In part 1 of this guide we:
- prep’d the server to compile our own installations of ProFTPd and OpenSSL
- downloaded the latest OpenSSL source
- compiled and installed OpenSSL
Now we’re going to do this for the latest version of ProFTPd.
Note: In this part of the guide we’re simply doing the basics and won’t be configuring ProFTPd in any way. We want to be sure we can get ProFTPd installed and running in debug mode with a default configuration before we get into the weeds. In later parts of this guide, we’ll configure the FTP server and I’ll go over the options I use and why I use them, in addition to making sure SSL works as intended.
Download, Compile, and Install ProFTPd
- Create some directories we’ll need for the latest version of ProFTPd. As we did in part 1 of the guide for OpenSSL, you may elect to not keep the full, unmodified, zipped src. I find it handy to have in the event I need it in the future..
sudo mkdir /etc/proftpd
sudo mkdir /etc/proftpd/install
sudo mkdir /etc/proftpd/src
- Change directories to “install”
- Download latest version of ProFTPd
sudo wget -c ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.4b.tar.gz
You can find the URL for the latest version in 2 places, proftpd.org (upper left hand corner under “current version”. The “GZ” link.) or Github. Just copy the URL to your clipboard and paste into the SSH command here. Note that this guide has only been tested with the version of ProFTPd noted above.
- Copy the source tarball to the “src” directory
sudo cp proftpd-1.3.4b.tar.gz ../src/
- Change directories to “src”
- Unzip the source
sudo tar zxvf proftpd-1.3.4b.tar.gz
- Delete the zip file
sudo rm proftpd-1.3.4b.tar.gz
- Change to the directory created from unzipping
- Configure your compile.
As with OpenSSL, there are many, many options you can configure here. If you want to know more about them, see the proftpd documentation. This guide is based on the configuration options below so we won’t be covering any additional switches. This step is also dependent on how we installed OpenSSL in part 1. (line wraps)
sudo ./configure --prefix=/etc/proftpd --enable-dso --disable-auth-file --enable-openssl --with-modules=mod_sftp --with-includes=/usr/local/ssl/include --with-libraries=/usr/local/ssl/lib
options we’re using here:
prefix= root directory where you want ProFTPd installed
enable-dso= add support for run-time loadable modules
disable-auth-file= not needed. we’re using the builtin Linux authentication mechanisms
enable-openssl= required when secure module specified
with-modules= bake these modules into the binary executable
--with-libraries= point to our custom OpenSSL src
sudo make cleanto reset the configuration back to default… helpful for trying different configuration options)
sudo make install
- Open a second Putty SSH window (or use a different console if you’re using “screen”) and fire up ProFTPd in debug mode
sudo /etc/proftpd/sbin/proftpd -n -d 20
Now, without configuring or changing a thing, and as long as port 21 is open on your firewall, you should be able to FTP to your server and see the SSH window running ProFTPd in debug mode fill with status. We don’t care about accounts, permissions, or root directories yet. We just want an indication that the server is listening and responding.
Part 3 coming soon. Stay tuned.