User Tools

Site Tools


doc:uci:pure-ftpd

Work in Progress!
This page is a continuous work in progress. You can edit this page to contribute information.

Pure-FTPd Configuration

Creating Virtual Users

1. Check pure-ftpd configuration

uci show pure-ftpd look at pure-ftpd.@pure-ftpd[0].authentication=…, if is set, by default it should be pure-ftpd.@pure-ftpd[0].authentication=puredb:/etc/pureftpd.pdb, if it's not change it to default value (or you can change filename and location as you wish)

2. Create systemgroup and systemuser

addgroup pure_ftpd_grp #or any othername as you want

adduser -H -G pure_ftpd_grp pure_ftpd_user #adds user to previously created group - change groupname accordingly, afterwards you will be asked for password for user (-H indicates that I don't want to assign home directory - if you want to you need to change -H to -h /homedirectory)

3. Create Pure-FtpD user

pure-pw useradd FTP_LOGIN -u pure_ftpd_user -d /ftp_directory #change FTP_LOGIN, pure_ftpd_user and /ftp_directory as you wish (pure_ftpd_user is same as you created in previous step)

4. Commit changes

pure-pw mkdb

Of course you can change other properties like quotas, ratio…, you can use other authentication methods (LDAP, MySQL…), to do it read official documentation.

Config Options

  • See Pure-FTPd readme for explanation.
  • If no setting, then default is '1' (enabled).
Option Setting
notruncate
logpid <file>
ipv4only
ipv6only
fscharset <charset>
clientcharset <charset>
trustedgid <gid>
chrooteveryone
brokenclientscompatibility
daemonize
maxclientsnumber <number>
maxclientsperip <number>
verboselog
displaydotfiles
anonymousonly
noanonymous
syslogfacility <facility>
fortunesfile <file>
pidfile <path to pid file>
norename
dontresolve
anonymouscantupload
maxidletime <time (min)>
createhomedir
maxdiskusagepct <percentage>
keepallfiles
login <auth> or <auth>:<config file>
limitrecursion <number:number>
maxload <load>
anonymouscancreatedirs
natmode
uploadscript
altlog <format>:<log file>
passiveportrange <minport:maxport>
forcepassiveip <ip address>
anonymousratio <upload ratio>:<download ratio>
userratio <upload ratio>:<download ratio>
autorename
nochmod
antiwarez
bind <ip address,port>
anonymousbandwidth <bandwidth (KB/s)>
userbandwidth <bandwidth (KB/s)> or [<up bw>]:[<down bw>]
minuid <uid>
umask <mask>
bonjour <name>
trustedip <ip address>
allowuserfxp
allowanonymousfxp
prohibitdotfileswrite
prohibitdotfilesread
peruserlimits <per user max>:<max anonymous sessions>
allowdotfiles
customerproof
tls < 0:no TLS 1:TLS+cleartext 2:enforce TLS
3: enforce encrypted data channel as well>

Example default config

config pure-ftpd
	option port             '21'
	option noanonymous      '1'
	option chrooteveryone   '1'
	option maxclientsperip  '10'
	option maxclientsnumber '4'
	option peruserlimits    '3:4'
	option umask            '133:022'
	option authentication   'unix'
	option enabled          '1'

Disable messages in syslog

	option 'syslogfacility' 'none'

Using the TLS option

Pure-FTPd won't start if TLS is enabled and there is no certificate and key installed.

The private key concatenated with a certificate is expected at /etc/ssl/private/pure-ftpd.pem

Further information (certificate creation) is available at Pure-FTPd TLS Readme.

doc/uci/pure-ftpd.txt · Last modified: 2014/12/22 17:56 by tmomas