Hi All,
I successfully installed and configured ProFTPD on my R7000. The main reason was to make users folder configurable and not to allow ftp users to go below defined user root folder. I assume that Entware already installed and an external USB drive mounded with name USB.
1. Install proftpd server
Configuration file is: /opt/etc/proftp.conf
To start, restart, stop proftp daemon: /opt/etc/init.d/S66proftpd
To debug configuration settings: proftpd -d10
2. Configuration file changes
Commented Anonymous section
Added or changed
The last two line in the config file allow to authenticate users with id range 500-510 defined in the specified files. You have to create /opt.etc/proftpd folder and make sure only admin user can write in that folder. Otherwise proftpd will generate an error cannot write in world-writable folder.
To create ftpd.passwd and ftp.group files as an easy step you can copy passwd, group, shadow files from /etc folder an rename them. Then using existing templates you can keep just a single group
To create ftp users you may clone existing copied users just replacing "x" with the password from shadow file and adding user root folder or use provided template
My template adds user Guest with ID 501 with user root folder/mnt/USB/ftproot/Guest
If you need to add more user you can use 'mkpasswd" utility to generate/change user passwords.
If you need to add access from WAN, you need to add a line in firewall-start script
and add FTP ports forwarding to 192.168.1.1
Fill free to add more notes as everything is based on my personal experience.
I successfully installed and configured ProFTPD on my R7000. The main reason was to make users folder configurable and not to allow ftp users to go below defined user root folder. I assume that Entware already installed and an external USB drive mounded with name USB.
1. Install proftpd server
Code:
opkg install proftpdTo start, restart, stop proftp daemon: /opt/etc/init.d/S66proftpd
To debug configuration settings: proftpd -d10
2. Configuration file changes
Commented Anonymous section
Added or changed
Code:
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~
# Set the user and group under which the server will run.
User admin
Group root
# optional to allow admin access
#RootLogin on
# user authentication files
AuthUserFile /opt/etc/proftpd/ftpd.passwd id 500-510
AuthGroupFile /opt/etc/proftpd/ftpd.groupTo create ftpd.passwd and ftp.group files as an easy step you can copy passwd, group, shadow files from /etc folder an rename them. Then using existing templates you can keep just a single group
Code:
ftp:x:505:
Code:
Guest:CryptedPasswordIsH:501:505::/mnt/USB/ftproot/Guest:If you need to add more user you can use 'mkpasswd" utility to generate/change user passwords.
If you need to add access from WAN, you need to add a line in firewall-start script
Code:
iptables -I INPUT -p tcp --destination-port 21 -j ACCEPTFill free to add more notes as everything is based on my personal experience.
