zeldor.biz

Linux, programming and more

Copyright © 2023
Log in

Pure-FTPd

August 7, 2010 by Igor Drobot Leave a Comment

Pure-FTPd is a free (BSD), secure, production-quality and standard-conformant FTP server. It doesn’t provide useless bells and whistles, but focuses on efficiency and ease of use. It provides simple answers to common needs, plus unique useful features for personal users as well as hosting providers.

The following howto is aimed at installing and configuring a FTP-server, based on Pure-FTPd, which supports virtual user.

Install Pure-FTPd:

1
2
3
aptitude update ; aptitude install pure-ftpd
groupadd ftpgroup
useradd -g ftpgroup -d /dev/null -s /etc ftpuser

aptitude update ; aptitude install pure-ftpd groupadd ftpgroup useradd -g ftpgroup -d /dev/null -s /etc ftpuser

Create user:
Create our first FTP user. In this example our user will be “zeldor”:

1
pure-pw useradd zeldor -u ftpuser -g ftpgroup -d /home/pubftp/zeldor -N 10

pure-pw useradd zeldor -u ftpuser -g ftpgroup -d /home/pubftp/zeldor -N 10

In the command above, we gave zeldor a limit of 10 MB disk space with option “-N 10”

By default all users will be saved in “/etc/pure-ftpd/pureftpd.passwd”, but first we have to update the pure-ftpd Database:

1
pure-pw mkdb

pure-pw mkdb

This database is only a binary file but it is ordered and has an index for quick access.

Get user information:
Show all available user and their home directories.

1
pure-pw list

pure-pw list

Get information for a specific user:

1
pure-pw show zeldor

pure-pw show zeldor

Reset password for a specific user (don’t forget to update your database):

1
2
pure-pw passwd zeldor
pure-pw mkdb

pure-pw passwd zeldor pure-pw mkdb

Configuration:

1
2
vim /etc/default/pure-ftpd-common
STANDALONE_OR_INETD=standalone

vim /etc/default/pure-ftpd-common STANDALONE_OR_INETD=standalone

Server type should be standalone.

Use user database:

1
2
cd /etc/pure-ftpd/auth
ln -s /etc/pure-ftpd/conf/PureDB 50pure

cd /etc/pure-ftpd/auth ln -s /etc/pure-ftpd/conf/PureDB 50pure

Restart and enjoy :)

1
/etc/init.d/pure-ftpd restart

/etc/init.d/pure-ftpd restart

Filed Under: Debian, FTP, Linux Tagged With: FTP, FTP Server, Pure-FTPd

ProFTPD howto

August 6, 2010 by Igor Drobot Leave a Comment


Had to setup an FTP server, guides that I found elsewhere didn’t do exactly what I want. So it took some trial and error to achieve the setup that I needed.

My objectives:

✓ Be able to create virtual users without having to create a system account for every user.
✓ Set individually permissions and groups for each virtual user
✓ FTP users should be “chrooted”
✓ Of course R/W access

1
aptitude update ; aptitue install proftpd

aptitude update ; aptitue install proftpd

Virtual user configuration:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# Virtual user login
DefaultRoot ~
AuthUserFile /etc/proftpd/ftpd.passwd
AuthPAM off
RequireValidShell off
 
# DNS resolv
UseReverseDNS off
IdentLookups off
 
# Hide proftpd version
ServerIdent off
 
# Other
ShowSymlinks    on
 
# Faking
<directory var="" www="" vhosts="" example.com="">
   DirFakeUser              on www-data
   DirFakeGroup             on www-data
</directory>
 
<directory var="" www="" vhosts="" example.biz="">
   DirFakeUser              on www-data
   DirFakeGroup             on www-data
</directory>

# Virtual user login DefaultRoot ~ AuthUserFile /etc/proftpd/ftpd.passwd AuthPAM off RequireValidShell off # DNS resolv UseReverseDNS off IdentLookups off # Hide proftpd version ServerIdent off # Other ShowSymlinks on # Faking <directory var="" www="" vhosts="" example.com=""> DirFakeUser on www-data DirFakeGroup on www-data </directory> <directory var="" www="" vhosts="" example.biz=""> DirFakeUser on www-data DirFakeGroup on www-data </directory>

Cerate virtual user:

1
2
cd /etc/proftpd/
ftpasswd --passwd --name ftpuser01 --uid 1001 --gid=1001 --home /var/www/vhosts/example.com/ --shell /bin/false

cd /etc/proftpd/ ftpasswd --passwd --name ftpuser01 --uid 1001 --gid=1001 --home /var/www/vhosts/example.com/ --shell /bin/false

System user configuration:

1
2
3
4
5
DefaultRoot     ~
RequireValidShell off
ShowSymlinks            off
RootLogin           off
UseFtpUsers off

DefaultRoot ~ RequireValidShell off ShowSymlinks off RootLogin off UseFtpUsers off

Add system user:

1
useradd -c "ftpuser01" -u 33 -o -g 33 -d "/var/www/" -s /bin/sh "ftpuser01"

useradd -c "ftpuser01" -u 33 -o -g 33 -d "/var/www/" -s /bin/sh "ftpuser01"

33 is www-data Group

Change Password:

1
ftpasswd --change-password --passwd --name=ftpuser01

ftpasswd --change-password --passwd --name=ftpuser01

Before you restart proftpd, you should make a syntax check:

1
proftpd -td5

proftpd -td5

Alternative you can use Group File:

1
AuthGroupFile /etc/proftpd/ftpd.group

AuthGroupFile /etc/proftpd/ftpd.group

Create Group and add user to it:

1
ftpasswd --group --name=ftpmember --gid=5000 --member=ftpuser01

ftpasswd --group --name=ftpmember --gid=5000 --member=ftpuser01


Another kind of permissions:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
<directory var="" ftp="" user1="" read="">
     	 	<limit all="">
        DenyAll
    </limit>
     	 	<limit dirs="" read="">
        AllowUser user1
    </limit>
</directory>
<directory var="" ftp="" user1="" write="">
     	 	<limit all="">
        DenyAll
    </limit>
     	 	<limit dirs="" read="" write="">
        AllowUser user1
    </limit>
</directory>

<directory var="" ftp="" user1="" read=""> <limit all=""> DenyAll </limit> <limit dirs="" read=""> AllowUser user1 </limit> </directory> <directory var="" ftp="" user1="" write=""> <limit all=""> DenyAll </limit> <limit dirs="" read="" write=""> AllowUser user1 </limit> </directory>

Filed Under: Debian, FTP, Linux Tagged With: FTP, FTP Server, ProFTPD