FTP Serving
WIP!
FTP is most often used as a way to remotely access files on servers of other types. As such, you'll likely be configuring this service on a server primarily intended for something else. (i.e.: a web server)
Using vsftpd
Install vsftpd
sudo apt-get update
sudo apt-get install vsftpd
Configure vsftpd
sudo vim /etc/vsftpd.conf
# Uncomment this to enable any form of FTP write command. write_enable=YES # # Enable PASV # pasv_enable=YES pasv_promiscuous=YES pasv_min_port=7000 pasv_max_port=7100
sudo service vsftpd restart
- Open ports 21 & 7000-7100 to this server in your firewall.
Interesting dilemma... passive mode doesn't work for SHIT if the client is behind a firewall.
Also: The Windows FTP command-line client (ftp.exe
) does not support the passive mode, on any version of Windows. It makes it pretty useless nowadays due to ubiquitous firewalls and NATs.
Use any thirdparty Windows FTP command-line client instead. Most other support the passive mode.
Even just accessing your FTP server with a web browser (ftp://server.address) works better...
Further Reading...
Using ProFTP
Installing ProFTPd
sudo apt-get update
sudo apt-get install proftpd
At this point, any user with an account on the network can access the machine via ftp using their regular name & password. (Note: by default, this does not include root.)
This is the MINIMUM required to get it running & you'll want to go deeper into the available options.
Accessing FTP through NAT (pfSense here...)
ProFTPD: Firewalls, Routers, and NAT
The minimum requirements to make it work...
sudo vi /etc/proftpd/proftpd.conf
Lines 51 & 56 need to be un-commented & edited
Choose an available range of ports for PassivePorts.
Set MasqueradeAddress to either the WAN address of your firewall or it's FQDN.
Then restart the service:
sudo service proftpd restart
Then create 2 port forwards, one specifically for port 21 (FTP) & one for the the range chosen in PassivePorts.
Further Configurations
For now, I'd strongly suggest spending some quality time browsing the ProFTPd Documentation. There are a LOT of things that can be done...