[Solved] Connect FTP (ProFTPd) on EC2

Hi there,

im just getting started with setting up a webserver and im having some troubles with the ftp settings. The server runs at Amazon Webservices. I installed an image with Virtualmin, webmin and Cent OS 5. It would like to state that im a complete newbie. I have no real unix experience or real experience with server management.

This is my problem: when I connect with my server through FTP is get connection and authentication, but it fails to list the directories. When my FTP client shows the command that it is trying to list directories it timeouts.

This is my config file.

This is the ProFTPD configuration file

$Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $

ServerName “ProFTPD server”
ServerIdent on “FTP Server ready.”
ServerAdmin root@localhost
ServerType standalone
#ServerType inetd
DefaultServer on
AccessGrantMsg “User %u logged in.”
#DisplayConnect /etc/ftpissue
#DisplayLogin /etc/ftpmotd
#DisplayGoAway /etc/ftpgoaway
DeferWelcome off

Use this to excude users from the chroot

DefaultRoot ~ !adm

Use pam to authenticate (default) and be authoritative

AuthPAMConfig proftpd
AuthOrder mod_auth_pam.c* mod_auth_unix.c

Do not perform ident nor DNS lookups (hangs when the port is filtered)

IdentLookups off
UseReverseDNS off

Port 21 is the standard FTP port.

Port 21

Umask 022 is a good standard umask to prevent new dirs and files

from being group and world writable.

Umask 022

Default to show dot files in directory listings

ListOptions “-a”

See Configuration.html for these (here are the default values)

#MultilineRFC2228 off
#RootLogin off
#LoginPasswordPrompt on
#MaxLoginAttempts 3
#MaxClientsPerHost none
#AllowForeignAddress off # For FXP

Allow to resume not only the downloads but the uploads too

AllowRetrieveRestart on
AllowStoreRestart on

To prevent DoS attacks, set the maximum number of child processes

to 30. If you need to allow more than 30 concurrent connections

at once, simply increase this value. Note that this ONLY works

in standalone mode, in inetd mode you should use an inetd server

that allows you to limit maximum number of processes per service

(such as xinetd)

MaxInstances 20

Set the user and group that the server normally runs at.

User nobody
Group nobody

Disable sendfile by default since it breaks displaying the download speeds in

ftptop and ftpwho

UseSendfile no

This is where we want to put the pid file

ScoreboardFile /var/run/proftpd.score

Normally, we want users to do a few things.

AllowOverwrite yes AllowAll DefaultRoot ~

Define the log formats

LogFormat default “%h %l %u %t “%r” %s %b”
LogFormat auth “%v [%P] %h %t “%r” %s”


Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html

#TLSEngine on
#TLSRequired on
#TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem
#TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem
#TLSCipherSuite ALL:!ADH:!DES
#TLSOptions NoCertRequest
#TLSVerifyClient off
##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
#TLSLog /var/log/proftpd/tls.log

SQL authentication Dynamic Shared Object (DSO) loading

See README.DSO and howto/DSO.html for more details.


LoadModule mod_sql.c

LoadModule mod_sql_mysql.c

LoadModule mod_sql_postgres.c


A basic anonymous configuration, with an upload directory.

#<Anonymous ~ftp>

User ftp

Group ftp

AccessGrantMsg “Anonymous login ok, restrictions apply.”

# We want clients to be able to login with “anonymous” as well as “ftp”

UserAlias anonymous ftp

# Limit the maximum number of anonymous logins

MaxClients 10 “Sorry, max %m users – try again later”

# Put the user into /pub right after login

#DefaultChdir /pub

# We want ‘welcome.msg’ displayed at login, ‘.message’ displayed in

# each newly chdired directory and tell users to read README* files.

DisplayLogin /welcome.msg

DisplayFirstChdir .message

DisplayReadme README*

# Some more cosmetic and not vital stuff

DirFakeUser on ftp

DirFakeGroup on ftp

# Limit WRITE everywhere in the anonymous chroot


# An upload directory that allows storing files but not retrieving

# or creating directories.

<Directory uploads/*>

AllowOverwrite no



# Don’t write anonymous accesses to the system wtmp file (good idea!)

WtmpLog off

# Logging for the anonymous transfers

ExtendedLog /var/log/proftpd/access.log WRITE,READ default

ExtendedLog /var/log/proftpd/auth.log AUTH auth


It took me some hours… but I finally figured it out…
Had to add the following code to my config.


Forget it - it is the ProFTP config file