How to install a ProFTP server for a virtual host in CentOS 6 using a port?


#1

Sorry for the long title.

I respectfully ask for help.

I want to install on my server CentOS 6.7 system, which has Apache’s virtual hosts, a ProFTP server (using SSH FTP), so I can have a user to access the files on such virtual host only.

For example, thru FileZilla, the user ftpsecure will connect to virtualhost www dot mydomain dot org (located in IP 1.2.3.4) thru port 3303 (for example). And this user will only see the files in virtual host www dot mydomain dot org.

I suppose the ftpsecure user already exists in the CentOS 6.7 system, and is part of the ftpusers group, and has NO shell and no home dir.

If it is possible, please explain how to install and config the security files (PAM or SSL or whatever is correct).

If am I saying something inaccurate, please forgive me, ;D
Thank you very much!!!


#2

Hello,

Sorry for the long title.

Long titles are great and much appreciated! No need for apology, in fact it is the opposite.

I just published the article on how to setup ProFTPD FTP server on CentOS 7. I understand that your server is CentOS 6 but I though since it is quite old already why to waste time and instead write about CentOS 7 and then simply point out the differences.

As it turns out the setup of ProFTPD FTP server on CentOS 7 and CentOS 6 is exactly the same. The only difference is the way how you open firewall port. On CentOS 6 you still need to use iptables whereas on CentOS 7 we can use firewall-cmd command.

Scenario:
I’m assuming that we need to get FTP running on host ftp.example.com on port 3303. That we need a single user e.g. luna to access directory /var/www/html/my-site. I’m also assuming that the port 3303 is already opened hence firewall is not blocking incoming packets to this port.

Here are the differences when you follow my how to setup ProFTPD FTP server on CentOS 7 guide:

Configure ProFTPD ftp server to lissten on port 3303 instead of default port 21:

# echo "Port 3303" >> /etc/proftpd.conf
# service proftpd restart

At this point do not setup passive FTP mode yet. Make sure that your FTP is set to create “active” FTP connection. If you do setup passive ftp mode make sure that your firewall carters for additional incoming ports as set by ProFTPD’s PassivePorts directive.!

Create user:
Be careful with permissions here! Make sure that you know what you are doing! I do not know your exact environment so do not want to give you are wrong suggestion:

# useradd luna -s /sbin/nologin -d /var/www/html/my-site
# passwd luna
# chown -R root.luna /var/www/html/my-site
# chmod -R 770 /var/www/html/my-site
# setsebool -P allow_ftpd_full_access=1

Rest of the tutorial is exactly the same including the TLS encryption.

Hope this helps

Lubos


#3

Hi, Lubos.

Great tutorials, both «How to setup ProFTPD FTP server on CentOS 7» and this one. Both are very helpful.

However, I still have questions :grimacing:
Sorry to overwhelm you. I just see that you are really helping me. For that I thank you a lot!!!

[Im, sorry.
I try to edit this post so I can continue writing my questions but I always get «Error 403. Forbidden.» message ]


#4

Still having the issues as described? I have send you a PM but not sure if you have received it…


#5

I received, it, Lubos. Thanks. It’s that I had to go out of city and I’ve been very busy. Sorry.

I am trying to reply again with my whole answer. Maybe some wiki text didn’t make it.


#6

Well, now I’m sure there’s something about wiki text because I replied prior this message and it went ok. Then I replied again with wiki text (you can read it aside to my browser Mozilla Firefox) and I got an Error 403. Now I took a screenshot: