The mod_sftp module implements the SSH2, SFTP and SCP protocols, allowing SCP and SFTP clients to be used with ProFTPD. By default, Debian Lenny does not provide mod_sftp support, but you can build a proper package using a development version available in Debian repositories – here is how.
- First, download proftpd-dfsg_1.3.3a.orig.tar.gz and proftpd-dfsg_1.3.3a-3.diff.gz (or later) from http://ftp.us.debian.org/debian/pool/main/p/proftpd-dfsg/. Uncompress it, apply the diff file:
tar xpf proftpd-dfsg_1.3.3a.orig.tar.gz
patch -p0 < proftpd-dfsg_1.3.3a-3.diff
- For Debian Lenny, you will have to edit debian/control file (directory inside proftpd-dfsg-1.3.3a after you apply the diff) – at the beginning of this file, replace
libssl-dev (>= 0.9.8l)with just
libssl-dev, with no version remarks.
- If you still don’t have a build environment installed, do so now:
apt-get install build-essential
- You will still have to install some packages to make proftpd build possible:
apt-get install libmysqlclient15-dev libpam-dev debhelper zlib1g-dev libpq-dev libldap2-dev libssl-dev libwrap0-dev libcap-dev autotools-dev dpatch libacl1-dev libattr1-dev unixodbc-dev libsqlite3-dev
- Well, that should be it – run the below commands in
proftpd-dfsg-1.3.3adirectory, and it should result in built deb packages outside of this directory (
chmod 755 debian/rules
- If the build was complete with no errors, install proftpd-basic package, check if it contains mod_sftp.so file:
dpkg -i proftpd-basic_1.3.3a-3_amd64.deb
dpkg -L proftpd-basic | grep mod_sftp
- To make the module work, add this line to
- Add this one to
- And finally, create
/etc/proftpd/sftp.confwith the contents (this assumes proftpd will be listening on port 22 to accept incoming SFTP connections; if your OpenSSH server uses this port already, adjust either config appropriately):
<VirtualHost 192.168.10.20 127.0.0.1>
# Configure the server to listen on the normal SSH2 port, port 22
# Configure both the RSA and DSA host keys, using the same host key
# files that OpenSSH uses.
# Configure the file used for comparing authorized public keys of users.
# Enable compression
# Allow the same number of authentication attempts as OpenSSH.
# It is recommended that you explicitly configure MaxLoginAttempts
# for your SSH2/SFTP instance to be higher than the normal
# MaxLoginAttempts value for FTP, as there are more ways to authenticate
# using SSH2.