You are here
Home > Linux System Administration > Configure ProFTPd for SFTP on CentOS

Configure ProFTPd for SFTP on CentOS

Configure Proftpd for sFTP

This is a guide on how to configure ProFTPd for SFTP sessions. Secure File Transfer Protocol (SFTP) is a secure version of FTP which transfers files via the SSH protocol. ProFTPD can be reconfigured to serve SFTP sessions vs using the default FTP protocol. This guide assumes you already have a existing ProFTPD installation. If you do not already have it installed please follow How to Install Proftpd.


Edit /etc/proftpd.conf  To Enable sFTP

nano /etc/proftpd.conf

Un-comment the following lines to load mod_sftp

#LoadModule mod_sftp.c
#LoadModule mod_sftp_pam.c

To

LoadModule mod_sftp.c
LoadModule mod_sftp_pam.c

Add the following to the end of the configuration (outside of the <global> </global> block to run it separately)

<IfModule mod_sftp.c>
 SFTPEngine ON
 SFTPLog /var/log/sftp.log
 Port 2222
 SFTPHostKey /etc/ssh/ssh_host_rsa_key
 SFTPLog /var/log/proftpd/sftp.log
 SFTPCompression delayed
</IfModule>

SFTPEngine – This will enable SFTP
SFTPLog – This will set the log file for sftp connections
Port – This will set the port ProFTPd will listen on for SFTP connections
SFTPHostKey – This points to the SSH key.
SFTPCompression – This sets the compression method used during transfers

Open the sFTP port in the firewall

Firewalld:

Enable firewall rule:

firewall-cmd --zone=public --add-port=2222/tcp --permanent

Load the new firewall

firewall-cmd --reload

Iptables:

Enable the firewall rule:

iptables -A INPUT -p tcp -m tcp --dport 2222 -j ACCEPT

Save the firewall rule:

iptables-save > /etc/sysconfig/iptables

 

Restart Proftpd

CentOS 7:

systemctl restart proftpd

CentOS 6:

service proftpd restart

Thats all you need to do to configure ProFTPd to accept ssh connections. You should now able to connect via port 2222 using a sFTP client.

Leave a Reply

Be the First to Comment!

avatar
  Subscribe  
Notify of
Top