Virtualmin, ProFTPd with 1 IP. Don't want IP-based virtual FTP

I want to use Virtualmin with a couple of domains on a server with a SINGLE IP.

Users need to be able to login into their OWN FTP folder and manage their site.

I installed ProFTP but it seems he wants to “Setup IP-based virtual FTP?”

When I check this, I get the well kwown error “Failed to create virtual server : A ProFTPD virtual server with the same IP address already exists”

When I uncheck this, NO FTP ACCOUNT is created at all.

How do I make sure an FTP account is created for each domain I add, but they stick to the same IP using virtual hosts (similarly to Apache)

You do not need multiple IP addresses to let each person ftp into their on area. When they log in, the ftp server knows who they are, so it can cd them into the right place.

You can configure Proftpd to make each user automatically cd into his home directory for ftp. Virtualmin won’t do this for you – you have to configure Proftpd yourself. Since this is not supported by Virtualmin, it may break at some point as Virtualmin is updated.

I recommend not using ftp at all, since it provides no security against network sniffing.

Instead, tell users to use sftp, and to connect exactly as they would for ssh, same server, login, password. They will get an encrypted connection, and sftp will get them into their home directory automatically.

This means that only those users get sftp access who also get ssh access.

Newer versions of Openssh support sftp without ssh. Virtualmin does not take advantage of that at this time.

The only reason I installed Virtualmin is so I can manage multiple domains and create folders, website, ftp, and mysql with ease and now you are telling me it can’t even do that? That is a really big disappointment if it cant even manage ftp accounts.

I don’t want to use sftp. FTP works perfectly fine in my situation. I don’t want to grants my users ssh access

Hi, If you do a standard install of Virtualmin, ProFTPD will be installed by default and you don’t need to touch it or configure it for it to work on a server with a single IP.

When you create a Virtual Domain, under “Enabled Features” you should leave “IP-based virtual FTP enabled?” blank / unchecked. You don’t need this for FTP to work. No accounts will be setup in ProFTPD but every Virtualmin user that you create will have FTP access.

In order to limit those users to there home directory goto Virtualmin > Limits and Validation > FTP Directory Restrictions and under “Restrict to directory” check “Users’ home directories” for each or all Virtual Domains.

Users will then be restricted to their home directories and the Virtual Server Admin will have access to the domain “public_html” directory. You do not need to set up anything else in ProFTPD. If this doesn’t work then it maybe that something went wrong on installation. You say you “installed ProFTP.” By this do you mean that you did this manually? As it should be installed and configured automatically in a standard Virtualmin install.

I have some sympathy for you, as ftp is convenient and easy to set up at the user’s end. There’s so much free ftp software out there and it’s easy to configure.

At the same time, somebody ought to be worrying about security. Since the person setting up the server usually knows more than the end user, it’s up to you and me to do the worrying. If we don’t, end users will continue to use insecure connections.

So the lack of ftp might actually be a good thing. It’s forcing us to deal with the reality of today’s Internet. The snooping of Internet traffic is becoming more and more easy, because (a) so many people use free Wi-Fi in public places, and (b) Cable Internet is by its design easily snoopable by neighbors. And also, © routers, both home/office routers and edge routers, sometimes even backbone routers, do get hacked.

So let’s bit the bullet and move on, away from ftp, towards sftp.

I’ll admit the lack of sftp-without-ssh in Virtualmin is a problem. It should not be this way. Openssh supports it, so Vitualmin ought to, too.

You can put pressure on Virtualmin Inc. to do this by buying a license or two for Virtualmin Pro, and offering to buy more if they begin to support sftp-without-ssh.

I don’t think we Virtualmin GPL users ought to complain too much, though. We’ve been handed a free gold mine, let’s not complain that it doesn’t also contain diamonds.

Howdy,

I just wanted to clarify – you can indeed manage FTP access through Virtualmin. You would simply not want to enable the “Virtual IP Address” feature, which isn’t necessary.

I think joe443 is just offering that SSH is more secure.

But if you’re after FTP, and not SSH/SFTP, then that’ll work just fine for you as you described in your initial post.

-Eric

I guess I was mistaken in saying Virtualmin doesn’t give you ftp. Even if does, you should migrate towards sftp as soon as possible.