Tag Archive for 'ProFTPD'

Show hidden files in proftpd

Published on January 31, 2011 23:23 Tags: , .

If you can’t see hidden files in proftpd ( files with a .(dot), like .htaccess), you can force the files to be displayed in almost all clients with a server wide variable in your proftpd.conf:

Chnge to -a if exists already or add to the bottom:
ListOptions -a

Restart proftpd and reconnect.

ProFTPD howto

Published on August 6, 2010 16:26 Tags: , , .


Had to setup an FTP server, guides that I found elsewhere didn’t do exactly what I want. So it took some trial and error to achieve the setup that I needed.

My objectives:

✓ Be able to create virtual users without having to create a system account for every user.
✓ Set individually permissions and groups for each virtual user
✓ FTP users should be “chrooted”
✓ Of course R/W access

1

aptitude update ; aptitue install proftpd

Virtual user configuration:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

# Virtual user login
DefaultRoot ~
AuthUserFile /etc/proftpd/ftpd.passwd
AuthPAM off
RequireValidShell off
 
# DNS resolv
UseReverseDNS off
IdentLookups off
 
# Hide proftpd version
ServerIdent off
 
# Other
ShowSymlinks    on
 
# Faking
<Directory /var/www/vhosts/example.com/>
   DirFakeUser              on www-data
   DirFakeGroup             on www-data
</Directory>
 
<Directory /var/www/vhosts/example.biz/>
   DirFakeUser              on www-data
   DirFakeGroup             on www-data
</Directory>

Cerate virtual user:

1
2

cd /etc/proftpd/
ftpasswd --passwd --name ftpuser01 --uid 1001 --gid=1001 --home /var/www/vhosts/example.com/ --shell /bin/false

System user configuration:

1
2
3
4
5

DefaultRoot     ~
RequireValidShell off
ShowSymlinks            off
RootLogin           off
UseFtpUsers off

Add system user:

1

useradd -c "ftpuser01" -u 33 -o -g 33 -d "/var/www/" -s /bin/sh "ftpuser01"

33 is www-data Group

Change Password:

1

ftpasswd --change-password --passwd --name=ftpuser01

Before you restart proftpd, you should make a syntax check:

1

proftpd -td5

Alternative you can use Group File:

1

AuthGroupFile /etc/proftpd/ftpd.group

Create Group and add user to it:

1

ftpasswd --group --name=ftpmember --gid=5000 --member=ftpuser01


Another kind of permissions:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

<Directory /var/ftp/user1/read>
    <Limit ALL>
        DenyAll
    </Limit>
    <Limit DIRS READ>
        AllowUser user1
    </Limit>
</Directory>
<Directory /var/ftp/user1/write>
    <Limit ALL>
        DenyAll
    </Limit>
    <Limit DIRS READ WRITE>
        AllowUser user1
    </Limit>
</Directory>