The solution to the error in ProFTPd “unable to open passwd file”

Once I noticed the following error in the file /var/log/proftpd/proftpd.log:

error: unable to open passwd file ‘/etc/proftpd/ftpd.passwd’: Permission denied

As it turned out, the rights to the file were 440 and the owner and group were specified as root
Let’s look in the file /etc/proftpd/proftpd.conf, from which user ProFTPd works, by default from the user proftpd:

User proftpd
Group nogroup

Just in case, we will specify the correct rights to the files (if they are other, then ProFTPd may not start):

sudo chmod 440 /etc/proftpd/ftpd.passwd
sudo chmod 440 /etc/proftpd/ftpd.group

And we will point to the owner files under which ProFTPd is running (for example, by default from proftpd, we leave the group as root):

sudo chown proftpd.root /etc/proftpd/ftpd.group
sudo chown proftpd.root /etc/proftpd/ftpd.passwd

If necessary, restart ProFTPd:

sudo service proftpd restart

After that, you can connect to ProFTPd, there should be no errors.

See also my article:
Configuring ProFTPd with virtual users in a file

Configuring an FTP server on Windows Server 2008 R2

On the test, I will configure the FTP server on Windows Server 2008 R2.

Open the “Server Manager”, it can be found in the menu “Start” – “Administrative Tools”.

If the “Web Server IIS” role is installed, then select it and then click “Add Role Services” (not Add Roles), check “FTP Server” and click “Next” and “Install”.

If the “Web Server IIS” role is not installed, in the “Roles” click “Add Roles”, select “Web Server IIS”, remove the tick from unnecessary components and check “FTP Server”, then click “Next” and “Install”.

Open “IIS Manager”, click “Add FTP Site …”, specify any name and path to the directory where the data will be stored, in the next window we will indicate which users are allowed to connect.

On the left we select the created FTP site, open “FTP Authentication” and activate “Basic Authentication”.

This completes the basic configuration of the FTP server and can be connected to it.

See my other articles on the topic Windows Server.

Configuring video recording to an FTP server from IP cameras and Dahua DVRs

I recently configured the next IP camera Dahua DH-IPC-HFW1320SP-W and decided to use an FTP server for recording.
Since the menu is basically the same on Dahua cameras and DVRs, the FTP entry is configured the same way.

Open the device interface, for example by typing an IP address in the browser.
Open the “Setting” tab, then “Storage” – “Destination”, in the “Path” tab, where “Motion Detection” and “Alarm”, I marked the FTP checkboxes, by the way I could choose only one thing, or “Local ( write to a memory card or HDD) “,” FTP “or” NAS “. After the selection, click “Save” to save the changes.

Now go to the tab “FTP”, tick the “Enable” and specify the connection parameters in “Server Address”, “Username”, “Password” and press “Save” to save the changes.

After that, the device began to write video to the FTP server in mp4 format, however it was impossible to view the history entries via the mobile application and the camera interface.
Files on FTP are sorted into folders by date and time, as a variant of the video can be viewed through any FTP client from a computer or phone, if the camera writes for motion detection, accordingly if there is no motion detection, then there will be no folders and records.

Required! In the “Storage” – “Record Control” menu, you need to select “Stop” in “Disk Full”, if “Overwrite” is selected, then after restarting the camera, in my case, all records from the FTP server were deleted.

If the FTP server is running on Linux, you can, for example, add to Cron a command that will delete the directory older than 30 days so that the disk does not overflow:

find /srv/ftp/ipcam/SNCAM/ -type d -mtime +30 -exec rm -rfv {} \; >> /srv/ftp/ipcam/remove.log

See also my articles:
Using and configuring CRON
Programs for viewing video from DVR DVRs
Installing and Configuring ProFTPd in Ubuntu
Installing and Configuring Pure-FTPd in Ubuntu
Configuring an FTP server on Windows Server 2008 R2
Configuring an FTP server on MikroTik Router OS

Configure ProFTPd using the MySQL user database

Let’s say there is a ProFTPd server installed, for example, as I described in this article – Installing and Configuring ProFTPd in Ubuntu
And also installed MySQL server, for example, as I described in this article – Installing and configuring a MySQL server on Ubuntu

Here is an example of setting up ProFTPd using the MySQL user database.

Continue reading “Configure ProFTPd using the MySQL user database”

Installing and Configuring ProFTPd in Ubuntu

ProFTPd — FTP-server for Linux and UNIX-like operating systems.

The installation command in Ubuntu:

sudo apt-get install proftpd

During installation, you will need to select the launch mode:
(standalone – independently, that is, it will be automatically loaded at system startup or inetd – manually)

After that, the FTP server can already be connected using the system user’s logins and passwords.
By default, users can go higher than their home directory, that is, they can access the system files.

For more detailed settings, open the ProFTPd configuration file in any text editor:

sudo nano /etc/proftpd/proftpd.conf

Specify the name of the server:

ServerName "Debian"

We prohibit users to walk higher than their home directory (if you specify a specific directory and put other user’s directories in it, they will be able to see the files of other users):

DefaultRoot ~

The server port, given the large number of bot scanners on the Internet, it’s better to change to an arbitrary one:

Port 21

We forbid you to connect to the server as root:

RootLogin off

Permit to continue uploading files:

AllowStoreRestart on

After editing the configuration file, we will check it for correctness:

sudo proftpd -t

Restart ProFTPd to apply the new settings:

sudo /etc/init.d/proftpd restart

You can see the version of ProFTPd like this:

proftpd -v

Logs are stored in the /var/log/proftpd/ directory.
When installed, the /srv/ftp/ directory is automatically created, which can be used to locate user directories.

If something does not work, then you can stop and start ProFTPd in debug mode, after which all the detailed information about the work will be displayed on the screen (you can exit this mode with the CTRL+C keys):

sudo /etc/init.d/proftpd stop
sudo proftpd -nd6

See also my articles:
IPTables rules for FTP server
Configuring ProFTPd with virtual users in a file
Active and passive FTP mode
Installing and Configuring Pure-FTPd in Ubuntu

Configuring an FTP server on MikroTik Router OS

Usually an FTP server on MikroTik Router OS is enabled and uses ports 20 and 21 for communication.
Connection type without encryption, login and password are same as for access to mikrotik.

You can connect by typing the ip address of the router in the browser’s address bar:
ftp://192.168.88.1

Via the graphical interface, the FTP service is turned off and turned on in the “IP” – “Service”

Through the command line:

ip service disable service_number
ip service enable service_number

View a list of services:

ip service print

To view the information about the files, you can run the following command:

file print detail
disk print detail

Active and passive FTP mode

FTP can work both in the active mode and in the passive mode.

In active mode, the client performs a control connection with the server, and the server makes a connection to the client for data transfer.
The passive control connection and data connection are made by the client himself.

Under the control connection is meant authentication and command transmission.
The control connection is executed by the client in both cases equally, from the client side from the dynamic TCP port 1024-65535 to the server port 21.

In the active mode after the control connection from the client, the FTP server connects to the client’s dynamic port 1024-65535 from its TCP port 20 for data transfer.
In the passive mode after the control connection from the client, the FTP server tells the client the number of the dynamic TCP port 1024-65535 to which it can be connected to the client for data transmission.