Ubuntu Linux下用proftpd架设FTP服务器
$sudo apt-get install proftpd 新建一个ftp,指定主目录为/home/ftpuser
$sudo useradd ftpuser -p userpasswd -d /home/ftpuser -s /bin/false 创建一个只能用来读取ftp的用户ftpuser. 这个用户不需要有效的shell(更安全) ,所以选择 /bin/false shell 给 ftpuser 启动/停止/重启动你的服务:
Code:
sudo /etc/init.d/proftpd start
sudo /etc/init.d/proftpd sp
sudo /etc/init.d/proftpd restart
对你的proftpd进行一下语法检查:
Code:
sudo proftpd -td5
想知道谁现在连接到你的服务,用ftptop命令(使用字母”t”来转换显示频率),你也可以使用”ftpwho”命令.
在进入proftpd的配置文件:我的文件在/etc/proftpd/proftpd.cf 内容如下:# /etc/proftpd/proftpd.conf — This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
# Includes DSO modules
Include /etc/proftpd/modules.conf
UserAlias xueok ftpuser
ServerName “Debian”
ServerType standalone
DeferWelcome off #不显示欢迎信息,on为显示MultilineRFC2228 on
DefaultServer on
ShowSymlinks onTimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200 #发呆超时DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions “-l”DenyFilter \*.*/# Port 21 is the standard FTP port.
Port 21
#DirFakeUser On FTP #是否显示给用户真实的用户、组on为不显示
#DirFakeGroup On FTP
# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts 49152 65534
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30 #最大连接请求
# Set the user and group that the server normally runs at.
#User proftpd
User nobody #以哪个用户、组的身份运行
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd off
# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
# UseSendFile off
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
TLSEngine off
QuotaEngine on
Ratios on
# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
DelayEngine on
ControlsEngine on
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
AdminControlsEngine on
# A basic anonymous configuration, no upload directories. 名称。在登入时所显示的名称。
ServerType :服务器工作类型。ProFTPD能以Standalone、xinetd两种模式运行。
DefaultServer:是否启用虚拟FTP,on为支持,off是关闭。
ServerIdent :是否显示FTP软件名称,on为显示,off是关闭。
Port:运行端口。设定于登入时,主机是监听那一个端口。
Umask:指定确省配置文件的权限一般是022。
MaxInstances:最大连接请求。设定服务器于同一时间内可以处理的程序有几笔,若服务器运行类型设为standalone的话,可设低一点,以避免黑客的DoS攻击。
User:指明运行FTP服务器的用户名称。
Group: 指明运行FTP服务器的用户组名称。
登入时想进入的目录位置 (/*是通配符合),AllowOverwrite 表示是否允许客户端覆盖文件,这样是不安全的应当选择off。
是否建立匿名FTP站点。除非需要请删除这个选型。
DisplayLogin welcome.msg 设置ftp登陆欢迎信息文件。
- 最新评论