Shulou(Shulou.com)06/02 Report--

ProFTPd is an open source FTP daemon, and ProFTPd is an open source FTP daemon, which is widely used because of its ability to configure permissions with finer granularity. This is a guide that provides installation methods for CentOS 7 and CentOS 6 and below. You can read more about ProFTPD on the project's website. Install ProFTPD

ProFTPD is located in the EPEL repository, and you need to install it first:

Yum-y install epel-release

Run yum updates to ensure that everything is up to date

Yum-y update

Start installing ProFTPD

Yum-y install proftpd

Configure ProFTPD

Nano / etc/proftpd.conf

Change the server name:

ServerName "ProFTPD server"

To your server hostname. Then continue to save the file.

Enable and start Proftpd

Continue and restart the service and enable it.

On CentOS 7:

Restart the service:

Systemctl restart proftpd

Ensure that the service will start after reboot:

Systemctl enable proftpd

In CentOS 6 (and below):

Restart the service:

Service proftpd restart

Ensure that the service will start on restart:

Chkconfig-add proftpdchkconfig proftpd onEnable FTP in the firewall

If you are currently using a firewall, you need to allow incoming FTP connections.

Firewalld

Allow incoming ports:

Firewall-cmd-permanent-add-port=21/tcp

Then reload the firewall:

Firewall-cmd-reload

Iptables

Add a new rule:

Iptables-An INPUT-p tcp-m tcp-- dport 20:21-j ACCEPT

Save the new firewall rule set:

Iptables-save > / etc/sysconfig/iptables

Enable passive connection in ProFTPD

Passive mode can sometimes address the ability of some clients to connect to FTP servers that may have been blocked by firewalls. If you encounter problems with remote connections and want you to try to enable passive connections in ProFTPD, you need to edit / etc/proftpd.conf

Nano / etc/proftpd.conf

And add the following line:

PassivePorts 60000 65535 AllowStoreRestart on AllowRetrieveRestart on TimeoutNoTransfer 65535 ListOptions "- la" TimeoutIdle 65535

Then, you also need to add passive scope to the firewall

Iptables's:

Add a new rule:

Iptables-An INPUT-p tcp-m tcp-- dport 600000 tcp 65535-j ACCEPT

Save the rule set:

Iptables-save > / etc/sysconfig/iptables

Firewalld:

Add a new port range:

Firewall-cmd-permanent-add-port=60000-65535/tcp

Reload the firewall:

Firewall-cmd-reload

Test the FTP service

You can first test the FTP configuration locally to ensure that the daemon is running using netstat

# netstat-plan | grep: 21tcp6 0 0: 21: * LISTEN 22089/proftpd: (acc

You can also connect locally by installing a ftp client

Yum install-y ftp

Then establish a connection to localhost or 127.0.0.1

# ftp localhostTrying:: 1...Connected to localhost (:: 1) .220 FTP Server ready.Name (localhost:root):

And enter a valid user name and password, which should be authenticated. If it does not allow you to enter, the authentication message will be written to / var/log/secure.

Original address: https://www.linuxprobe.com/centos-config-proftpd.html

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.