This thread is obsolete but there is useful support in, refer to the breezy one now :
I created this How to for people who want to share files with friends using FTP protocol, like FTPservU under windows. The way i give you is not the only one, I hope my How to is enough clear.
This FTP server will allow only users with the good password (persons to whom you gave the password and username). So you will be sure that only known persons will access your FTP server.
1- Install proftpd with synaptic or with this command :
2- Add this line in /etc/shells file (sudo gedit /etc/shells to open the file) : Create a /home/FTP-shared directory :
sudo apt-get install proftpd
Create a user named userftp which will be used only for ftp access. This user don't need a valid shell (more secure) therefore select /bin/false shell for userftp and /home/FTP-shared as home directory (property button in user and group window).
sudo mkdir FTP-shared
To make this section clearer, i give you the equivalent command line to create the user :
In FTP-shared directory create a download and an upload directory :
sudo useradd userftp -p your_password -d /home/FTP-shared -s /bin/false
Now we have to set the good permissions for these directories :
sudo mkdir download
sudo mkdir upload
3- OK, now go to the proftpd configuration file :
sudo chmod 755 FTP-shared
sudo chmod 755 download
sudo chmod 777 upload
and edit your proftpd.conf file like that if it fit to your need :
sudo gedit /etc/proftpd.conf
Ok you have done proftpd configuration. Your server is on port 1980 (in this exemple) and the access parameters are
# To really apply changes reload proftpd after modifications.
# Choose here the user alias you want !!!!
UserAlias sauron userftp
# It's better for debug to create log files ;-)
# I don't choose to use /etc/ftpusers file (set inside the users you want to ban, not useful for me)
# Allow to restart a download
# Port 21 is the standard FTP port, so don't use it for security reasons (choose here the port you want)
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
# Set the user and group that the server normally runs at.
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Display a message after a successful login
AccessGrantMsg "welcome !!!"
# This message is displayed for each access good or not
ServerIdent on "you're at home"
# Set /home/FTP-shared directory as home directory
# Lock all the users in home directory, ***** really important *****
Umask 022 022
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
Umask 022 022
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
Umask 022 022
<Limit READ RMD DELE>
<Limit STOR CWD MKD>
user : sauron
password : the one you've set for userftp
4- To start/stop/restart your server :
To perform a syntax check of your proftpd.conf file : To know who is connected on your server in realtime use "ftptop" command (use "t" caracter to swich to rate display), you can also use the "ftpwho" command.
sudo /etc/init.d/proftpd start
sudo /etc/init.d/proftpd stop
sudo /etc/init.d/proftpd restart
other informations here
ProftpTools is a script I wrote thanks to swoop's feedback. This script allow you to start/stop proftpd, mount/unmount auto/manually directories, show your IP, ... and all of that with a GUI in order to use proftpd in a really easy way !
To install ProftpTools, download ProftpTools_v1-0.tar.gz (at the bottom of the page) and untar it where you want and then move the ProftpTools file in /usr/bin :
Then add this line in your .bashrc (it's in your home directory : gedit /home/username/.bashrc) file in order to specify what is the ProftpTools directory path, YOU MUST REMOVE THE "/" CHARACTER at the end of the path. I give you an exemple if your ProftpTools directory is in your home directory :
tar -xzvf ProftpTools_v1-0.tar.gz
sudo mv ProftpTools /usr/bin/
Now all you have to do is to type ProftpTools in a terminal and .... enjoy
You need zenity installed to use this script.
Don't hesitate to post in this thread or send me PM to report bugs, ask new features, correct my english, suggest improvement and thank you to give me feedback about this tool.
useful trick :
This trick is integrated in ProftpTools.
If you don't want (like me ) to use space in your /home directory, and use space on another hard drive, or if you just want to share a directory from another partition ... you can mount the directory you want in your download or upload directory without changing anything in proftpd.conf file, use these commands :
This command will not overwrite the directory, the idea is just to mount a directory in another one without overwritng anything, so when someone will log in your server he will see and use the mounted directory if you have mounted one. To unmout a directory (download directory for exemple):
sudo mount -o bind the_directory_you_want_to_share /home/FTP-shared/download
sudo mount -o bind the_directory_you_want_to_use_for_upload /home/FTP-shared/upload
Permanent mount :
sudo umount /home/FTP-shared/download
If you don't want to re-mount your directories after a reboot you can add a line in fstab file like that (sudo gedit /etc/fstab to open the file) :
the_directory_to_mount /home/FTP-shared/download vfat bind 0 0
If you want to create other directories in FTP-shared, think to add it in proftpd.conf file.
Don't hesitate to test yourself your server using gFTP for exemple, it's really helpful to debug your server.
If you have a router you should read that, it describe the 2 commands to add in proftpd.conf and why.
If you have a dynamic DNS have a look here, you can also use ddclient(maybe easier for newbies).
Most of informations you're looking for are here
To get more debug informations : http://www.proftpd.org/localsite/Use...ked/x1058.html
You can specify a specific passive port range using PassivePorts command, it's very useful when you use a firewall in order to know which ports to allow.
Thanks for feedback, and sorry if my english is sometimes really bad
Don't hesitate to post questions about proftpd in this thread.