Tag: pure-ftpd

How to change pure-ftpd port
pure-ftpd by default listens on port 21. We will change the FTP port from 21 to some other port. This instruction work for RHEL, CentOS, AlmaLinux, Oracle Linux, and RockeyLinux.

To change FTP port to some other port, edit file
```
vi /etc/pure-ftpd/pure-ftpd.conf
```
Find
```
# Bind                         127.0.0.1,21
```
Add below
```
Bind                        FTP_PORT_HERE
```
Example
```
[root@backendz ~]# cat /etc/pure-ftpd/pure-ftpd.conf  | grep -i bind
# Bind                         127.0.0.1,21
Bind                        2121 
[root@backendz ~]# 
```
This will change FTP port to 2121.

Restart pure-ftpd with command.
```
systemctl start pure-ftpd
```
October 17, 2021
Install Pure-FTPd from source
To instal pureftpd from source, go to

http://download.pureftpd.org/pub/pure-ftpd/releases/

find latest version download link.

Download and Install

At the time of this post, latest version is 1.0.49, always use latest version when you are installing.
```
cd /usr/local/src
wget https://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.49.tar.gz
tar -zxvf pure-ftpd-1.0.49.tar.gz
cd pure-ftpd-1.0.*
./configure --with-puredb
make
make check
make install
```
The software is now installed in /usr/local/sbin/pure-ftpd

To start the server, just run the following command
```
/usr/local/sbin/pure-ftpd
```
Common Errors during install

If you get error: no acceptable C compiler found in $PATH, install gcc with
```
yum install gcc -y
```
Firewall

FTP need following ports open in firewall.
```
TCP 21
TCP 30000-50000
```
Enable MySQL support

If you need to enable MySQL support in pure-ftpd, then run configure command with following option.
```
./configure --with-mysql --with-uploadscript --with-extauth
```
Configuration Files

During installation, configuration file get copied to
```
/etc/pure-ftpd.conf
```
You can edit it as required.

To start pure-ftpd with configuration file, run
```
/usr/local/sbin/pure-ftpd /etc/pure-ftpd.conf
```
To enable system users login, set UnixAuthentication to yes.
```
UnixAuthentication            yes
MinUID                      100
```
MinUID specify lowest id of users that is allowed to login to user. You can uncomment it if you need user root or any other system users to login. But this maybe insecure as FTP comminication is done with out encryption.

NAT

If you are behind NAT, you need to uncomment following settings. This is required for most cloud providers like Amazon AWS, Google Cloud, Microsoft Azure. To see if you have NAT, see if your Public IP is configured inside your server. You can list IP configured in your server with command ip a
```
PassivePortRange             30000 50000
ForcePassiveIP               192.168.0.1
```
Replace 192.168.0.1 with your public IP. If you are using Amazon AWS, then it will be your Elastic IP address. If you don’t use Elastic IP, then it is your public IP.

See PureFTPd
July 8, 2020
Ubuntu pure-ftpd reply with unroutable address
On AWS Ubuntu server running pure-ftpd, when i try connecting, i get error
```
Status:	Server sent passive reply with unroutable address. Using server address instead.
```
To fix this, run
```
echo "30000 50000" > /etc/pure-ftpd/conf/PassivePortRange
echo "YOUR_PUBLIC_IP_HERE" > /etc/pure-ftpd/conf/ForcePassiveIP
```
YOUR_PUBLIC_IP_HERE = Replace with your Elastic IP or Public IP (if you don’t have an Elastic IP).

Restart pure-ftpd
```
systemctl stop pure-ftpd
systemctl start pure-ftpd
```
On AWS security groups, you need to open following ports
```
TCP 21
TCP 30000-50000
```
January 26, 2020