Configuring ProFTPd with virtual users in a file

Let’s say there is a ProFTPd server installed, for example, as I described in this article – Installing and Configuring ProFTPd in Ubuntu

Next, I’ll describe the process of configuring ProFTPd with virtual users in a file.

Open the ProFTPd configuration in any text editor:

sudo nano /etc/proftpd/proftpd.conf

Specify the parameters:

DefaultRoot ~
RequireValidShell off
AuthUserFile /etc/proftpd/ftpd.passwd
AuthGroupFile /etc/proftpd/ftpd.group
AuthOrder mod_auth_file.c

As you can see, only module mod_auth_file.c is used for authorization of users, so logins and passwords are taken only from /etc/proftpd/ftpd.passwd file.

Now create an example user, test:

sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --uid=60 --gid=60 --home=/srv/ftp/test/ --shell=/bin/false

After this command, the /etc/proftpd/ftpd.passwd file of the similar structure with /etc/passwd will be created.
UID and GID can be specified any, preferably except 0 (this is root) and those specified in /etc/passwd.
You can also specify the UID and GID similar to the user in /etc/passwd, for example, 33 as a www-data user, to provide similar rights to web files and specify the home directory of /var/www.
You can create users with the same UID and GID, different home directories and taking into account that they are not allowed to go above their directory level (DefaultRoot ~ parameter in the server configuration).

Create an ftpd.group file:

sudo ftpasswd --group --name=nogroup --file=/etc/proftpd/ftpd.group --gid=60 --member test

Let’s check the configuration:

sudo proftpd -t

Restart ProFTPd to apply the changes:

sudo /etc/init.d/proftpd restart

Since the passwords in the file are stored in encrypted form, you can change the password to the user as follows:

sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --change-password

You can lock/unlock the user (add/remove the ! character in the ftpd.passwd file before the password hash, thereby making it impossible for the user to connect):

sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test2 --lock
sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --unlock

You can delete the user as follows:

sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --delete-user

ftpasswd is a script written in Perl, usually located in /usr/sbin/ftpasswd.

See also:
The solution to the error in ProFTPd “unable to open passwd file”
Configure ProFTPd using the MySQL user database

Did my article help you? How about buying me a cup of coffee as an encouragement? Buy me a coffe.

Leave a comment

Leave a Reply