FTP service setup

[Guest KShots]

Hello... I'm trying to set up an FTP service under Mandrake 9.1... My setup is as follows:

 

P-200 MMX w/ 96 megs RAM connected to cable modem and LAN, using dhcpd and shorewall to share internet connection. I've re-written the shorewall conf files to get rid of the confusing masq and loc, replacing it with only loc. It seems to work fine now. The only means of configuring this system are through SSH and tightvnc server (running KDE or IceWM). I'm also running Apache, though I have to access it through port 8080 outside of my LAN because my ISP blocks port 80.

 

I've looked through the Mandrake help documents and found that I'm supposed to have an extra button in the Mandrake Control Center that I don't have... Below "Software Management," there's supposed to be a "Server Configuration" button... I don't have it! :( How do I configure FTP without this button, or alternatively, how do I get this button to appear?

[MottS]

Hi KShots

 

I'm also running Apache, though I have to access it through port 8080 outside of my LAN because my ISP blocks port 80.

Ok .. so this is what you did. Good good

 

I've looked through the Mandrake help documents and found that I'm supposed to have an extra button in the Mandrake Control Center that I don't have... Below "Software Management," there's supposed to be a "Server Configuration" button... I don't have it! :( How do I configure FTP without this button, or alternatively, how do I get this button to appear?

You have to install an extra package to get that icon. Open up the software manager and search for drakwiz and install that package (drakwizard I beleave). The extra icon will apear.

 

However, I don't suggest you to run any wizards inthere. They usually set things (specially the ftp one) in a weird manner... Why don't you write the config file by yourself (/etc/proftpd.conf)? I can give you mine if you want. I run a anonymous ftp site with one directory for downloads and the other one for uploads. Really simple and safe. Do you know that you can also download/upload files with SSH? SFTP is what you are looking for. Easier than setting up an FTP server (SSH is already running on your server) and it's secured. However there is no way to have anonymous access.

 

Let me know!

 

HTH

 

MOttS

[Guest KShots]

Ah, MottS, good to see you again! :)

 

Sure, an example ftp config file would be appreciated. Doesn't seem to be much to configure in that file, and I'm not logging in yet.

 

I've been using the file transfer on SSH, but my father wants to try using FrontPage on the server, and he only knows how to use it through FTP. Figured I'd give it a shot.

[MottS]

Ok, here it is. I started with the original file (you know, when you first install Proftpd) and added more stuff to it. The root directory is /var/www/ftp. In this directory I have 'incoming' where everyone can upload but not download and 'pub' where everyone can download but cannot upload. 'incoming' is owned by the user 'ftp'... well.. here it is (take care of the drwx--rc--whata):

[root@localhost ftp]# ls -l

total 8

drwxrwx---    2 ftp      ftp          4096 jun 18 18:05 incoming/

drwxr-xr-x    2 root     root         4096 jun 17 06:40 pub/

# This is a basic ProFTPD configuration file (rename it to

# 'proftpd.conf' for actual use.  It establishes a single server

# and a single anonymous login.  It assumes that you have a user/group

# "nobody" and "nogroup" for normal operation and anon.



ServerName                      "ProFTPD Default Installation"

ServerType                      standalone

DefaultServer                   on



# Allow FTP resuming.

# Remember to set to off if you have an incoming ftp for upload.

AllowStoreRestart               on



# Port 21 is the standard FTP port.

Port                            21

# Umask 022 is a good standard umask to prevent new dirs and files

# from being group and world writable.

Umask                           022



# To prevent DoS attacks, set the maximum number of child processes

# to 30.  If you need to allow more than 30 concurrent connections

# at once, simply increase this value.  Note that this ONLY works

# in standalone mode, in inetd mode you should use an inetd server

# that allows you to limit maximum number of processes per service

# (such as xinetd)

MaxInstances                    5



# Set the user and group that the server normally runs at.

User                            nobody

Group                           nogroup



# Normally, we want files to be overwriteable.

#<Directory /*>

#  AllowOverwrite               on

#</Directory>



# Needed for NIS.

#PersistentPasswd               off



# Default root can be used to put users in a chroot environment.

# As an example if you have a user foo and you want to put foo in /home/foo

# chroot environment you would do this:

#

# DefaultRoot /home/foo foo



# Anonymous part:



<Anonymous /var/www/ftp>

       User ftp

       Group ftp

       UserAlias anonymous ftp

       RequireValidShell off

       DefaultChdir /var/www/ftp

       <Limit WRITE>

               DenyAll

       </Limit>

       <Directory incoming>

              <Limit STOR CWD>

                       AllowAll

               </Limit>

               <Limit READ RMD DELE MKD SITE_CHMOD>

                       DenyAll

               </Limit>

       </Directory>

</Anonymous>

[Guest KShots]

Thanks, that seems to work great! I'll let ya know if the FrontPage part of things work out!

[Guest xaff]

I thought I'd give you mine as well, since it's a little different. (Non-public, and all my computers are behind a Firewall and uses NAT.)

 

 

ServerName 	 "xaff's site"

ServerType 	 standalone

DefaultServer 	 on



# Allow FTP resuming.

# Remember to set to off if you have an incoming ftp for upload.

AllowStoreRestart  on

AllowRetrieveRestart  on



MasqueradeAddress  x.x.x.x # Your IP goes here



PassivePorts 	 6000 6500

Port    3000

Umask    022



# To prevent DoS attacks, set the maximum number of child processes

# to 30.  If you need to allow more than 30 concurrent connections

# at once, simply increase this value.  Note that this ONLY works

# in standalone mode, in inetd mode you should use an inetd server

# that allows you to limit maximum number of processes per service

# (such as xinetd).

MaxInstances 	 30



# Set the user and group under which the server will run.

User    nobody

Group    nogroup



# Normally, we want files to be overwriteable.

<Directory />

 AllowOverwrite  on

</Directory>



# Needed for NIS.

PersistentPasswd  off