FTP Server

Pure-FTPd is a free (BSD), secure, production-quality and standard-conformant FTP server. It doesn’t provide useless bells and whistles, but focuses on efficiency and ease of use. It provides simple answers to common needs, plus unique useful features for personal users as well as hosting providers.

The following howto is aimed at installing and configuring a FTP-server, based on Pure-FTPd, which supports virtual user.

Install Pure-FTPd:

1
2
3

aptitude update ; aptitude install pure-ftpd
groupadd ftpgroup
useradd -g ftpgroup -d /dev/null -s /etc ftpuser

Create user:
Create our first FTP user. In this example our user will be “zeldor”:

1	pure-pw useradd zeldor -u ftpuser -g ftpgroup -d /home/pubftp/zeldor -N 10

In the command above, we gave zeldor a limit of 10 MB disk space with option “-N 10”

By default all users will be saved in “/etc/pure-ftpd/pureftpd.passwd”, but first we have to update the pure-ftpd Database:

1	pure-pw mkdb

This database is only a binary file but it is ordered and has an index for quick access.

Get user information:
Show all available user and their home directories.

1	pure-pw list

Get information for a specific user:

1	pure-pw show zeldor

Reset password for a specific user (don’t forget to update your database):

1 2	pure-pw passwd zeldor pure-pw mkdb

Configuration:

1 2	vim /etc/default/pure-ftpd-common STANDALONE_OR_INETD=standalone

Server type should be standalone.

Use user database:

1 2	cd /etc/pure-ftpd/auth ln -s /etc/pure-ftpd/conf/PureDB 50pure

Restart and enjoy :)

1	/etc/init.d/pure-ftpd restart

Had to setup an FTP server, guides that I found elsewhere didn’t do exactly what I want. So it took some trial and error to achieve the setup that I needed.

My objectives:

✓ Be able to create virtual users without having to create a system account for every user.
✓ Set individually permissions and groups for each virtual user
✓ FTP users should be “chrooted”
✓ Of course R/W access

1	aptitude update ; aptitue install proftpd

Virtual user configuration:

# Virtual user login
DefaultRoot ~
AuthUserFile /etc/proftpd/ftpd.passwd
AuthPAM off
RequireValidShell off
 
# DNS resolv
UseReverseDNS off
IdentLookups off
 
# Hide proftpd version
ServerIdent off
 
# Other
ShowSymlinks    on
 
# Faking
<Directory /var/www/vhosts/example.com/>
   DirFakeUser              on www-data
   DirFakeGroup             on www-data
</Directory>
 
<Directory /var/www/vhosts/example.biz/>
   DirFakeUser              on www-data
   DirFakeGroup             on www-data
</Directory>

Cerate virtual user:

1 2	cd /etc/proftpd/ ftpasswd --passwd --name ftpuser01 --uid 1001 --gid=1001 --home /var/www/vhosts/example.com/ --shell /bin/false

System user configuration:

DefaultRoot     ~
RequireValidShell off
ShowSymlinks            off
RootLogin           off
UseFtpUsers off

Add system user:

1	useradd -c "ftpuser01" -u 33 -o -g 33 -d "/var/www/" -s /bin/sh "ftpuser01"

33 is www-data Group

Change Password:

1	ftpasswd --change-password --passwd --name=ftpuser01

Before you restart proftpd, you should make a syntax check:

1	proftpd -td5

Alternative you can use Group File:

1	AuthGroupFile /etc/proftpd/ftpd.group

Create Group and add user to it:

1	ftpasswd --group --name=ftpmember --gid=5000 --member=ftpuser01

Another kind of permissions:

<Directory /var/ftp/user1/read>
    <Limit ALL>
        DenyAll
    </Limit>
    <Limit DIRS READ>
        AllowUser user1
    </Limit>
</Directory>
<Directory /var/ftp/user1/write>
    <Limit ALL>
        DenyAll
    </Limit>
    <Limit DIRS READ WRITE>
        AllowUser user1
    </Limit>
</Directory>