源码包安装:
1.
安装proftpd1
---------------------------------------------------------------------
freebsd#
tar zxvf proftpd-1.2.10.tar.gz
freebsd# cd proftpd-1.2.10
freebsd#
./configure --prefix=/usr/local/proftpd
freebsd# make
freebsd# make
install
2.
创建ftpassswd命令
---------------------------------------------------------------------
从
获得ftpasswd的perl源代码,
并保存为 /usr/local/proftpd/sbin/ftpasswd 。
freebsd# chmod
755
/usr/local/proftpd/sbin/ftpasswd
通过ftpasswd命令,可以对ProFTPD的虚拟用户进行管理。
freebsd#
echo "wheel:*:0:" >> /usr/local/proftpd/etc/ftpd.group
freebsd# /usr/local/proftpd/sbin/ftpasswd --passwd
--name=admin --uid=2001 --gid=0 --home=/ftp/admin --
shell=/bin/bash
--file=/usr/local/proftpd/etc/ftpd.passwd
...
Password:
Re-type password:
freebsd# /usr/local/proftpd/sbin/ftpasswd --passwd
--name=kerry --uid=2101 --gid=2000 --home=/ftp/kerry
--shell=/usr/sbin/nologin
--file=/usr/local/proftpd/etc/ftpd.passwd
...
Password:
Re-type password:
之后会自动生成/usr/local/proftpd/etc/ftpd.passwd
freebsd# chmod -R 777 /ftp/admin
freebsd# chmod -R 777
/ftp/kerry
要注意,因为虚拟用户并不在本地系统用户中存在,所以要设置虚拟用户可以访问的所有目录都允许其它用户写,这样
才能保证虚拟用户正常增删文件。
3. 修改配置文件
------------------------------------------------------------------------------------
freebsd# vi /usr/local/proftpd/etc/proftpd.conf
ServerName "My FTP Server"
ServerType
standalone
DefaultServer on
#Bind 10.10.10.10
ExtendedLog /var/log/proftpd
read,write,auth
#
原来的设置项是ScoreboardPath,但现在版本的proftpd已不再支持,改用ScoreboardFile
ScoreboardFile
/usr/local/proftpd/var/proftpd/proftpd.scoreboard
Port 21
Umask 022
MaxInstances 500
MaxClients 100
#
如果允许匿名访问或多人共用同一帐号,MaxHostsPerUser和MaxClientsPerUser不应设置过小,或不用设置
MaxHostsPerUser
100 "Sorry, only 1 host allowed per user!"
MaxClientsPerUser 100 "Sorry, only
1 connection allowed per user!"
TimeoutIdle 600
TimeoutStalled
600
# 不显示服务器相关信息, 如proftpd版本
ServerIdent off
#
禁用反向域名解析
UseReverseDNS off
# 支持FXP
AllowForeignAddress on
# 支持被动模式
PassivePorts
49152 65534
AllowOverwrite on
#
允许下载续传,默认即开启,但为了明确我显示地声明
AllowRetrieveRestart on
#
允许上载续传
AllowStoreRestart on
DisplayLogin welcome.msg
DisplayFirstChdir
.message
User nobody
Group nogroup
#
不要求有合法shell,直接效果是允许nologin用户和虚拟用户登录
RequireValidShell off
#
设置用户验证顺序是先虚拟用户再本地用户
AuthOrder mod_auth_file.c mod_auth_unix.c
#
指定虚拟用户数据文件
AuthUserFile /usr/local/proftpd/etc/ftpd.passwd
#
指定虚拟组数据文件
AuthGroupFile /usr/local/proftpd/etc/ftpd.group
#
***除wheel组外其它所有组只能访问home目录内容,这里wheel需要在ftpd.group中定义
DefaultRoot ~
!wheel
# 虽然默认情况root不能ftp,但我仍然显式地声明它,也方便随时开启这个功能。
RootLogin
off
DenyAll
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well
as "ftp"
UserAlias anonymous ftp
# Limit the maximum number of anonymous
logins,禁用匿名FTP
MaxClients none "Sorry, anonymous is refused on this
site!"
# We want 'welcome.msg' displayed at login, and '.message'
displayed
# in each newly chdired directory.
DisplayLogin
welcome.msg
DisplayFirstChdir .message
# Limit WRITE everywhere in the anonymous chroot
DenyAll
本文出自 “聆听未来” 博客,请务必保留此出处http://blog.chinaunix.net/space.php?uid=9419692&do=blog&id=3182632