There are three main choices for FTP server:

For this howto, we will use ProFTPd. Why? It has an apache-style config file, has flexible authentication, and has super easy chroot support.


# apt-get install proftpd

this creates:


The default configuration is pretty good. It allows for…

Here are a few things you probably want to change:

codetitle. /etc/proftpd/proftpd.conf

ServerName  "myserver.taz"
DefaultRoot  ~
User root
Group root

Running the ftp daemon as user root has obvious security disadvantages and should probably only be done in vserver where there is no other services. The advantage of running the daemon as root instead of something else like nobody is that proftpd may then change its uid to be the same as the user who authenticated, granting them access to all their files.


To perform a syntax check of your proftpd.conf file:
bc. sudo proftpd -td5

To know who is connected on your server in real time use:
bc. sudo ftptop

See who is connected:
bc. ftpwho

you can also use the “ftpwho” command.
other informations here


<IfModule mod_tls.c>
  TLSEngine on
  TLSLog /var/log/proftpd/proftpd-tls.log
  #TLSProtocol TLSv1

  # Are clients required to use FTP over TLS when talking to this server?
  TLSRequired off

  # Server's certificate
  TLSRSACertificateFile /etc/ftpcert/server.crt
  TLSRSACertificateKeyFile /etc/ftpcert/server.key

  # CA the server trusts
  TLSCACertificateFile /etc/ftpcert/ca.crt

  # Authenticate clients that want to use FTP over TLS?
  TLSVerifyClient off