Definitive instructions for installing secure Proftpd with OpenSSL – Part 1

Proftpd is a remarkably versatile Unix/Linux FTP server daemon that has been in under active maintenance for more than 20 years. Downloading the base package from a stable Linux repository or performing a default installation from the latest source will net you a solid and easy to use server.

But what if you want more that just a default installation? There are hundreds of configurable options and more than a few dozen contributed or 3rd party modules, each with their own quirks/caveats that can lead a mostly Windows person down a thousand rabbit holes if you aren’t careful or have a strong background in Linux administration. In addition, while the base install of ProFTPd / OpenSSL from a stable repository will work “out of the box”, there’s a good chance that you won’t have the latest version of ProFTPd and OpenSSL (or source) due to delays from extensive vetting by Canonical.

This multi-part tutorial is my re-cap of months of monkeying around with Proftpd, following hundreds of different links, reading pages and pages of info, finally getting it to work they way I want it to.

Please link back to these instructions so others may find them on Google. (You know how it works — only pages with the highest number of incoming links get the best search position. If this guide helped you, help others find it too.)

Assumptions

  • You are a Windows professional or advanced user who “tinkers” with Linux as a hobby or as a non-critical part of your job. Expert Linux isn’t required, but you should understand basic commands like cat, tail, ls, grep, etc. You need to know how to use “vi” or some other command line text editor.
  • You have a [mostly] vanilla installation of ubuntu 10.04.04 LTS server that has been fully updated with all security patches and application updates. It’s entirely probable newer versions of Ubuntu will work fine (12.04 as of this writing) but this guide has only been tested with 10.04. The SSH server daemon needs to be installed either manually or as a part of an initial server load.
  • I make use of the Webmin utility to handle several basic Linux administrative tasks. As I mentioned, the audience for this guide is a mostly Windows person who tinkers. You’re not here to learn how to create new user accounts from a command line.

We’ll be compiling, installing, and configuring ProFTPd to use a non-standard port number, SSL, behind a firewall, and on a non-routable IP block.

Let’s get started…
Continue reading Definitive instructions for installing secure Proftpd with OpenSSL – Part 1