AIX ProFTPD installation compilation and configuration
id : x1h8dg1j8b
category : computer
blog : unix
created : 11/16/10 - 17:45:56

Installation

Post installation
  • Install theses rpm needed to compile ProFTPD :
# rpm -ivh coreutils-5.2.1-2.aix5.1.ppc.rpm
# rpm -ivh gcc-4.2.0.3.aix5.3.ppc.rpm
# rpm -ivh openssl-0.9.71-1.axi5.1.ppc.rp
# rpm -ivh openssl-devel-0.9.7l-1.aix5.1.ppc.rpm

  • Get ProFTPD v1.3.3c on this url :
# wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3c.tar.gz

  • Uncompress ProFTPD sources :
# gunzip proftpd-1.3.3c.tar.gz
# tar xvf proftpd-1.3.3c.tar

Compilation
  • Configure with mod_tls :
# ./configure --with-modules=mod_tls --with-includes=/opt/freeware/include/openssl --with-librairies=/opt/freeware/lib --without-getopt

  • Make and make install (default installation dir will be used : /usr/local/sbin for binaries) :
# make all
# make install

  • Verify all is ok, version and modules :
# /usr/local/sbin/proftpd -v
ProFTPD Version 1.3.3c
# /usr/local/sbin/proftpd -l
Compiled-in modules
  mod_core.c
  mod_xfer.c
  mod_auth_unix.c
  mod_auth_file.c
  mod_auth.c
  mod_ls.c
  mod_log.c
  mod_site.c
  mod_delay.c
  mod_facts.c
  mod_ident.c
  mod_auth_pam.c
  mod_tls.c

Service creation
  • Create an aix subsystem with mkssys command to let ProFTPD to be src controlled :
mkssys -s proftpd -p /usr/local/sbin/proftpd -a "-n -c /etc/proftpd.conf" -u 0 -S -n 15 -f 9 -R -G proftpd

  • Take notice that by using the "-n" switch with proftpd you tell it to not daemonize, and let startsrc/stopsrc control it fully.
  • When this is done you should be able to start/stop proftpd with :
# startsrc -g proftpd
# stopsrc -g proftpd%%
or
%%(cmdline)# startsrc -g proftpd
# stopsrc -g proftpd

  • If you want to delete proftpd subsystem :
# rmssys -s proftpd

Configuration

  • Configration file is in /etc/proftpd.conf; if it does not exists create it :
# vi /etc/proftpd.conf

#**********************#
# Server configuration #
#**********************#
ServerName "**** proftpd server"
ServerType StandAlone
DefaultServer on
SystemLog /var/log/proftpd.log
TransferLog /var/log/proftpd_xfer.log
User nobody
Group nobody
TimeoutNoTransfer 600
TimeoutLogin 300
TimeoutIdle 600
Port 21
Umask 022
DefaultRoot ~
MaxInstances 20
MaxClientsPerHost 10
UseReverseDNS off
AllowOverwrite on
#AuthUserFile /opt/proftpd/FTP.passwd (contains the virtual users list)
#AuthGroupFile /opt/proftpd/FTP.group (contains the virtual group)
AccessGrantMsg "Welcome %u on ******* FTP server"
#DisplayLogin welcome.msg#DisplayChdir .message

#*******************#
# SSL Configuration #
#*******************#
<IfModule mod_tls.c>
  TLSEngine on
  TLSLog /var/log/proftpd_tls.log
  TLSProtocol SSLv23
  TLSRequired yes
  TLSRSACertificateFile /etc/proftpd/ssl/tls-rsa.pem
  TLSRSACertificateKeyFile /etc/proftpd/ssl/tls-rsa-key.pem
  #TLSCACertificateFile /opt/proftpd/keys/ssl.crt
  TLSVerifyClient off
</IfModule>

  • Generate your certificates :
# /opt/freeware/bin/openssl req -new -x509 -days 3650 -nodes -out tls-rsa.pem -keyout tls-rsa-key.pem