OpenSSH is not the only one capable of doing file transfers over a secure line called SFTP (ShellFTP/SecureFTP/SSHFTP). ProFTPd can also do it using mod_sftp and the support has been added on version 1.3.3. Why choose SFTP over FTPS? Simple, SFTP transfers all data over 1 single port!!! This means you do not have to fiddle around with needed passive ports on your firewall setup.
Now here’s to install and run a separate SFTP server:
1. Download and install the EPEL repo (EPEL)
2. Install proftpd with:
yum install proftpd
3. Then edit your proftpd config file and add following content somewhere in the config file (somewhere at the end i suppose should be best):
LoadModule mod_sftp.c <IfModule mod_sftp.c> SFTPEngine On SFTPHostKey /etc/ssh/ssh_host_rsa_key SFTPLog /var/log/proftpd/sftp.log SFTPOptions IgnoreSFTPUploadPerms SFTPClientMatch ".*" channelWindowSize 256MB
SFTPCompression delayed </IfModule>
3b. (Optional) Should you want to allow login for users with invalid shells (e.g. /bin/false or /sbin/nologin), do the following:
RequireValidShell off
# AuthOrder mod_auth_pam.c* mod_auth_unix.c
4. start the proftpd server
service proftpd start
For more infos about the sftp module visit the manual page