[EN] ProFTPD – ubuntu ftp server setup tutorial
by intro on lis.17, 2011, under English version, FTP
Sometimes we need to share our files with friends without playing with filesharing servers as rapidshare filesonic etc. I think that sharing a file directly from your PC to your friend hardisk is much more effective. The reason is straight forward. You just have to place your file in specific directory on your harddisk and send an url to it so that your friend can simply fire it up in the web browser and download your file 
But, if you want to share your files in this way, you have to setup your own FTP server on your PC. In this tutorial I will show you how to do that trick in a few easy steps.
1. Install and configure proFTPD
First of all you have to install a FTP server on your machine (proFTPD is a good choice as ubuntu ftp server):
1 | ~$ sudo apt-get install proftpd |
Durring the instalation of the ftp server you will be prompted for chose server mode. There is two options available „Inetd” and „standalone”. To better understanding what features theese two provides I recommend you to visit documentation page.
Ok so now we have a FTP serwer running on our PC. Its time to configure it according to our needs. Just for safety purposes we will make a backup of proftpd config file before we start modifying it.
1 | ~$ sudo cp /etc/proftpd/proftpd.conf /etc/proftpd/proftpd.conf_backup |
Now open /etc/proftpd/proftpd.conf config file in your favourite text editor and meke the following changes:
Find „IdentLookups off” option and place additional option below it’s line:
Find „DenyFilter \*.*/” option and place additional option below it’s line:
Find „MasqueradeAddress” option and put there your public IP address (you can get your public IP address on this site whatismyip.com). This option helps you to set your ftp sever visible to the user over the internet (outside your LAN), if your server is placed behind NAT (you have a router at home).
Now you have to setup passive mode ports for the server, so find this option in the proftpd.conf file „PassivePorts”, and change it to „60000 65535″. I can’t explain it straight but at first when I left default ports numbers (49152 65534) I had connection problems as „500 Illegal PORT command” or „proftpd Entering Passive Mode timeout”.
Now you have to decide if you want to allow annonymous acces to your files or not. IMO there is no big risk enabling annonymous access if you only meet some basic safety rules:
- Allow only read access for anonymous user
- Disable write access for anonymous user
- Separate one specific directory for anonymous access
You don’t need to enable anonymous access to your ftp server to share your files. The option „DefaultRoot” which you had setup above tells the server that home directory for any ftp user is the same as linux user home directory. So if you want to share your files to your friend Daniel you have to add new user and setup his password:
1 | ~$ sudo adduser daniel |
After running this command please follow console prompts step by step. Now your friend Daniel can loggin (display files index page) fireing up this link in the web browser:
ftp://daniel:password@xxx.xx.xx.xx Where „password” is the password you typed durring „daniel” account creation.
This solution is not convenient enough, cause every time you want to share your files to someone else you have to create account for new user. Unless you create one shared account for all users. But if you decide to enable anonymous access to your server.. below I show another config modification that will enable an access for annonymous users. But before you have to make a dedicated directory for your shared files, I made my own in /usr/local/ftp/.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | <Anonymous /usr/local/ftp/> User ftp Group nogroup UserAlias anonymous ftp DirFakeUser on ftp DirFakeGroup on ftp RequireValidShell off MaxClients 10 DisplayLogin welcome.msg DisplayChdir .message <Directory *> <Limit WRITE> DenyAll </Limit> </Directory> </Anonymous> |
Ok now we have our server completely configured as we need. To our changes take effect we have to restart our proftpd server with this command:
1 | sudo invoke-rc.d proftpd restart |
2. Set your server visible (for those who has a router) – port forwarding
If your PC is connected to the internet via router it’s behind a NAT. So you have to tell the router to pass all the communication on the specific ports directly to your PC on which you have the FTP server running (Write down your IP address in LAN). This settings depends on specified router model, but each one has a very similar interface. So I will show you how to do that on my Thomson router. We have to forward one specific port which is port 21 (standard FTP port) and a port range defined in „PassivePorts” config option as 60000 – 65535. See the screenshow below.
We’re done! Now you can put some files into the server public directory at /usr/local/ftp/ and try to run this url in your browser: ftp://xxxx.xx.xx.xx
Remember that xxxx.xx.xx.xx is your public IP address. If your browser ask you for login and password please type „ftp” in both of those fields. Theese are default anonymous login and password values. When the page loads you should see index of all of your files. Each of file has it’s own link, just click on it, download popup window should appear.
If you have created a new user e.g. daniel, you can login to your ftp server providing „daniel” as login and the password you have chosen before.
