ProFTPD

Highly configurable GPL-licensed FTP server software

Current Versions

Candidate: 1.3.9rc2 Maintenance: 1.3.8b

Downloads

• PGP public keys
• SHA256 & PGP signatures
• Git Repository

Newsroom

• News Flashes
• Contrib module news

Information

• What is ProFTPD?
• Features & Platforms
• Bug reporting system
• Bug reporting and security guidelines
• Sites powered by ProFTPD
• Forums

Documentation

• Docs index
• RFCs
• FAQ
• Howtos
• Standard Modules
• Contrib Modules
• Example configurations

Mailing Lists

• Available Lists
• Announce Archive
• Users Archive
• Development Archive

FTP Related RFCs (Request For Comments)

This page lists current Internet RFCs and Drafts that define or are closely related to the FTP protocol.

ProFTPD 1.3.x conforms to the FTP protocol standard as defined in RFC-959 (STD-9) and RFC-1123 (STD-3). It also implements RFC-2389 ("Feature negotiation mechanism for the File Transfer Protocol"). All the required commands are implemented, as are most of the optional commands appropriate for FTP servers hosted on POSIX (IEEE-1003.1) style operating systems. However, the ACCT (Account) command is not implemented.

ProFTPD 1.3.x implements the extended protocol commands MDTM (Modification Time) and size, and extends the REST (Restart) command to STREAM mode transfers. These extensions are for resuming interrupted file transfers and represent common existing practice, now codified in RFC-3659 "Extensions to FTP."

In addition, ProFTPD 1.3.x implements other commands from RFC-3659, and supports RFC-2428 "FTP Extensions for IPv6 and NATs". RFC-2650 "Internationaliztion of FTP" is optionally supported via the mod_lang module. An implementation of RFC-4217 "Securing FTP with TLS" is available in the mod_tls module.

---

RFC Summaries

RFC-959 File Transfer Protocol (FTP)

[http] [ftp] Errata: [http]

Issued: October 1985		Status: STANDARD -- STD-0009 [http] [ftp]
Obsoletes: RFC-765		Updated by: RFC-1123, RFC-2228, RFC-2640, RFC-2773

The base specification of the current File Transfer Protocol.

RFC-1123 Requirements for Internet Hosts -- Application and Support

[http] [ftp]

Issued: October 1989

Status: STANDARD -- STD-0003 [http] [ftp]

Section 4.1, pp. 29-43, is devoted to FTP. Extends and clarifies some aspects of RFC-959. Introduces new response codes 554 and 555.

RFC-1579 Firewall-Friendly FTP

[http] [ftp]

Issued: February 1994

Status: INFORMATIONAL

Suggests a new APSV command and 151 response code.

RFC-1635 How to Use Anonymous FTP

[http] [ftp]

Issued: May 1994

Status: INFORMATIONAL -- FYI-0024 [http] [ftp]

Provides introductory information for the novice Internet user about using the File Transfer Protocol (FTP).

RFC-1639 FTP Operation Over Big Address Records (FOOBAR)

[http] [ftp]

Issued: June 1994		Status: EXPERIMENTAL
Obsoletes: RFC-1545

(FOOBAR Assigned Numbers [http]) Defines new LPRT and LPSV commands and response codes 228 and 521.

RFC-2151 A Primer On Internet and TCP/IP Tools and Utilities

[http] [ftp]

Issued: June 1997		Status: INFORMATIONAL -- FYI-0030 [http] [ftp]
Obsoletes: RFC-1739

An introductory guide to many of the most common TCP/IP and Internet tools and resources, including FTP

RFC-2228 FTP Security Extensions (FTPSECEXT)

[http] [ftp]

Issued: October 1997

Status: PROPOSED STANDARD

Updates: RFC-959

Specifies several security extensions to the base FTP protocol defined in RFC-959. New commands: AUTH, ADAT, PROT, PBSZ, CCC, MIC, CONF, and ENC. New response codes: 232, 234, 235, 334, 335, 336, 431, 533, 534, 535, 536, 537, 631, 632, and 633.

RFC-2389 Feature negotiation mechanism for the File Transfer Protocol (FTP-FNEGO)

[http] [ftp]

Issued: August 1998

Status: PROPOSED STANDARD

Defines mechanisms for FTP client programs to obtain lists of features and options supported by FTP servers. Introduces the new FEAT and OPTS commands.

RFC-2428 FTP Extensions for IPv6 and NATs

[http] [ftp]

Issued: September 1998

Status: PROPOSED STANDARD

Introduces the new commands EPRT and EPSV, and the new response codes 522 and 229.

RFC-2577 FTP Security Considerations

[http] [ftp]

Issued: May 1999

Status: INFORMATIONAL

Provides several configuration and implementation suggestions to mitigate some security concerns, including limiting failed password attempts and third-party "proxy FTP" transfers, which can be used in "bounce attacks" (CERT97:27).

RFC-2585 Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP

[http] [ftp]

Issued: May 1999

Status: PROPOSED STANDARD

Specifies conventions for using the FTP and HTTP to obtain X.509 certificates and certificate revocation lists (CRLs) from Public Key Infrastructure (PKI) repositories.

RFC-2640 Internationalization of the File Transfer Protocol

[http] [ftp]

Issued: July 1999		Status: PROPOSED STANDARD
Updates: RFC-959

Extends the FTP protocol to support multiple character sets, in addition to the original 7-bit ASCII. Introduces the new LANG command.

RFC-2773 Encryption using KEA and SKIPJACK

[http] [ftp]

Issued: February 2000		Status: Experimental
Updates: Updates: RFC-959

Defines a RFC-2228 "FTP Security Extensions" method, which uses the Key Exchange Algorithm (KEA) for mutual authentication and encryption key exchange, and uses SKIPJACK to encrypt both FTP data and control channels.

---

Draft Summaries

IETF Draft: Extensions to FTP

draft-ietf-ftpext-mlst-12.txt [http] [ftp]

Status: Expires March 2001

Category: Informational

Several protocol extensions are defined or documented. The new MLST and MLSD commands are defined to provide standardized file and directory list formats. A "trivial" virtual file store (TVFS) is specified. 8-bit characters with UTF-8 encoding. The REST (Restart) command is extended to STREAM mode transfers, and the commonly implemented MDTM (Mod Time) and size commands are documented. Earlier revisions of this draft included a HOST command, which allowed HTTP style name-based virtual servers. However, this feature was deleted in the 09 revision of the draft.

Draft: Securing FTP with TLS

draft-murray-auth-ftp-ssl-06.txt [http] [ftp]

Status: Expires 17 March 2001

Category: Informational

Describes a mechanism for secure authentication based on SSL/TLS (RFC-2246) and the FTP Security Extensions (RFC-2228), modeled after TLS for SMTP (RFC-2487). Uses repsonse code 522 (originally introduced in RFC-2428).

Draft: Protocol Negotiation Extensions to Secure FTP

draft-bonachea-sftp-00.txt [http] [ftp]

Status: Expired January 2000.

Category: Informational

Adds refinements for RFC-2228, including a more efficient and secure protocol negotiation in the presence of multiple protocols. Adds one new optional command, DIGT (Protocol Negotiation Digest), and one new response code 538. It defines a legal naming convention for security mechanisms, and lifts the restriction on active outgoing connections only originating from port 20.

Draft: FTP Plus

draft-saul-ftp-plus-00.txt [http] [ftp]

Status: Expired February 2001

Category: Informational

Extends FTP for transferring audio/video files and for network protocol adaptability, It introduces the new XPRT and XPSV commands in the so-called GEN profile. It modifies the STAT, RETR, STOR, and size commands. Several new commands are introduced for the XTP profile: RATE, MCPT, MCPV, MCGC, MCGM, MCGR, MCGS, and a new SITE subcommand, RATE, for bandwidth limiting.

IETF Draft: FTP Authentication Using DSA

draft-ietf-cat-ftpdsaauth-03.txt [http] [ftp]

Status: Expired June 2000		Category: Informational
Updates: RFC-959

Describes a profile for the FTP Security Extensions using the DSA (Digital Signature Algorithm) and the SHA-1 (Secure Hash Standard 1) algorithms.