How to Install FTP Server on CentOS 8 Using ProFTPD Server

How to Install FTP Server on CentOS 8.  FTP server is often used by website developers to make changes to a website and manage all files. It is more comfortable and secure to manage all website content using FTP.

What is FTP Server?

FTP server is a standard network protocol used to transfer computer files between a client and server on a computer network. File Transfer Protocol (FTP) which simply means it transmits files from one computer to other. It works on client server model and uses separate control and data connections between the client and the server.

FTP server is built on a client server architecture and it works by executing commands given by remote client(s) like receiving, sending, deleting files, creating or removing directories.

What is ProFTPD Server

ProFTPD is a free, open source and feature rich FTP server for Linux and Unix based operating systems. There is no support for native use under Microsoft Windows. It is known for its simplicity, speed or security. It is highly configurable and can be configured to run multiple Virtual Hosts.

Pros of ProFTPD Server

  • Multiple virtual FTP servers and anonymous FTP services.
  • Hidden directories and files, based on Unix style permissions or user/group ownership.
  • Support shadow password.
  • Modular design and Multiple authentication methods, including PAM, LDAP, SQL, and RADIUS.
  • A single main configuration file.
  • Virtual users.
  • Anonymous FTP root directories do not require any specific directory.

In this guide, we will show you how to set up an FTP server using ProFTPD on CentOS 8.

Install ProFTPD

By default, the ProFTPD package is not included in the CentOS default repo. So you will need to install the EPEL repository to your server. You can install it by using the following command:

				
					dnf install epel-release -y
				
			

Once the EPEL repository is installed, run the following command to install the ProFTPD package:

				
					dnf install proftpd -y
				
			

Once the ProFTPD package is installed, start the ProFTPD service and enable it to start at system reboot:

				
					systemctl start proftpd
systemctl enable proftpd
				
			

To verify the status of the ProFTPD, run:

				
					systemctl status proftpd
				
			

Sample output:

				
					● proftpd.service - ProFTPD FTP Server
   Loaded: loaded (/usr/lib/systemd/system/proftpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2021-08-25 10:16:23 EDT; 6min ago
  Process: 5595 ExecStartPre=/usr/sbin/proftpd --configtest (code=exited, status=0/SUCCESS)
 Main PID: 5597 (proftpd)
    Tasks: 1 (limit: 12524)
   Memory: 3.7M
   CGroup: /system.slice/proftpd.service
           └─5597 proftpd: (accepting connections)
				
			

By default, ProFTPD listens on port 21. You can check it using the following command:

				
					ss -antpl | grep proftpd
				
			

Sample output:

				
					LISTEN    0         128                      *:21                     *:*        users:(("proftpd",pid=5597,fd=0))os proftpd[5595]: Checking syntax of configuration file
				
			

To verify the ProFTPD version, run:

				
					proftpd -v
				
			

Sample output:

				
					ProFTPD Version 1.3.6e
				
			

Create FTP User

At this point, ProFTPD is installed and running. Now, you will need to create a user to test the FTP.

Let’s create a new user named ftpuser with the following command:

				
					adduser ftpuser
				
			

Next, set a password for ftpuser using the following command:

				
					passwd ftpuser
				
			

You will be asked to set a password as shown below:

				
					New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
				
			

Next, create some directory and files inside the ftpuser’s home directory:

				
					mkdir -p /home/ftpuser/mydir
touch /home/ftpuser/file1.txt
touch /home/ftpuser/file2.txt
				
			

Next, set proper ownership to the ftpuser home directory:

				
					chown -R ftpuser:ftpuser /home/ftpuser/
				
			

Firewall Configuration

If a firewalld firewall is installed in your CentOS 8 server. You will need to allow ports 20, 21, 22, and 6000-6100 through the firewalld.

Firewalld is firewall management software available for many Linux distributions, which acts as a frontend for Linux’s in kernel nftables or iptables packet filtering systems.

You can allow them using the following command:

				
					firewall-cmd --permanent --add-port=22/tcp
firewall-cmd --permanent --add-port=20-21/tcp
firewall-cmd --permanent --add-port=6000-6100/tcp
				
			

Next, reload the firewalld service to apply the changes:

				
					firewall-cmd --reload
				
			

You can now check all open ports using the following command:

				
					firewall-cmd --list-all
				
			

Sample output:

				
					public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: cockpit dhcpv6-client ssh
  ports: 20-21/tcp 22/tcp 6000-6100/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
				
			

Access FTP with CLI and GUI Method

Next section of our guide how to Install FTP Server on CentOS 8. we will test the FTP connection using CLI and GUI methods.

Access FTP with CLI

First, log in to a remote Linux machine and run the following command to connect to the FTP server:

				
					ftp 45.58.45.50
				
			

You will be asked to provide an FTP username and password as shown below:

				
					Connected to 45.58.45.50.
220 (proftpd 3.0.3)
Name (45.58.45.50:vyom): ftpuser
331 Please specify the password.
Password:
				
			

After the successful authentication, you should get the FTP shell:

				
					230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
				
			

Now, check all files and directories on the FTP server using the following command:

				
					ftp> ls
				
			

Sample output:

				
					200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r--    1 1000     1000            0 Aug 25 08:39 file1.txt
-rw-r--r--    1 1000     1000            0 Aug 25 08:39 file2.txt
drwxr-xr-x    2 1000     1000            6 Aug 25 08:38 mydir
226 Directory send OK.
				
			

Note: 45.58.45.50 is the IP address of the ProFTPD server.

Access FTP with GUI

First, log in to the Linux desktop machine and open the File Manager as shown below:

Now, press CTRL+L, type the URL ftp://45.58.45.50 and hit Enter. You will be asked to provide an FTP username and password as shown below:

Provide your FTP username, password and click on the Connect button. Once you are log in, you should see the FTP server content in the following screen:

FTP Security

It is a good idea to secure the file transmission using the FTP over SSL encryption protocol and FTP over TLS encryption protocol. Secure Sockets Layer (SSL) encrypts commands and data exchanged between a client and a server. Transport Layer Security (TLS) is another protocol designed to help protect the privacy of information communicated over the Internet.

 

Firstly  we will need to generate an SSL certificate and configure ProFTPD to use the SSL certificate.

SSL/TLS

First, install the OpenSSL package with the following command:

				
					dnf install openssl -y
				
			

Once installed, generate an SSL certificate using the following command:

				
					openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/certs/proftpd.pem -out /etc/ssl/certs/proftpd.pem
				
			

You will be asked to provide your basic information as shown below:

				
					Generating a RSA private key
...............................................+++++
.........+++++
writing new private key to 'https://net.cloudinfrastructureservices.co.uk/etc/ssl/certs/proftpd.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:IN
State or Province Name (full name) []:GUJ
Locality Name (eg, city) [Default City]:JND
Organization Name (eg, company) [Default Company Ltd]:IT
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:centos
Email Address []:admin@yourdomain.com
				
			

Next, edit the ProFTPD main configuration using the following command:

				
					nano /etc/proftpd.conf 
				
			

Add the following lines below the line “DefaultRoot ~ !adm”:

				
					DefaultRoot                     ~ !adm
PassivePorts    6000    6100
  TLSEngine                     on
  TLSRequired                   on
  TLSRSACertificateFile         /etc/ssl/certs/proftpd.pem
  TLSRSACertificateKeyFile     /etc/ssl/certs/proftpd.pem
  TLSCipherSuite                ALL:!ADH:!DES
  TLSOptions                    NoCertRequest
  TLSVerifyClient               off
  TLSRenegotiate                ctrl 3600 data 512000 required off timeout 300
  TLSLog                        /var/log/proftpd/tls.log
				
			

Save and close the file then restart the proftpd service to apply the changes:

				
					systemctl restart proftpd
				
			

Verify Secure FTP Connection

In this section of how to Install FTP Server on CentOS 8 we will need to install the FileZilla FTP client on Linux or Windows machine to verify the secure FTP connection.

First, open the FileZilla FTP client as shown below:

Click on the Site Manager to create a new FTP connection as shown below:

Provide your FTP server IP, Port, Protocol, Username, and click on the Connect button. You will be asked to provide a password for the FTP server:

Provide your FTP password and click on the OK button. You should see the SSL certificate warning screen:

Check “Always trust certificate in future sessions” and click on the OK button. Once you are connected, you should see the FTP server content on the right side of the screen:

How to Install FTP Server on CentOS 8 Conclusion

Congratulations! you have successfully installed ProFTPD with SSL/TLS on CentOS 8. You can now easily upload and download files to and from the FTP server.

Avatar for Hitesh Jethva
Hitesh Jethva

I am a fan of open source technology and have more than 10 years of experience working with Linux and Open Source technologies. I am one of the Linux technical writers for Cloud Infrastructure Services.

0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x