Enable Anonymous Account for Proftpd Server in RHEL/CentOS 7

Following the last tutorial concerning Proftpd Server in CentOS/RHEL 7, this tutorial will try to extend Proftpd functionality by allowing you to enable Anonymous account logins. Anonymous logins are used to allow users with no accounts on server to access specific directory in system hierarchy, which by default in CentOS/RHEL 7 is /var/ftp directory, without the need for the anonymous user to enter a password.

Enable Proftpd Anonymous Accounts in CentOS

Enable Proftpd Anonymous Accounts in RHEL/CentOS

Once anonymous users are authenticated and logged in to server they are chroot to default directory and they can’t access higher directories on system path. While the anonymous block directive usually is stored in the main Proftpd configuration file.

Requirements

  1. Install Proftpd Server in CentOS/RHEL 7

On this topic I will use a different approach of storing Anonymous account configurations, with the help of two directories, enabled_mod and disabled_mod, which will store all future server modules extended functionality, without messing the main Proftpd configuration file.

Step 1: Enable Anonymous Module for Proftpd Server

1. After Proftpd Server was installed on your system with the default configuration file stop the daemon process, backup proftpd main default configuration file and then open proftpd.conf file for editing with your favourite text editor.

# systemctl stop proftpd
# cp /etc/proftpd.conf  /etc/proftpd.conf.bak
# nano /etc/proftpd.conf
Backup Proftpd Configuration

Backup Proftpd Configuration

2. Now that you have Proftpd main file opened for editing, go to the bottom of this file and on the last line add the following statement, which will case the
server to parse and use all of the configuration found in files ended with .conf extension from enabled_mod directory.

Include /etc/proftpd/enabled_mod/*.conf
Enable Proftpd Anonymous Module

Enable Proftpd Anonymous Module

3. After you finish adding the above statement save and close the file and create enabled_mod and disabled_mod directories. All of the future configuration from now on will be stored in disabled_mod directory and will be activated on Proftpd server by creating symbolic links accordingly to enabled_mod directory.

# mkdir -p /etc/proftpd/enabled_mod
# mkdir -p /etc/proftpd/disabled_mod
Create Proftpd Module Directories

Create Proftpd Module Directories

4. Now it’s time to add a simple Anonymous configuration file module for Proftpd. Using your favourite text editor create a file named anonymous.conf on disabled_mod path.

# nano /etc/proftpd/disabled_mod/anonymous.conf

Add the following statements in the file.

<Anonymous ~ftp>
  User ftp
  Group ftp

UserAlias anonymous ftp
DirFakeUser       on ftp 
DirFakeGroup on ftp
MaxClients 10

    <Directory *>    
<Limit WRITE>     
DenyAll   
</Limit> 
    </Directory>

</Anonymous>
Create Anonymous Configuration

Create Anonymous Configuration

If you need more advanced futures concerning Anonymous account feel free to use Proftpd docs at the following links.

  1. http://www.proftpd.org/docs/directives/linked/config_ref_Anonymous.html
  2. http://www.proftpd.org/docs/configs/anonymous.conf

5. Even though the Anonymous module has been created it’s still not enabled so far. To activate this module make sure you create a symbolic link to enabled_mod directory, using the below command, and then start the FTP daemon to apply changes.

# ln -s /etc/proftpd/disabled_mod/anonymous.conf  /etc/proftpd/enabled_mod/
# ll /etc/proftpd/enabled_mod/
# systemctl start proftpd
# systemctl status proftpd
Active Anonymous Module

Active Anonymous Module

6. To access the files provided anonymously by Proftpd server, open a browser and type your server IP Address or domain name using FTP protocol and you should automatically be logged in as anonymous and retrieve directory structure.

ftp://192.168.1.21
ftp://your_domain_name
Proftpd Anonymous Directory Listing

Proftpd Anonymous Directory Listing

7. If you use FileZilla just select Anonymous on Logon Type and you will be automatically authenticated to server. If you use other FTP clients than browsers or FileZilla, which will request you to enter a username, just type anonymous on username filed and leave the password
filed blank to authenticate.

Proftpd Anonymous Login Type

Proftpd Anonymous Login Type

8. The default served FTP Anonymous directory is /var/ftp/ system path, which contains two directories with different permissions.

  1. pub directory – The public FTP directory which can be read and listed by all anonymously authenticated users. Here you can put files for clients to access and download.
  2. uploads directory – It has restrictive permissions and can’t be listed by anonymous users.

9. To disable Anonymous configuration on Proftpd Server, just delete anonymous.conf file from enabled_mod directory and restart the FTP daemon
to apply changes.

# rm /etc/proftpd/enabled_mod/anonymous.conf
# systemctl restart proftpd.service
Remove Proftpd Anonymous Module

Remove Proftpd Anonymous Module

That’s it! On next tutorial concerning ProFTPD Server on RHEL/CentOS 7, I will discuss how you can use SSL/TLS encrypted file transfers to secure data transfers between clients and server.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

Matei Cezar

I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

1 Response

  1. love_centos says:

    Hi, thanks for the useful articles. I got a question not related to this post but related to centOS7. Have you guys tried to upgrade gnome to gnome 3.12 on CentOS7 ? If yes, could you guys please post an article about it ?

    Thanks :-)

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.