How to Install an FTP Server with ProFTPD and TLS/SSL on Ubuntu 22.04

ProFTPD is a free, open-source, and feature-rich FTP server written for Unix and Unix-a-like operating systems. It is a secure, high-performance, and highly configurable file transfer protocol that allows you to upload and download files over the internet. It is open-source software and supports TLS (SSL) for secure connections.

This tutorial will show you how to install the ProFTPD FTP server on Ubuntu 22.04.

Prerequisites

  • A server running Ubuntu 22.04.
  • A root password is configured on the server.

Install ProFTPD Ubuntu 22.04

By default, the ProFTPD package is included in the Ubuntu default repository. You can install it easily using the following command:

apt install proftpd -y

Once the ProFTPD package is installed, start the ProFTPD service using the following command:

systemctl start proftpd

You can check the status of the ProFTPD with the following command:

systemctl status proftpd

You will get the following output:

? proftpd.service - ProFTPD FTP Server
     Loaded: loaded (/lib/systemd/system/proftpd.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2022-10-11 14:33:27 UTC; 16s ago
   Main PID: 5668 (proftpd)
      Tasks: 1 (limit: 2242)
     Memory: 4.4M
        CPU: 57ms
     CGroup: /system.slice/proftpd.service
             ??5668 "proftpd: (accepting connections)" "" "" "" "" "" "" "" "" "" "" "" "" "" ""

Oct 11 14:33:26 ubuntu2204 systemd[1]: Starting ProFTPD FTP Server...
Oct 11 14:33:26 ubuntu2204 proftpd[5666]: Checking syntax of configuration file
Oct 11 14:33:27 ubuntu2204 systemd[1]: proftpd.service: Can't open PID file /run/proftpd.pid (yet?) after start: Operation not permitted
Oct 11 14:33:27 ubuntu2204 systemd[1]: Started ProFTPD FTP Server.

You can check the ProFTPD version with the following command:

proftpd --version

You should get the following output:

ProFTPD Version 1.3.7c

Create an FTP User

Next, you will need to create a user for FTP. You can create it with the following command:

adduser ftpuser

Set a password for this user as shown below:

Adding user `ftpuser' ...
Adding new group `ftpuser' (1000) ...
Adding new user `ftpuser' (1000) with group `ftpuser' ...
Creating home directory `/home/ftpuser' ...
Copying files from `/etc/skel' ...
New password: 
Retype new password: 
passwd: password updated successfully
Changing the user information for ftpuser
Enter the new value, or press ENTER for the default
	Full Name []: 
	Room Number []: 
	Work Phone []: 
	Home Phone []: 
	Other []: 
Is the information correct? [Y/n] Y

Generate SSL/TLS for FTP

To secure the FTP connection with SSL/TLS, you will need to generate SSL/TLS for ProFTPD.

First, install the OpenSSL package with the following command:

apt-get install openssl -y

Next, generate an SSL/TLS certificate with the following command:

openssl req -x509 -newkey rsa:1024 -keyout /etc/ssl/private/proftpd.key -out /etc/ssl/certs/proftpd.crt -nodes -days 365

You will be asked to provide certificate information as shown below:

......................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:GUJ
Locality Name (eg, city) []:JUN
Organization Name (eg, company) [Internet Widgits Pty Ltd]:IT
Organizational Unit Name (eg, section) []:ITC
Common Name (e.g. server FQDN or YOUR name) []:HITESH
Email Address []:[email protected]

Next, set proper permission to the generated certificates:

chmod 600 /etc/ssl/private/proftpd.key
chmod 600 /etc/ssl/certs/proftpd.crt

Configure ProFTPD

Next, you will need to edit the ProFTPD configuration file and change the default settings:

nano /etc/proftpd/proftpd.conf

Change the following configurations:

UseIPv6 on
ServerName "FTP Server"
Port 21
RequireValidShell on
AuthOrder mod_auth_pam.c* mod_auth_unix.c
Include /etc/proftpd/tls.conf

Save and close the file, then edit the TLS configuration file and define your SSL certificates:

nano /etc/proftpd/tls.conf

Change the following lines:

TLSEngine                               on
TLSRSACertificateFile                   /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile                /etc/ssl/private/proftpd.key
TLSLog /var/log/proftpd/tls.log
TLSProtocol SSLv23
TLSRequired on

Save and close the file, then restart the ProFTPD service to apply the changes:

systemctl restart proftpd

Access ProFTPD Server

At this point, the ProFTPD server is installed and secured with SSL/TLS. Now, it's time to access them using the FileZilla FTP client.

Go to the remote system and open FileZilla. You should see the following screen:

FileZilla

Click on Create a new connection. You should see the following screen:

FTP server settings

Provide your FTP server IP, port, username, password and click on the Connect button. Once the FTP connection is established, you should see the following screen:

FTP server connected

Conclusion

Congratulations! you have successfully installed ProFTPD and secured it with SSL/TLS on Ubuntu 22.04. You can now easily upload and download files to and from the FTP server over secure connections. Feel free to ask me if you have any questions.

Share this page:

1 Comment(s)