You are here
Home > Linux System Administration > Configure ProFTPd for SFTP on CentOS

Configure ProFTPd for SFTP on CentOS

Configure Proftpd for sFTP

This is a guide on how to configure ProFTPd for SFTP sessions. Secure File Transfer Protocol (SFTP) is a secure version of FTP which transfers files via the SSH protocol. ProFTPD can be reconfigured to serve SFTP sessions vs using the default FTP protocol. This guide assumes you already have a existing ProFTPD installation. If you do not already have it installed please follow How to Install Proftpd.

Edit /etc/proftpd.conf  To Enable sFTP

nano /etc/proftpd.conf

Un-comment the following lines to load mod_sftp

#LoadModule mod_sftp.c
#LoadModule mod_sftp_pam.c


LoadModule mod_sftp.c
LoadModule mod_sftp_pam.c

Add the following to the end of the configuration (outside of the <global> </global> block to run it separately)

<IfModule mod_sftp.c>
 SFTPEngine ON
 SFTPLog /var/log/sftp.log
 Port 2222
 SFTPHostKey /etc/ssh/ssh_host_rsa_key
 SFTPLog /var/log/proftpd/sftp.log
 SFTPCompression delayed

SFTPEngine – This will enable SFTP
SFTPLog – This will set the log file for sftp connections
Port – This will set the port ProFTPd will listen on for SFTP connections
SFTPHostKey – This points to the SSH key.
SFTPCompression – This sets the compression method used during transfers

Open the sFTP port in the firewall


Enable firewall rule:

firewall-cmd --zone=public --add-port=2222/tcp --permanent

Load the new firewall

firewall-cmd --reload


Enable the firewall rule:

iptables -A INPUT -p tcp -m tcp --dport 2222 -j ACCEPT

Save the firewall rule:

iptables-save > /etc/sysconfig/iptables


Restart Proftpd

CentOS 7:

systemctl restart proftpd

CentOS 6:

service proftpd restart

Thats all you need to do to configure ProFTPd to accept ssh connections. You should now able to connect via port 2222 using a sFTP client.

Leave a Reply

Notify of