How to Install an FTP Server with ProFTPD and TLS/SSL on Ubuntu 22.04
ProFTPD is a free, open-source, and feature-rich FTP server written for Unix and Unix-a-like operating systems. It is a secure, high-performance, and highly configurable file transfer protocol that allows you to upload and download files over the internet. It is open-source software and supports TLS (SSL) for secure connections.
This tutorial will show you how to install the ProFTPD FTP server on Ubuntu 22.04.
- A server running Ubuntu 22.04.
- A root password is configured on the server.
Install ProFTPD Ubuntu 22.04
By default, the ProFTPD package is included in the Ubuntu default repository. You can install it easily using the following command:
apt install proftpd -y
Once the ProFTPD package is installed, start the ProFTPD service using the following command:
systemctl start proftpd
You can check the status of the ProFTPD with the following command:
systemctl status proftpd
You will get the following output:
? proftpd.service - ProFTPD FTP Server Loaded: loaded (/lib/systemd/system/proftpd.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2022-10-11 14:33:27 UTC; 16s ago Main PID: 5668 (proftpd) Tasks: 1 (limit: 2242) Memory: 4.4M CPU: 57ms CGroup: /system.slice/proftpd.service ??5668 "proftpd: (accepting connections)" "" "" "" "" "" "" "" "" "" "" "" "" "" "" Oct 11 14:33:26 ubuntu2204 systemd: Starting ProFTPD FTP Server... Oct 11 14:33:26 ubuntu2204 proftpd: Checking syntax of configuration file Oct 11 14:33:27 ubuntu2204 systemd: proftpd.service: Can't open PID file /run/proftpd.pid (yet?) after start: Operation not permitted Oct 11 14:33:27 ubuntu2204 systemd: Started ProFTPD FTP Server.
You can check the ProFTPD version with the following command:
You should get the following output:
ProFTPD Version 1.3.7c
Create an FTP User
Next, you will need to create a user for FTP. You can create it with the following command:
Set a password for this user as shown below:
Adding user `ftpuser' ... Adding new group `ftpuser' (1000) ... Adding new user `ftpuser' (1000) with group `ftpuser' ... Creating home directory `/home/ftpuser' ... Copying files from `/etc/skel' ... New password: Retype new password: passwd: password updated successfully Changing the user information for ftpuser Enter the new value, or press ENTER for the default Full Name : Room Number : Work Phone : Home Phone : Other : Is the information correct? [Y/n] Y
Generate SSL/TLS for FTP
To secure the FTP connection with SSL/TLS, you will need to generate SSL/TLS for ProFTPD.
First, install the OpenSSL package with the following command:
apt-get install openssl -y
Next, generate an SSL/TLS certificate with the following command:
openssl req -x509 -newkey rsa:1024 -keyout /etc/ssl/private/proftpd.key -out /etc/ssl/certs/proftpd.crt -nodes -days 365
You will be asked to provide certificate information as shown below:
......................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:IN State or Province Name (full name) [Some-State]:GUJ Locality Name (eg, city) :JUN Organization Name (eg, company) [Internet Widgits Pty Ltd]:IT Organizational Unit Name (eg, section) :ITC Common Name (e.g. server FQDN or YOUR name) :HITESH Email Address :[email protected]
Next, set proper permission to the generated certificates:
chmod 600 /etc/ssl/private/proftpd.key
chmod 600 /etc/ssl/certs/proftpd.crt
Next, you will need to edit the ProFTPD configuration file and change the default settings:
Change the following configurations:
UseIPv6 on ServerName "FTP Server" Port 21 RequireValidShell on AuthOrder mod_auth_pam.c* mod_auth_unix.c Include /etc/proftpd/tls.conf
Save and close the file, then edit the TLS configuration file and define your SSL certificates:
Change the following lines:
TLSEngine on TLSRSACertificateFile /etc/ssl/certs/proftpd.crt TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key TLSLog /var/log/proftpd/tls.log TLSProtocol SSLv23 TLSRequired on
Save and close the file, then restart the ProFTPD service to apply the changes:
systemctl restart proftpd
Access ProFTPD Server
At this point, the ProFTPD server is installed and secured with SSL/TLS. Now, it's time to access them using the FileZilla FTP client.
Go to the remote system and open FileZilla. You should see the following screen:
Click on Create a new connection. You should see the following screen:
Provide your FTP server IP, port, username, password and click on the Connect button. Once the FTP connection is established, you should see the following screen:
Congratulations! you have successfully installed ProFTPD and secured it with SSL/TLS on Ubuntu 22.04. You can now easily upload and download files to and from the FTP server over secure connections. Feel free to ask me if you have any questions.