Services
For cliens
For partners
Knowledge base
Simple instructions to work with the ProfitServer service
FTP server setup

When installing Linux from any distribution kit, only the root user will be available by default. At the same time, security reasons will not make it possible to connect via FTP under this user. In this article, we will explain how to quickly set up an FTP server and create a user using only Linux console commands.
 

Step 1: Establish a secure connection to your server

At first, you need to connect to your server. You can do this using the SSH (Secure Shell) protocol, which provides a secure remote access way. Instead of logging in as 'root', which is the administrative account on Linux by default, use a regular account and run commands via 'sudo' for extra security.
 

Step 2: Install FTP server

The next step is FTP-server installation. In this tutorial, we will be using 'proftpd', a popular open source FTP server.

If you are using CentOS, install the EPEL repository first. Enter the following commands in the terminal:
 

sudo yum install epel-release

sudo yum install proftpd

If you are using Debian or Ubuntu, then just type:
 
sudo apt install proftpd


Step 3: Set up automatic FTP launch

After installing the FTP server, configure it to launch automatically every time the server boots. This is carried out by the following commands:
 

sudo systemctl start proftpd.service

sudo systemctl enable proftpd.service
 

Step 4: Set up your firewall

For security purposes, your firewall must be configured in a such a way to allow incoming connections on TCP port 21. The exact command depends on which firewall management utility you are using. For 'iptables':
 

sudo iptables -I INPUT -p tcp -m tcp --dport 21 -j ACCEPT

sudo systemctl save iptables
 

for 'firewalld':
 

sudo firewall-cmd --permanent --zone=public --add-port=21/tcp

sudo firewall-cmd –reload
 

for 'nftables' в Debian 11:
 

sudo nft add rule ip filter input tcp dport { 21 } ct state new accept
 

After the firewall is configured, do not forget to save the changes so that they apply after a reboot. For 'iptables' and 'firewalld' this is done automatically, while for 'nftables' you will need to manually save the current rules to a file that will be loaded at system launch.
 

Step 5: Restrict FTP users by their domestic directory

By default, FTP users can go beyond their domestic directory, which can be a security risk. To prevent this, add the DefaultRoot ~ line to the 'proftpd.conf' file. This line restricts users by their domestic directory. Add it to the end of the file, then reboot the FTP server:
 

sudo systemctl restart proftpd.service
 

Step 6: New FTP user creation

You are now ready to create a new FTP user. It doesn't need command shell access, so disable it for security reasons. Here are the commands for that:
 

sudo useradd [имя пользователя] -d /home/[имя пользователя] -m -s /usr/sbin/nologin

sudo passwd [имя пользователя]
 

Replace [username] with a desired username. The ‘passwd’ command will offer you to enter a password for the new user.
 

You have now set up an FTP server and created a new FTP user on the Linux server. Always remember about security while setting up.

Please, rate this article:
Ask a question
We are always ready to answer your questions at any time of day or night.
Please, check our Knowledge base, most likely the answer to your question is already there!