Linux TCP/IP, GreenIT and more…
If you can’t see hidden files in proftpd ( files with a .(dot), like .htaccess), you can force the files to be displayed in almost all clients with a server wide variable in your proftpd.conf:
Chnge to -a if exists already or add to the bottom:
ListOptions -a
Restart proftpd and reconnect.
FTP and SMTP are simple text based protocols, I show you how to get some files without a graphical FTP-Client.
Connect with Telnet:
1 2 3 4 5 6 | id@acer:~$ telnet debianuser.org 21 Connected to debianuser.org. USER anonymous PASS anonymous PASV RETR deli-0.8.0-core.iso |
The standard ftp command/client does not support IPv6 resolution.
A very powerful IPv6 ftp client alternative is lftp.
1 2 3 | id@acer:~$ lftp ipv6.idrobot.net lftp ipv6.idrobot.net:~> dir -rw-r--r-- 1 ftp ftp 0 Aug 26 17:28 test.txt |
And of course Firefox does FTP over IPv6:
ftp://ipv6.idrobot.net OR ftp://[2a01:4f8:131:51e2::10]
Pure-FTPd is a free (BSD), secure, production-quality and standard-conformant FTP server. It doesn’t provide useless bells and whistles, but focuses on efficiency and ease of use. It provides simple answers to common needs, plus unique useful features for personal users as well as hosting providers.
The following howto is aimed at installing and configuring a FTP-server, based on Pure-FTPd, which supports virtual user.
Install Pure-FTPd:
1 2 3 | aptitude update ; aptitude install pure-ftpd groupadd ftpgroup useradd -g ftpgroup -d /dev/null -s /etc ftpuser |
Create user:
Create our first FTP user. In this example our user will be “zeldor”:
1 | pure-pw useradd zeldor -u ftpuser -g ftpgroup -d /home/pubftp/zeldor -N 10 |
In the command above, we gave zeldor a limit of 10 MB disk space with option “-N 10″
By default all users will be saved in “/etc/pure-ftpd/pureftpd.passwd”, but first we have to update the pure-ftpd Database:
1 | pure-pw mkdb |
This database is only a binary file but it is ordered and has an index for quick access.
Get user information:
Show all available user and their home directories.
1 | pure-pw list |
Get information for a specific user:
1 | pure-pw show zeldor |
Reset password for a specific user (don’t forget to update your database):
1 2 | pure-pw passwd zeldor
pure-pw mkdb |
Configuration:
1 2 | vim /etc/default/pure-ftpd-common STANDALONE_OR_INETD=standalone |
Server type should be standalone.
Use user database:
1 2 | cd /etc/pure-ftpd/auth ln -s /etc/pure-ftpd/conf/PureDB 50pure |
Restart and enjoy :)
1 | /etc/init.d/pure-ftpd restart |
Had to setup an FTP server, guides that I found elsewhere didn’t do exactly what I want. So it took some trial and error to achieve the setup that I needed.
My objectives:
✓ Be able to create virtual users without having to create a system account for every user.
✓ Set individually permissions and groups for each virtual user
✓ FTP users should be “chrooted”
✓ Of course R/W access
1 | aptitude update ; aptitue install proftpd |
Virtual user configuration:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | # Virtual user login DefaultRoot ~ AuthUserFile /etc/proftpd/ftpd.passwd AuthPAM off RequireValidShell off # DNS resolv UseReverseDNS off IdentLookups off # Hide proftpd version ServerIdent off # Other ShowSymlinks on # Faking <Directory /var/www/vhosts/example.com/> DirFakeUser on www-data DirFakeGroup on www-data </Directory> <Directory /var/www/vhosts/example.biz/> DirFakeUser on www-data DirFakeGroup on www-data </Directory> |
Cerate virtual user:
1 2 | cd /etc/proftpd/ ftpasswd --passwd --name ftpuser01 --uid 1001 --gid=1001 --home /var/www/vhosts/example.com/ --shell /bin/false |
System user configuration:
1 2 3 4 5 | DefaultRoot ~ RequireValidShell off ShowSymlinks off RootLogin off UseFtpUsers off |
Add system user:
1 | useradd -c "ftpuser01" -u 33 -o -g 33 -d "/var/www/" -s /bin/sh "ftpuser01" |
33 is www-data Group
Change Password:
1 | ftpasswd --change-password --passwd --name=ftpuser01 |
Before you restart proftpd, you should make a syntax check:
1 | proftpd -td5 |
Alternative you can use Group File:
1 | AuthGroupFile /etc/proftpd/ftpd.group |
Create Group and add user to it:
1 | ftpasswd --group --name=ftpmember --gid=5000 --member=ftpuser01 |
Another kind of permissions:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | <Directory /var/ftp/user1/read> <Limit ALL> DenyAll </Limit> <Limit DIRS READ> AllowUser user1 </Limit> </Directory> <Directory /var/ftp/user1/write> <Limit ALL> DenyAll </Limit> <Limit DIRS READ WRITE> AllowUser user1 </Limit> </Directory> |