ProFTPD v1.2.0pre9 on RedHat 6.x NHF
William Jensen
16 January 2000

What is ProFTPD?

From the ProFTPD web site:

ProFTPD is a ftp server primarily written for the various unix variants though it will now compile under win32. It has been designed to be much like Apache in concept taking many of the ideas (configuration format, modular design, etc) from it.

Why would you want to use ProFTPD?

1. ProFTPD provides a very secure ftp daemon that is easily configured and highly customizable.
2. ProFTPD supports multiple virtual servers, anonymous FTP, per directory configuration, and more.

Where do you get ProFTPD?

The ProFTPD home page is here.

If you want to get ProFTPD with one quick command use:

• ncftpget ftp://ftp.proftpd.net/pub/proftpd/proftpd-1.2.0pre9.tar.gz

Pre-Compiling Notes

I am assuming a couple of conditions for the rest of this NHF:

1. you want to run proftpd as a service, not stand alone
2. you want anonymous ftp access

Compiling, Installing, & Configuration

Compiling ProFTPD is straight forward:

1. tar -zxvf proftpd-1.2.0pre9.tar.gz (a note on the tar options...z filters the file through gzip, x extracts the file from the archive, v is for verbal output, and f is the named file)
2. cd proftpd-1.2.0pre9
3. ./configure
4. make
5. su (su is used to obtain super user or root privileges)
6. make install

Next you need to tell inetd that you are going to use proftpd instead of the standard ftp service.

1. edit your /etc/inetd.conf with the editor of your choice
2. comment out the current ftp line (ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -a) by putting a # at the beginning of the line
3. add ftp stream tcp nowait root /usr/local/sbin/proftpd proftpd

Next you need to modify the configuration file that "make install" provided.

1. edit the file /usr/local/etc/proftpd.conf with your favorite editor
2. find ServerName "ProFTPD Default Installation"
3. change the "ProFTPD Default Installation" to be whatever you want to call your ftp server
4. find ServerType standalone
5. change it to ServerType inetd
6. add ServerIdent off after ServerType (this tells the server not to supply the version of server software your using...it may not stop the hackers, but at least you will not be advertising which daemon your running)
7. find Group nogroup
8. change it to Group nobody
9. find MaxClients 10
10. change 10 to whatever max number you want...I usually use 5 because I am stingy about my bandwith (what little of it there is) and I am not mirroring any FTP sites.

Next you need to change the shell the ftp account is assigned to

• chsh -s /bin/false ftp

Next you need to add /bin/false to the list of valid shells

• add /bin/false to the end of /etc/shells

Next, if /home/ftp does not exist, you will need to create it. (the default dir can be anyplace you like, but I choose to put it in /home/ftp...if you do change the default directory from /home/ftp to something else you will need to change the "Anonymous ~ftp" line in /usr/local/etc/proftpd.conf to reflect this)

• mkdir /home/ftp

Next you need to tell inetd that it needs to restart and start accepting ftp connections with proftpd.

• killall -HUP inetd

Finally, exit su and try it out.

• exit

Final Thoughts

This NHF should get you "up" but it is still up to you to look into the finer details of configuration. ProFTPD is simply amazing and this NHF has not even touched what it can do. For further information see:

• The ProFTPD FAQ
• ProFTPD Users Guide

Last modified: Date: 2000/01/17 11:45:06