Enable Anonymous Account for Proftpd Server in RHEL/CentOS 7

Following the last tutorial concerning Proftpd Server in CentOS/RHEL 7, this tutorial will try to extend Proftpd functionality by allowing you to enable Anonymous account logins. Anonymous logins are used to allow users with no accounts on server to access specific directory in system hierarchy, which by default in CentOS/RHEL 7 is /var/ftp directory, without the need for the anonymous user to enter a password.

Enable Proftpd Anonymous Accounts in CentOS
Enable Proftpd Anonymous Accounts in RHEL/CentOS

Once anonymous users are authenticated and logged in to server they are chroot to default directory and they can’t access higher directories on system path. While the anonymous block directive usually is stored in the main Proftpd configuration file.

Requirements

  1. Install Proftpd Server in CentOS/RHEL 7

On this topic I will use a different approach of storing Anonymous account configurations, with the help of two directories, enabled_mod and disabled_mod, which will store all future server modules extended functionality, without messing the main Proftpd configuration file.

Step 1: Enable Anonymous Module for Proftpd Server

1. After Proftpd Server was installed on your system with the default configuration file stop the daemon process, backup proftpd main default configuration file and then open proftpd.conf file for editing with your favourite text editor.

# systemctl stop proftpd
# cp /etc/proftpd.conf  /etc/proftpd.conf.bak
# nano /etc/proftpd.conf
Backup Proftpd Configuration
Backup Proftpd Configuration

2. Now that you have Proftpd main file opened for editing, go to the bottom of this file and on the last line add the following statement, which will case the
server to parse and use all of the configuration found in files ended with .conf extension from enabled_mod directory.

Include /etc/proftpd/enabled_mod/*.conf
Enable Proftpd Anonymous Module
Enable Proftpd Anonymous Module

3. After you finish adding the above statement save and close the file and create enabled_mod and disabled_mod directories. All of the future configuration from now on will be stored in disabled_mod directory and will be activated on Proftpd server by creating symbolic links accordingly to enabled_mod directory.

# mkdir -p /etc/proftpd/enabled_mod
# mkdir -p /etc/proftpd/disabled_mod
Create Proftpd Module Directories
Create Proftpd Module Directories

4. Now it’s time to add a simple Anonymous configuration file module for Proftpd. Using your favourite text editor create a file named anonymous.conf on disabled_mod path.

# nano /etc/proftpd/disabled_mod/anonymous.conf

Add the following statements in the file.

<Anonymous ~ftp>
  User ftp
  Group ftp

UserAlias anonymous ftp
DirFakeUser       on ftp 
DirFakeGroup on ftp
MaxClients 10

    <Directory *>    
<Limit WRITE>     
DenyAll   
</Limit> 
    </Directory>

</Anonymous>
Create Anonymous Configuration
Create Anonymous Configuration

If you need more advanced futures concerning Anonymous account feel free to use Proftpd docs at the following links.

  1. http://www.proftpd.org/docs/directives/linked/config_ref_Anonymous.html
  2. http://www.proftpd.org/docs/configs/anonymous.conf

5. Even though the Anonymous module has been created it’s still not enabled so far. To activate this module make sure you create a symbolic link to enabled_mod directory, using the below command, and then start the FTP daemon to apply changes.

# ln -s /etc/proftpd/disabled_mod/anonymous.conf  /etc/proftpd/enabled_mod/
# ll /etc/proftpd/enabled_mod/
# systemctl start proftpd
# systemctl status proftpd
Active Anonymous Module
Active Anonymous Module

6. To access the files provided anonymously by Proftpd server, open a browser and type your server IP Address or domain name using FTP protocol and you should automatically be logged in as anonymous and retrieve directory structure.

ftp://192.168.1.21
ftp://your_domain_name
Proftpd Anonymous Directory Listing
Proftpd Anonymous Directory Listing

7. If you use FileZilla just select Anonymous on Logon Type and you will be automatically authenticated to server. If you use other FTP clients than browsers or FileZilla, which will request you to enter a username, just type anonymous on username filed and leave the password
filed blank to authenticate.

Proftpd Anonymous Login Type
Proftpd Anonymous Login Type

8. The default served FTP Anonymous directory is /var/ftp/ system path, which contains two directories with different permissions.

  1. pub directory – The public FTP directory which can be read and listed by all anonymously authenticated users. Here you can put files for clients to access and download.
  2. uploads directory – It has restrictive permissions and can’t be listed by anonymous users.

9. To disable Anonymous configuration on Proftpd Server, just delete anonymous.conf file from enabled_mod directory and restart the FTP daemon
to apply changes.

# rm /etc/proftpd/enabled_mod/anonymous.conf
# systemctl restart proftpd.service
Remove Proftpd Anonymous Module
Remove Proftpd Anonymous Module

That’s it! On next tutorial concerning ProFTPD Server on RHEL/CentOS 7, I will discuss how you can use SSL/TLS encrypted file transfers to secure data transfers between clients and server.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Matei Cezar
I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

2 Comments

Leave a Reply
  1. Hi, thanks for the useful articles. I got a question not related to this post but related to centOS7. Have you guys tried to upgrade gnome to gnome 3.12 on CentOS7 ? If yes, could you guys please post an article about it ?

    Thanks :-)

    Reply

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.