ProFTPd FTP-Server was used for this introduction because of its simply installation and configuration.
aptitude install proftpd
If the package cannot be found, update the local list of packages using:
If the package still cannot be installed after that, check the /etc/apt/sources.list on the appropriate Debian mirror server. You will find more information about this in the article Debian Mirror.
Indicate in the subsequent inquiry whether the FTP server should act as a standalone server (standalone) or as a service of inetd. In this example, the standalone option has been selected.
Our configuration assumes that we will login using system users found in the ftpuser group.
In order to adjust the configuration to your needs, edit the /etc/proftpd/proftpd.conf file.
If you are not using IPv6, this feature should be deactivated first:
After that, we will add the following instruction at the end of the file:
DefaultRoot ~ ftpuser
What do the instructions mean?
As a first step, we told ProFTPd that users wanting to login do not need a shell. Afterwards, we instructed ProFTPd to lock users in their home directory using DefaultRoot. Finally, we specified that only those users who are members of the ftpuser group could login.
We will now restart our FTP server so that our configuration takes effect:
Then, we will create the ftpuser group and a first user that will be able to login.
Now, we create the user:
adduser ftpbenutzer -shell /bin/false -home /var/www
Finally, we assign the user to the ftpuser group:
adduser ftpbenutzer ftpuser
That’s everything. You should now be able to login with the user via FTP.
By adding the following section to the etc/proftpd/proftpd.conf file, you will also give anonymous users (read) access to the FTP area:
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Cosmetic changes, all files belong to ftp user
DirFakeUser on ftp
DirFakeGroup on ftp
# Limit the maximum number of anonymous logins
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
# Limit WRITE everywhere in the anonymous chroot
# # Uncomment this if you're brave.
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask 022 022
# # DenyAll
# # AllowAll
To make sure, that user “ftp” is able to login anonymously to ftp-space, you have to add the user to the group “ftpuser”:
adduser ftp ftpuser
Re-loading the Configuration and Re-starting the FTP Server
The configuration will have to be re-loaded after the adjustments to the /etc/proftpd/proftpd.conf file:
Because the FTP server will be stopped when re-loading the configuration, it will also have to be re-started afterwards: