Transferring files over the FTP protocol is one of the most popular methods of uploading files to a server. ProFTPD is a reliable, free, open-source FTP server that allows you to create an FTP connection between your local system and a web server. ProFTP comes with a options that are not available in many other FTP software options. It provides a rich set of features including tls/ssl support, anonymous FTP, multiple virtual FTPs, shadow password suite support, the ability to run as a configurable non-privileged user, support for IPv6, and many more.

In this tutorial, we will explain how to install a ProFTP server on Ubuntu. This procedure is compatible with Ubuntu 18.04, Ubuntu 20.04, and Ubuntu 22.04. We will also show you how to encrypt the entire transmission with SSL/TLS.

Step 1 – Install ProFTP

By default, the ProFTP package is available in the Ubuntu 18.04 default repository. You can install it by just running the following command:

apt-get update -y
apt-get install proftpd -y

Once the installation is finished, start the ProFTP service and enable it to start after system reboot using the following command:

systemctl start proftpd
systemctl enable proftpd

You can also verify the status of the ProFTP service with the following command:

systemctl status proftpd

You should get the following output:

  • proftpd.service - LSB: Starts ProFTPD daemon
    Loaded: loaded (/etc/init.d/proftpd; generated)
    Active: active (running) since Sun 2020-04-26 02:32:04 UTC; 1min 19s ago
    Docs: man:systemd-sysv-generator(8)
    Tasks: 1 (limit: 1150)
    CGroup: /system.slice/proftpd.service
    └─9363 proftpd: (accepting connections)
Apr 26 02:32:04 ubuntu1804 systemd[1]: Starting LSB: Starts ProFTPD daemon...
Apr 26 02:32:04 ubuntu1804 proftpd[9343]: * Starting ftp server proftpd
Apr 26 02:32:04 ubuntu1804 proftpd[9343]: ...done.
Apr 26 02:32:04 ubuntu1804 systemd[1]: Started LSB: Starts ProFTPD daemon.

Step 2 – Create a Self-signed SSL/TLS Certificate

By default, FTP is not secured because passwords and data are transferred in clear text, so it is recommended to secure your FTP with SSL/TLS.

To do so, run the following command to generate a self-signed SSL/TLS certificate for the server.

openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ssl/private/serverkey.pem -out
/etc/ssl/certs/servercertificate.pem -days 365

Answer all the questions as shown below:

During the installation, you will be asked a number of questions. These questions will be specific to you.

Step 3 – Configure ProFTPD to use SSL/TLS

Next, you will need to configure ProFTP to use the SSL/TLS certificate created above. You can do it by editing the file /etc/proftpd/tls.conf:

nano /etc/proftpd/tls.conf

Add the following lines below <IfModule mod_tls.c>:

TLSRSACertificateFile /etc/ssl/certs/servercertificate.pem
TLSRSACertificateKeyFile /etc/ssl/private/serverkey.pem
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol SSLv23
TLSRequired on
TLSOptions NoCertRequest EnableDiags NoSessionReuseRequired
TLSVerifyClient off

Save and close the file when you are finished.

Step 4 – Configure ProFTP

ProFTP’s default configuration file is located at /etc/proftpd/proftpd.conf. You will need to edit this file and make some changes:

nano /etc/proftpd/proftpd.conf

Change the following lines per your requirements:

UseIPv6 on
ServerName "FTP Server"
Port 21
RequireValidShell on
AuthOrder mod_auth_pam.c* mod_auth_unix.c
Include /etc/proftpd/tls.conf

Save and close the file when you are finished.

The config file should look similar to this:

Then, restart the ProFTP service to apply the changes:

systemctl restart proftpd

A brief explanation of each option is shown below:

  • UseIPV6 : Enables or disables the IPv6 support.
  • ServerName : Specifies your FTP Server name.
  • Port : Specifies the port of your FTP server.
  • RequireValidShell : Enables logging in for users, even for those who don’t have a valid shell in /etc/shells to log in.
  • AuthOrder : Enables the use of local passwords.
  • Include /etc/proftpd/tls.conf : Enables TLS/SSL support.

Step 5 – Create a ProFTP User

At this point, ProFTP is installed and configured with TLS/SSL support. Next, you will need to create a user for ProFTP.

You can create a new user named user1 with the following command:

adduser user1

You should get the following output, and you will also be prompted to enter a password and some user information.

Adding user `user1' ...
Adding new group `user1' (1000) ...
Adding new user `user1' (1000) with group `user1' ...
Creating home directory `/home/user1' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for user1
Enter the new value, or press ENTER for the default
Full Name []: FTP User
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] Y

Next, change the home directory of user1 to /var/www/ using the following command:

usermod -m -d /var/www user1

Next, change the ownership of the /var/www/ directory:

chown -R user1:user1 /var/www

Next, log in with user1 by running the following command:

su - user1

Next, create a sample file and directories with the following command:

touch file1.txt fil2.txt
mkdir dir1 dir2

Step 6 – Access ProFTP with FTP Client

Now, download and install the FileZilla FTP client in your local system. Read the installation to ensure no additional bloatware is installed, as FileZilla is supported by bundled applications.

Next, open the FileZilla client and create a new site from the site manager. You should see the following screen:

Next, provide the IP address of your FTP server, select Require explicit FTP over TLS, select Normal in Logon Type, provide your FTP username and password, and click on the Connect button. You will be prompted with a certificate as shown below:

Accept the certificate and click on the OK button. Once the connection has been established successfully, you should see the following screen:

Conclusion

In the above guide, we learned how to install ProFTP on Ubuntu. We also learned how to secure an FTP connection with TLS/SSL. If your installation is not working you can check the ProFTP log file at /var/log/proftpd/proftpd.log. Get started with ProFTP on VPS hosting from Atlantic.Net today!