ProFTP w/ Passive Ports setup Guide

  • First you should create a shared folder and your users for that shared folder. The folder used for FTP does not need to be shared with SMB/CIFS. I do not recommend you use it with another service. It should be dedicated to FTP only.


    Setting up the Shared Folder
    1-Go to Access Rights Management.
    2-Click on Shared Folder.
    3-In the Right window click on Add.
    4-Drop down the Volume and select the data drive you want to use with the share.
    5-In the Name field type "Public" and then press TAB. You should see "Public/" show up in the Path field.
    6-Click on Save and apply.


    Setting up the Users
    1-Go to Access Rights Management and click on User.
    2-On the right window click on add. Fill in name, password, change shell to /bin/bash. Click on save and then apply.
    3-Repeat for amount of desired users.


    Giving users Privileges
    1-Go to Access Rights Management and click on shared folder.
    2-On the right click on the "Public" folder to highlight it.
    3-Then click on Privileges.
    4- For the users you created for FTP put a check mark in either "Read/Write" or "Read-only". If you want to temporarily take away access or not give access yet you can use no access.
    5-Click on save.


    Setting up the ProFTP Server (w/ 6 passive ports open)
    1- Go to Services/FTP then on right you want to be in Settings TAB.
    2- put check in enable
    3- put in a Welcome Message (whatever you want)
    5- put a check in passive port and make range 14100-14105
    6- put a check in the Transfer log
    7- leave all the other defaults alone. Click on save and then apply (it takes a bit for apply to show)
    8- Now click on the Shares TAB above.
    9- Click on Add.
    10- Now click on the Dropdown and select your share folder (I used Public above so I will click on it).
    11- Click on Save and Apply.


    Now finish the instructions in the next post to do finishing touches on the passive ports.

  • Do the following in a SSH root session:


    1- Edit this file with nano and put in contents from the codebox. Create it if you don't have it.
    /etc/modprobe.d/options.conf


    Contents

    Code
    options nf_conntrack_ftp ports=21,14100,14101,14102,14103,14104,14105




    2- Edit this file with nano and put in contents from the codebox. Create it if you don't have it. This file usually has some stuff in it already. Just add this at the end of the file.


    /etc/modules


    Code
    nf_conntrack_ftp




    then you have to reboot

  • Done and tested. If anyone needs help with settings in Filezilla let me know and I'll post it later.


    When you 1st connect in Filezilla it will show you 1 level above the Public folder. Click on the Public folder in the right window to go into it and start uploading.


    PS-I would not use FTP for data that you want to keep secure. Also, I would not use the users that are used for FTP for anything else on your system. The server as setup above should only be for non-sensitive data that you are looking for an easy distribution method.


    PPS- I love passive ports but this is not my preferred setup. I don't like to use my system users for FTP. I would rather use virtual users. Here is link you might find interesting.


    http://www.cyberciti.biz/tips/…p-with-virtual-users.html


    Nice simple database setup for vsftp using virtual users and pam for authentication. On a larger scale you could use mysql for your virtual users.

  • Hi tekkbebe, I have tried to follow your indications to make it work with SFTP client (port 22), but without success.
    Can you create a new "version" of your guide to make it work with a SFTP client ?
    Thanks.

  • I know, I hoped that the guide for user creation/privilegs/personal folder would be similar to your FTP guide. Obviously I was wrong.
    My goal is to make connect a remote user (via, for example, WinSCP) to a personal read/write directory on my OMV box.


    Edit: Thanks that would be great.

  • I'm sure Tekkbebe's guide will cover this but just enable home directories in the user tab and add each user to the ssh group. Then each user can login to the server and will start at their home directory.

    omv 5.6.13 usul | 64 bit | 5.11 proxmox kernel | omvextrasorg 5.6.2 | kvm plugin 5.1.6
    omv-extras.org plugins source code and issue tracker - github


    Please read this before posting a question.
    Please don't PM for support... Too many PMs!

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!