proftpd server

[radar]

I am creating a sftp server to store security camera videos. My camera's are only capable of transferring via SFTP or NAS. I am stepping through the proftpd server install following a truenas how to: https://www.truenas.com/community/resources/how-to-set-up-proftpd-as-a-secure-sftp-server.10/

I've successfully completed:

Created the Jail

Added storage; source /mnt/tank2/theshare/Concord Destination /mnt/tank2/iocage/jails/sftpserver/root/media

Pulled the latest copy of the ports tree and Installed proftpd

Created SSH server keys and dhparams

Generated the dhparams file

Edited the proftpd.conf as shown

Now THE BIG FIG NEWTON... the tricky part...
I've re-ordered the task list according to how I completed the tasks


Initially the ftpasswd utility was not functional. Corresponding with TJ Saunders @ proftpd, he recognized that PERL was not installed. After the PERL install, ftpasswd worked as designed. A BIG thank you to TJ.

Generate a salted and hashed password

Code:
ftpasswd: $1$bil8yaQC$uygCkBCLjfZ5NZzREMpBL1

Created the user file. I only need two users, me and cameras

Code:
me:$1$bil8yaQC$uygCkBCLjfZ5NZzREMpBL1:1002:1005::/mnt/tank2/iocage/jails/sftpserver/root/media/photos:/sbin/nologin
cameras:$1$bil8yaQC$uygCkBCLjfZ5NZzREMpBL1:1001:1004::/mnt/tank2/iocage/jails/sftpserver/root/media/photos:/sbin/nologin

Created the groups file but no code

Code:


Modified permissions of ftp.users and ftp.groups

Added ProFTPd to rc.conf

restarted the service

Opened WinSCP, created a site; cameras, mypassword, ipaddress, port 22

Network error: Connection to "10.10.10.10" refused.

A little help would be greatly appreciated.

 

[sretalla]

Is the jail VNET or NAT?

I suspect you're trying to use NAT and that port 22 is reserved on the host for the FTP service already installed (but probably not enabled) on the host.

Either use a VNET jail and connect to its IP address (not the host's) on port 22 or don't use a jail.

It seems to me you're mixing FTPS with SFTP... normally you should just enable sshd in the jail (already installed) or enable the SSH service on the host to do SFTP.

 

[radar]

The jail is VNET with its own static IP address on port 22, FTP is not enabled

 

[sretalla]

OK, maybe there's something to be said for the port limitation... maybe you need to try using a port above 1024 instead of 22.

There's a switch to allow use of low pèorts, but I can't recall it for now... look into it if that's the solution.

 

[radar]

Sretalla, thank you very much for the input. I'm looking for the switch, if I can't find it I'll change the port. I'll update as I go

 

[sretalla]

It may all go a lot smoother if you just use the already installed SSH server.

Look in /etc/ssh/sshd_config and use sysrc sshd_enable=YES to enable the service to auto-start, then service sshd start after you edited the config to suit your needs.