Proftpd on amazon ec2
02/02/2011 at 22:43 3 comments
Installing proftpd on an amazon ec2 instance is not rocket science, but after installing you need to configure it to work correct.Because amazon ec2 instances use an internal IP address as their ethernet interface address, proftpd needs to be configured for passive FTP.
First, you need to apply for an Elastic IP address which you will allocate to your instance. This will be the IP address that will be show to the world.
Second step is to configure the firewall properly for that instance. Go to the “Security group” assigned to the instance and add the following rules:
- Connection Method: Custom
- Protocol: TCP
- From Port: 20
- To Port: 21
- Source (IP or group): 0.0.0.0/0 (that is, if you want to permit to the whole internet to access your ftp server; if not, replace this with the IP address or class that you want to give access to your ftp server)
We need to add another rule for the passive ports that will be used by proftpd:
- Connection Method: Custom
- Protocol: TCP
- From Port: 49152
- To Port: 65535
- Source (IP or group): 0.0.0.0/0
Now, go to your machine end edit /etc/proftpd/proftpd.conf and add the following lines:
PassivePorts 49152 65535
MasqueradeAddress your_elastic_ip_address
Restart proftpd and enjoy:
/etc/init.d/proftpd restart
Entry filed under: Linux. Tags: amazon, Debian, ec2, ftp, Lenny, Linux, passive, proftpd, ubuntu.
1.
n2h | 05/03/2011 at 06:19
Thanks!
I’ve been looking for this guide and successfully config Proftpd with passive mode.
2.
Petre | 05/03/2011 at 08:26
Configuring with passive mode is the trick, because amazon ec2 instances have only internal addresses configured on their network interfaces. In the meanwhile I switched to pureftpd with mysql, I will write a howto about installing it soon.
3.
Alex Harvey | 16/02/2012 at 10:54
Great guide very concise but any advice for creating users for only FTP access? I get “530 Login incorrect.” and then 421. I’m doing something wrong. Thanks!