Configuring ProFTPd with virtual users in a file

Post autor: **jurek** » 16 lut 2022, 14:14

Posted byVyacheslav 14.03.2018
1 Comment on Configuring ProFTPd with virtual users in a file

Let’s say there is a ProFTPd server installed, for example, as I described in this article – Installing and Configuring ProFTPd in Ubuntu

Next, I’ll describe the process of configuring ProFTPd with virtual users in a file.

Open the ProFTPd configuration in any text editor:
1

sudo nano /etc/proftpd/proftpd.conf

Specify the parameters:
1
2
3
4
5

DefaultRoot ~
RequireValidShell off
AuthUserFile /etc/proftpd/ftpd.passwd
AuthGroupFile /etc/proftpd/ftpd.group
AuthOrder mod_auth_file.c

As you can see, only module mod_auth_file.c is used for authorization of users, so logins and passwords are taken only from /etc/proftpd/ftpd.passwd file.

Now create an example user, test:
1

sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --uid=33 --gid=33 --home=/srv/ftp/test/ --shell=/bin/false

chown www-data:www-data /test

After this command, the /etc/proftpd/ftpd.passwd file of the similar structure with /etc/passwd will be created.
UID and GID can be specified any, preferably except 0 (this is root) and those specified in /etc/passwd.
You can also specify the UID and GID similar to the user in /etc/passwd, for example, 33 as a www-data user, to provide similar rights to web files and specify the home directory of /var/www.
You can create users with the same UID and GID, different home directories and taking into account that they are not allowed to go above their directory level (DefaultRoot ~ parameter in the server configuration).

Create an ftpd.group file:
1

sudo ftpasswd --group --name=nogroup --file=/etc/proftpd/ftpd.group --gid=60 --member test

Let’s check the configuration:
1

sudo proftpd -t

Restart ProFTPd to apply the changes:
1

sudo /etc/init.d/proftpd restart

Since the passwords in the file are stored in encrypted form, you can change the password to the user as follows:
1

sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --change-password

You can lock/unlock the user (add/remove the ! character in the ftpd.passwd file before the password hash, thereby making it impossible for the user to connect):
1
2

sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test2 --lock
sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --unlock

You can delete the user as follows:
1

sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --delete-user

ftpasswd is a script written in Perl, usually located in /usr/sbin/ftpasswd.