This is a guide on how to configure ProFTPd for SFTP sessions. Secure File Transfer Protocol (SFTP) is a secure version of FTP which transfers files via the SSH protocol. ProFTPD can be reconfigured to serve SFTP sessions vs using the default FTP protocol. This guide assumes you already have a existing ProFTPD installation. If you do not already have it installed please follow How to Install Proftpd.Edit /etc/proftpd.conf To Enable sFTPnano /etc/proftpd.confUn-comment the following lines to load mod_sftp#LoadModule mod_sftp.c
#LoadModule mod_sftp_pam.cToLoadModule mod_sftp.c
LoadModule mod_sftp_pam.cAdd the following to the end of the configuration (outside of the <global> </global> block to run it separately)<IfModule mod_sftp.c>
SFTPEngine ON
SFTPLog /var/log/sftp.log
Port 2222
SFTPHostKey /etc/ssh/ssh_host_rsa_key
SFTPLog /var/log/proftpd/sftp.log
SFTPCompression delayed
</IfModule>SFTPEngine – This will enable SFTPSFTPLog – This will set the log file for sftp connectionsPort – This will set the port ProFTPd will listen on for SFTP connectionsSFTPHostKey – This points to the SSH key.SFTPCompression – This sets the compression method used during transfersOpen the sFTP port in the firewallFirewalld:Enable firewall rule:firewall-cmd –zone=public –add-port=2222/tcp –permanentLoad the new firewallfirewall-cmd –reloadIptables:Enable the firewall rule:iptables -A INPUT -p tcp -m tcp –dport 2222 -j ACCEPTSave the firewall rule:iptables-save > /etc/sysconfig/iptables Restart ProftpdCentOS 7:systemctl restart proftpdCentOS 6:service proftpd restartThats all you need to do to configure ProFTPd to accept ssh connections. You should now able to connect via port 2222 using a sFTP client.Jan 14, 2018LinuxAdmin.io
