Work in Progress!This page is a continuous work in progress. You can edit this page to contribute information. |
Table of Contents
Pure-FTPd Configuration
Creating Virtual Users
1. Check pure-ftpd configuration
uci show pure-ftpd look at pure-ftpd.@pure-ftpd[0].authentication=…, if is set, by default it should be pure-ftpd.@pure-ftpd[0].authentication=puredb:/etc/pureftpd.pdb, if it's not change it to default value (or you can change filename and location as you wish)
2. You need to create systemgroup and systemuser
addgroup pure_ftpd_grp #or any othername as you want
adduser -H -G pure_ftpd_grp pure_ftpd_user #adds user to previously created group - change groupname accordingly, afterwards you will be asked for password for user (-H indicates that I don't want to assign home directory - if you want to you need to change -H to -h /homedirectory)
3. create Pure-FtpD user
pure-pw useradd FTP_LOGIN -u pure_ftpd_user -d /ftp_directory #change FTP_LOGIN, pure_ftpd_user and /ftp_directory as you wish (pure_ftpd_user is same as you created in previous step)
4. commit changes
pure-pw mkdb
Of course you can change other properties like quotas, ratio…, you can use other authentication methods (LDAP, MySQL…), to do it read official documentation.
Config Options
- See Pure-FTPd readme for explanation.
- If no setting, then default is '1' (enabled).
| Option | Setting |
|---|---|
| notruncate | |
| logpid | <file> |
| ipv4only | |
| ipv6only | |
| fscharset | <charset> |
| clientcharset | <charset> |
| trustedgid | <gid> |
| chrooteveryone | |
| brokenclientscompatibility | |
| daemonize | |
| maxclientsnumber | <number> |
| maxclientsperip | <number> |
| verboselog | |
| displaydotfiles | |
| anonymousonly | |
| noanonymous | |
| syslogfacility | <facility> |
| fortunesfile | <file> |
| pidfile | <path to pid file> |
| norename | |
| dontresolve | |
| anonymouscantupload | |
| maxidletime | <time (min)> |
| createhomedir | |
| maxdiskusagepct | <percentage> |
| keepallfiles | |
| login | <auth> or <auth>:<config file> |
| limitrecursion | <number:number> |
| maxload | <load> |
| anonymouscancreatedirs | |
| natmode | |
| uploadscript | |
| altlog | <format>:<log file> |
| passiveportrange | <minport:maxport> |
| forcepassiveip | <ip address> |
| anonymousratio | <upload ratio>:<download ratio> |
| userratio | <upload ratio>:<download ratio> |
| autorename | |
| nochmod | |
| antiwarez | |
| bind | <ip address,port> |
| anonymousbandwidth | <bandwidth (KB/s)> |
| userbandwidth | <bandwidth (KB/s)> or [<up bw>]:[<down bw>] |
| minuid | <uid> |
| umask | <mask> |
| bonjour | <name> |
| trustedip | <ip address> |
| allowuserfxp | |
| allowanonymousfxp | |
| prohibitdotfileswrite | |
| prohibitdotfilesread | |
| peruserlimits | <per user max>:<max anonymous sessions> |
| allowdotfiles | |
| customerproof | |
| tls | < 0:no TLS 1:TLS+cleartext 2:enforce TLS |
| 3: enforce encrypted data channel as well> |
Example Default Config
config pure-ftpd option port '21' option noanonymous '1' option chrooteveryone '1' option maxclientsperip '10' option maxclientsnumber '4' option peruserlimits '3:4' option umask '133:022' option authentication 'unix' option enabled '1'
Disable messages in syslog
option 'syslogfacility' 'none'
Using the TLS Option
Pure-FTPd won't start if TLS is enabled and there is no certificate and key installed.
The private key concatenated with a certificate is expected at /etc/ssl/private/pure-ftpd.pem
Further information (certificate creation) is available at Pure-FTPd TLS Readme.
doc/uci/pure-ftpd.txt · Last modified: 2012/06/20 16:33 by theoradicus
This text is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.