Create FTP server user access proftpd

HTML Code:
Just restart the server using a terminal, error messages should appear in the terminal if the server fail to start.
You can also run the proftpd -td5 command, it will give some more infos.
Thanks man, I will try that tonight and I will post back to let you know how it goes....

JOWIROMA

HOWTO Create FTP server user access proftpd

Hey Frodon!!!!

I got it working, I got rid of the ipv6 error and and my problem was that I did not read carefully your How To,
I just went through the tutorial again just to check that all the settings where fine and I found that I created the ftp user wrong and then when I got it running I got the 530 error but it is fixed now, and I even got it working with my dyndns.org account. Now my cousin in San Francisco can get into my FTP server and browse through the folders and I will have look into the encrypting (is this really necesary?) . Man this is great... The only thing now is to see if I can get it to upload faster, my cousin was getting a download rate of 40 kb/s, it would be great if there would be a way to speed this up a bit...
If anybody knows llet me know...

Thanks anyway...

(I will post back if I got any problem)

JOWIROMA

HOWTO Create FTP server user access proftpd

The upload speed depend of your connection, by default the FTP server will use all the upload bandwidth availables o maybe it is just that your connection can't do more.
About encryption, it's easy to set up and it increases the security because the basic FTP protocol transfer the username and password in plain text so if someone is listening your traffic he will get easily your FTP password and username.
When you set encryption all is encrypted including your username and password so can live in peace

frodon

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by JOWIROMA
Hey Frodon!!!!

I got it working, I got rid of the ipv6 error and and my problem was that I did not read carefully your How To,
I just went through the tutorial again just to check that all the settings where fine and I found that I created the ftp user wrong and then when I got it running I got the 530 error but it is fixed now, and I even got it working with my dyndns.org account. Now my cousin in San Francisco can get into my FTP server and browse through the folders and I will have look into the encrypting (is this really necesary?) . Man this is great... The only thing now is to see if I can get it to upload faster, my cousin was getting a download rate of 40 kb/s, it would be great if there would be a way to speed this up a bit...
If anybody knows llet me know...

Thanks anyway...

(I will post back if I got any problem)
I never could get the SSL encryption working. What I do is just use ssh tunnels for all my over the internet stuff like vnc and mythweb access. and for transferring files, I use WinSCP, it's free for Windows. You can also use any ftp client that has SFTP option. It'll use the ssh encrypted connection to transfer files back and forth. BUT, keep in mind that your ssh server makes your friend have access to your ENTIRE computer so hopefully he knows not to just move or delete stuff. There may even be a way to "block" off certain folder but most likely not. You'll need ssh server running on your Ubuntu machine, I set mine up with RSA Keys, then I just open port 22 on my router, then I use any ssh client to connect.

As far as how fast your friend downloads, I have that same problem! I have great download but horrible upload, so he is restricted to how ever fast your upload connection is. I am guessing it's around 320 Kilobits per second which equates to the 40 kilobytes that your friend is downloading at. Remember, kilobit is NOT the same as what files are stored in, Kilobytes or megabytes. The conversion is APPROX .125 to 1.

dannyboy79

HOWTO Create FTP server user access proftpd

Well, I will try to put the encrypting and I will post back to tell how it goes...

JOWIROMA

HOWTO Create FTP server user access proftpd

BTW dannyboy79, what was your problem with TLS encryption, the certificate creation ?

frodon

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by frodon
Yes but anyone would be able to gain access easily and configure the FTP server to share other directories.
Anyway i think it would be good to ask this question in the proftpd forum, im' curious to know what the proftpd experts think of the question :
http://forums.proftpd.org/smf/

If you have any interesting feedback about this in the proftpd forum please share it with us
For others who want to run proftpd as non root, please follow this article

http://www.castaglia.org/proftpd/doc...O-Nonroot.html

Mods: This might be a good link to be put on its own as a sticky post for others who might find it useful. I'll leave it to your best judgement.

anpk

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by frodon
BTW dannyboy79, what was your problem with TLS encryption, the certificate creation ?
it was with actually connecting. The cert creation worked fine. I could never connect with Filezilla, FireFTP, or Gftp. I even tried every different version of encryption I could like TLSv1 SSL or whatever all the options are within each of the clients. I also could never tell if my server was actually using the TLS enryption.

dannyboy79

HOWTO Create FTP server user access proftpd

I'm wondering how many users had this problem as well, i suppose you tried the FTPES option in filezilla (this is the option i use on my box) ...
Did you find any other users on the proftpd forum with this issue ?

frodon

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by frodon
I'm wondering how many users had this problem as well, i suppose you tried the FTPES option in filezilla (this is the option i use on my box) ...
Did you find any other users on the proftpd forum with this issue ?
this was long ago, I spent days reviewing the proftpd forums trying to get my proftpd server working thru inited (or whatever the opposite of standalone was) along with encryption but never got it to work. No, I don't believe I did try that within Filezilla. I don't even use an ftp server anymore on my Ubuntu box. Since I am the only person wtih access I don't need to struggle with the setting up users, folders, access etc etc.

I just setup ssh with public/private key pairs with passphrase and use winscp from windows and or gftp (sftp) thru Ubuntu and instead of only having access to certain folders, I have access to everything. I would like to learn how to do it properly but right now I just don't have the time, I have plenty going on.

dannyboy79

HOWTO Create FTP server user access proftpd

I have read through the very helpful guide and the posts and have managed to get my FTP server up and running. I have run into a bit of a problem though that I am hoping someone may be able to help me with.

Here is the situation, I also have a Ubuntu server running with proftpd running. I have a NAS that has a few directories that get backed up from my various other systems. I have mounted a few of these to directories within my ftp-shared directory. The problem is that there are a couple directories that I don't want to be available via ftp. To complicate things more these directories have spaces.

So I tried this:
Code:
<Directory /home/ftp-shared/backup/My Photos/>
        <Limit ALL>
                Deny ALL
        </Limit>
</Directory>
and this:
Code:
<Directory /home/ftp-shared/backup/My\ Photos/>
        <Limit ALL>
                Deny ALL
        </Limit>
</Directory>
But neither work. Any ideas? Thank you in advance.

SeanCM

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by SeanCM
I have read through the very helpful guide and the posts and have managed to get my FTP server up and running. I have run into a bit of a problem though that I am hoping someone may be able to help me with.

Here is the situation, I also have a Ubuntu server running with proftpd running. I have a NAS that has a few directories that get backed up from my various other systems. I have mounted a few of these to directories within my ftp-shared directory. The problem is that there are a couple directories that I don't want to be available via ftp. To complicate things more these directories have spaces.

So I tried this:
Code:
<Directory /home/ftp-shared/backup/My Photos/>
        <Limit ALL>
                Deny ALL
        </Limit>
</Directory>
and this:
Code:
<Directory /home/ftp-shared/backup/My\ Photos/>
        <Limit ALL>
                Deny ALL
        </Limit>
</Directory>
But neither work. Any ideas? Thank you in advance.
the folders are still showing up you're saying? also, you didn't specify the commands that are deny all for since you're using the limit option? try the hidenoaccess, you can read all about configuring proftpd here: http://chronos.cs.msu.su/proftpd/Con...l#HideNoAccess

dannyboy79

HOWTO Create FTP server user access proftpd

Thanks for the suggestion I tried this:

Code:
<Directory /home/ftp-shared/backup/My\ Photos/>
   Umask 022 022
   AllowOverwrite off
   HideNoAccess on
   <Limit ALL>
      Order Deny,Allow
      Deny ALL
   </Limit>
   <Limit CWD>
      Order Deny,Allow
      Deny ALL
   </Limit>
</Directory>
Yet I can still see the directory when I ftp in. I have tried lots of other combinations too. Then I got the idea of trying with a directory that did not have a space in it and sure enough it worked. So the problem is the space. Is there anyway to get proftpd to take that into account? I can not easily remove the space as it would mess other things up.

Thank you in advance.

Sean

SeanCM

HOWTO Create FTP server user access proftpd

I found this within 1 minute via google.

If the name of the directory contains spaces, you should enclose the entire directory name in quotations, e.g.:

<Directory "/path/to/My Directory">

dannyboy79

HOWTO Create FTP server user access proftpd

Thanks for the info. On my search through google I only got 5 hits back and none of them were about what I wanted. I guess I was too specific in my search. Thanks again.

Sean

SeanCM

HOWTO Create FTP server user access proftpd

I have done what it says in the How to, but I cant login. The client tells me that I'm using either a wrong password or login. What should I do?

Leonin

HOWTO Create FTP server user access proftpd

You should try to reset your password and see if you stil have the problem.

frodon

HOWTO Create FTP server user access proftpd

I still have the problem after a password restart.

Leonin

HOWTO Create FTP server user access proftpd

ok, could you post your config file and the error log you get with your FTP client, don't forget to give some details about your configuration (firewall, router , ..).

frodon

HOWTO Create FTP server user access proftpd

I'm getting the 530 error and I can't figure out what the issue is... below is my .conf file:

# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
UserAlias Nick userftp
AuthAliasOnly on

# Includes DSO modules
Include /etc/proftpd/modules.conf

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 off

ServerName "Debian"
ServerType standalone
DeferWelcome off

MultilineRFC2228 on
DefaultServer on
ShowSymlinks on

TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200

DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions "-l"

DenyFilter \*.*/

# Use this to jail all users in their homes
# DefaultRoot ~

# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShells off

# Port 21 is the standard FTP port.
Port 21

# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts 49152 65534

# If your host was NATted, this option is useful in order to
# allow passive tranfers to work. You have to use your public
# address and opening the passive ports used on your firewall as well.
# MasqueradeAddress 1.2.3.4

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30

# Set the user and group that the server normally runs at.
User proftpd
Group nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022

#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
AllowUser Nick
AllowUser guest
DenyALL
</Limit>

<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>

<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>

<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on

<Limit ALL>
Order Allow,Deny
AllowUser guest
AllowUser Nick
Deny ALL
</Limit>

<Limit READ RMD DELE>
DenyAll
</Limit>

<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>

# Normally, we want files to be overwriteable.
AllowOverwrite on

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd off

# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
#
# UseSendFile off

# Choose a SQL backend among MySQL or PostgreSQL.
# Both modules are loaded in default configuration, so you have to specify the backend
# or comment out the unused module in /etc/proftpd/modules.conf.
# Use 'mysql' or 'postgres' as possible values.
#
#<IfModule mod_sql.c>
# SQLBackend mysql
#</IfModule>

TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log

<IfModule mod_tls.c>
TLSEngine off
</IfModule>

<IfModule mod_quota.c>
QuotaEngine on
</IfModule>

<IfModule mod_ratio.c>
Ratios on
</IfModule>


# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?pag...LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine on
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>

# A basic anonymous configuration, no upload directories.

# <Anonymous ~ftp>
# User ftp
# Group nogroup

# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# RequireValidShell off
#
# # Limit the maximum number of anonymous logins
# MaxClients 10
#
# # We want 'welcome.msg' displayed at login, and '.message' displayed
# # in each newly chdired directory.
# DisplayLogin welcome.msg
# DisplayFirstChdir .message
#
# # Limit WRITE everywhere in the anonymous chroot
# <Directory *>
# <Limit WRITE>
# DenyAll
# </Limit>
# </Directory>
#
# # Uncomment this if you're brave.
# # <Directory incoming>
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask 022 022
# # <Limit READ WRITE>
# # DenyAll
# # </Limit>
# # <Limit STOR>
# # AllowAll
# # </Limit>
# # </Directory>
#
# </Anonymous>

I can log in with the user 'Nick' but not guest. Any help would be greatly appreciated.

shortbus

HOWTO Create FTP server user access proftpd

it tells me that i got a iv6 problem when i try to start it, how do i turn of ipv6? ipw4 shoud do in a lan right

xaco1234

HOWTO Create FTP server user access proftpd

hi frodon, i have just copied and pasted your howto but i still have an error. i've used mssm's proftd.conf because i am also using a router and a dynamic ip address from the dsl provider.(im using d-link 524 router) can u pls tell what im am going to do to fix
these errors?

* Stopping ftp server proftpd [ ok ]
* Starting ftp server proftpd - IPv4 getaddrinfo 'abelardoom.dyndns.org' error: Name or service nome t known
- Fatal: MasqueradeAddress: unable to resolve "abelardoom.dyndns.org" on line 1 81 of '/etc/proftpd/proftpd.conf'

new486dx

HOWTO Create FTP server user access proftpd

sudo nano /etc/proftpd/proftpd.conf

There's a line near the beginning where we can enable or disable IPv6, set it to off. That should fix it.

Jordanwb

HOWTO Create FTP server user access proftpd

>sudo nano /etc/proftpd/proftpd.conf

>There's a line near the beginning where we can enable or disable >Pv6, set it to off. That should fix it.


is that ok to delete that line? i mean is it not needed by the program?
im sorry im just realy noob to linux.. thanks for the reply.

new486dx

HOWTO Create FTP server user access proftpd

Hi,

I try to set up the TFT server but I received this message.

ZZZ@ZZZ-laptop:~$ sudo /etc/init.d/proftpd restart
* Stopping ftp server proftpd [ OK ]
* Starting ftp server proftpd - IPv6 getaddrinfo 'andre-laptop' error: No address associated with hostname
[ OK ]
ZZZ@ZZZ-laptop:~$ sudo /etc/init.d/proftpd start
* Starting ftp server proftpd [fail]
ZZZ@ZZZ-laptop:~$



Help me please

Tensk8

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by new486dx
>sudo nano /etc/proftpd/proftpd.conf

>There's a line near the beginning where we can enable or disable >Pv6, set it to off. That should fix it.


is that ok to delete that line? i mean is it not needed by the program?
im sorry im just realy noob to linux.. thanks for the reply.
If your ISP don't use IPV6 adresses then for sure you can disable IPV6 support,

frodon

HOWTO Create FTP server user access proftpd

hi frodon, i have just copied and pasted your howto but i still have an error. i've used mssm's proftd.conf because i am also using a router and a dynamic ip address from the dsl provider.(im using d-link 524 router) can u pls tell what im am going to do to fix
these errors?

im done with the ipv6 thing

* Stopping ftp server proftpd [ ok ]
* Starting ftp server proftd - IPv4 getaddrinfo 'abelardoom.dyndns.org' error: Name or service nome t known
- Fatal: MasqueradeAddress: unable to resolve "abelardoom.dyndns.org" on line 1 81 of '/etc/proftpd/proftpd.con

new486dx

HOWTO Create FTP server user access proftpd

Hi new486dx,

I saw your post but unfortunately i am not really able to help you as i don't use a router and never used it so users who followed the guide and use a router are more likely to provide you the solution to your problem than me.
Don't forget also to search and maybe post your question on the proftpd forum, it is a really good place to learn more about proftpd and its configuration :
http://forums.proftpd.org/smf/

However my guess is that your problem is more related to your domain name and the way you set it rather than your proftpd.conf file. Are you able to ping successfully your domain name (abelardoom.dyndns.org) ?

frodon

HOWTO Create FTP server user access proftpd

it works fine now, but i can't ftp from the outside.

new486dx

HOWTO Create FTP server user access proftpd

Thanks for a great howto!
Worked like a charm here.

Jeinhor

HOWTO Create FTP server user access proftpd

I have got proftp setup but I can't seem to login to my site. This is the output that I am getting, can anyone see where I am going wrong please. Is it looking for mu ubuntu login and password or the one set up in proftp as neither work.

/home/FTP-shared-->ftp kmiles.co.uk
Connected to kmiles.co.uk.
220 Inactivity timer = 120 seconds. Use 'site idle <secs>' to change.
Name (kmiles.co.uk:kenneth): ken
331 Password required.
Password:
530 Permission denied
Login failed.

Thanks in advance.
Regards, Kenneth.

kenmiles

HOWTO Create FTP server user access proftpd

hi, i've got a problem, i tried to mount my usb drive to the folder "mount"

I have changed my config file

(added
<Directory> /media/disk>
Umask 022 022
AllowOverwrite on
<Limit READ RMD DELE>
AllowAll
</Limit>

<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
)

but i still get a 550 error when trying to get into my mounted directory (if nothing's mounted in there I can get in the folder)

Help please!

elmagique

HOWTO Create FTP server user access proftpd

ok, i found out how to fix it, it didn't have to do anything with the ftp, just user restrictions

elmagique

HOWTO Create FTP server user access proftpd

Hello. I use ubuntu feisty fawn of server edition.
I installed and set up the proftpd just you guys introduced above. But I don't think that mine is working correctly.
I can access to my server by typing ftp://localhost on the server machine which runs proftpd. But when I try to access from other computer which runs opensuse, I can't login. The other computer returns the message "Could not find server". I don't see why it happens. Could you help me?

klwh

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by klwh
Hello. I use ubuntu feisty fawn of server edition.
I installed and set up the proftpd just you guys introduced above. But I don't think that mine is working correctly.
I can access to my server by typing ftp://localhost on the server machine which runs proftpd. But when I try to access from other computer which runs opensuse, I can't login. The other computer returns the message "Could not find server". I don't see why it happens. Could you help me?
For sure a firewall/router issue, check the configuration of both computers and verify that you have all the needed ports opened.

frodon

HOWTO Create FTP server user access proftpd

Thank you. I just discovered that if I type IP address in, I can access to the server. For instance, like 192.168.xx.x, then I can access to the server but if I type the name of computer which you need to type in at the instllation, it does not work.Could you give me some advices?

klwh

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by klwh
Thank you. I just discovered that if I type IP address in, I can access to the server. For instance, like 192.168.xx.x, then I can access to the server but if I type the name of computer which you need to type in at the instllation, it does not work.Could you give me some advices?
I always use the IP to connect to my server so if you don't have a domain name for your computer i'm not sure if it is possible to reach your computer with something else than the IP.

frodon

HOWTO Create FTP server user access proftpd

BTW thanks for the how to. iam still having a little bit of an issue. i have my ftp server currently setup behind a router and have already configured the masquerade address and passive port. the issue iam running into is that from withing my network i can access the ftp site fine, but when i try to connect from outside my network i keep getting a permission denied error stating that i dont have enough permissions. the wierd part is that it does connect and authenticates but gives me the permission denied error (550 i think). i have attached my config file for review to see if iam missin anything. thanks

kalipopo

HOWTO Create FTP server user access proftpd

Hi!

I tried to follow the guide to the letter but still managed to get in trouble. Running proftpd gives me
Code:
vainio@Kepuinen:/$ sudo /etc/init.d/proftpd start
 * Starting ftp server proftpd                                                   - IPv4 getaddrinfo 'Kepuinen' error: No address associated with hostname
 - warning: unable to determine IP address of 'Kepuinen'
 - error: no valid servers configured
 - Fatal: error processing configuration file '/etc/proftpd/proftpd.conf'
                                                                         [fail]
I copied the file directly from the guide. What did I do wrong?

jrjvai

HOWTO Create FTP server user access proftpd

There's a problem in your proftpd.conf file surely with the server name, could post your config file here so we can review it ?

frodon

HOWTO Create FTP server user access proftpd

Quote:
Originally Posted by tbuss
Why doesn't the password entered in User and Groups remain the same.
Maybe it's just a bug or a typo when you typed the password. Anyway you can change it with this command :
Code:
sudo passwd username

frodon

HOWTO Create FTP server user access proftpd

I've got it up and running, thanks for help

tbuss

HOWTO Create FTP server user access proftpd

I got to Part B Step 3 in the understanding department however the larger text about editing the proftpd.conf I have no idea what I'm supposed to edit. Any suggestions?

Jordanwb

HOWTO Create FTP server user access proftpd

I don't know it depends on you, edit what don't fit your needs like the ftp server port number for example (1980 in the guide) or the directory paths or maybe if it's fine for you like that just cut and paste.

frodon

HOWTO Create FTP server user access proftpd

Hello,
I am an absolute beginner .
I get this in my terminal session:

robert@pentiumIII:~$ sudo apt-get install proftpd gproftpd
Reading package lists... Done
Building dependency tree... Done
E: Couldn't find package proftpd
robert@pentiumIII:~$


What can i do ?
Thanks for your help

carnussien

HOWTO Create FTP server user access proftpd

enable the repositories that proftpf exists in. i believe it's in the universe repo. here's mine for dapper:

deb http://archive.ubuntu.com/ubuntu/ dapper universe main restricted multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ dapper universe

just do

sudo cp /etc/apt/sources.list /etc/apt/sources.list-backup

(This step backs it up in case you need to revert to the original. this is a good habit with all system files. always backup first)

gksudo gedit /etc/apt/sources.list

(then just read the contents of the file and where it states to uncomment the 2 lines that are similar to mine, that means to delete the pound symbol. In linux, a pound symbol (#) usually means that the line that starts with that symbol is "generally" not used, meaning it's not part of the program etc etc.

then make sure you save the file before you close. then

sudo aptitude update && aptitude upgrade

then simply try to install it again and it should work this time as you have now enabled tons of other software possibilities.

dannyboy79

HOWTO Create FTP server user access proftpd

A lot of people, not only here, seem to get a 530 error. A simple way to test what that's all about is to modify the XAMPP config file to suit the server. It reads:

Code:
# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName			"ProFTPD"
ServerType			standalone
DefaultServer			on

# Port 21 is the standard FTP port.
Port				21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask				022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances			30

# Set the user and group that the server normally runs at.
User				nobody
#Group				nogroup

# Normally, we want files to be overwriteable.
<Directory /home/ftp/*>
  AllowOverwrite		on
</Directory>

# only for the web servers content
DefaultRoot /home/ftp

# nobody gets the password "lampp"
UserPassword nobody wRPBu8u4YP0CY

# nobody is no normal user so we have to allow users with no real shell
RequireValidShell off

# nobody may be in /etc/ftpusers so we also have to ignore this file
UseFtpUsers off
It's not as secure, but it's a step towards debugging the problem, at least. Of course, if you were to use this config, you would have to change the username and password. I also changed the "/home/FTP-shared/[up|down]load" system to just having one folder for it all. Seems a little more... logical.

Kulgan

HOWTO Create FTP server user access proftpd

How do I get to the GUI in 7.04 Server?

Jordanwb

HOWTO Create FTP server user access proftpd

Hello Dannyboy79,
Thanks for your help about /etc/apt/sources.list
I could install my proftpd program. Fine
Next job for me : work with it !

carnussien

HOWTO Create FTP server user access proftpd

^ Same for me. Now I have to figure out what to change and how to get to the GUI.

Jordanwb

HOWTO Create FTP server user access proftpd

Your user guest has no alias name and the option "AuthAliasOnly on" allows only alias name to login, so either create an alias name for the user guest or disable the "AuthAliasOnly" option.

Otherwise try to reset the password, it often solve this problem :
Code:
sudo passwd guest

frodon

 0 1 2 3 4 5 6 7 8 9 10
Previous Question:  Java Firefox  Ubuntu Forums  x86 64 bit UsersNext Question:  Hardy CD label!  Ubuntu Forums  Art Design

- Source: HOWTO Create FTP server user access proftpd Ubuntu Forums Tutorials Tips
- Previous Question: Java Firefox Ubuntu Forums x86 64 bit Users
- Next Question: Hardy CD label! Ubuntu Forums Art Design