Linux 下如何利用proftpd構架一個ftp服務器
這篇文章針對那些希望利用ftp協議和朋友們共享文件的人們,就像windows下的FTPserU,我提供的方式不是唯一的,希望我的方法足夠清晰。這個FTPserver只允許擁有正確密碼的人使用,所以你要明白只有已知的用戶才能讀取你的FTP服務。1- 使用下面的命令安裝proftpd:
Code:
sudo apt-get install proftpd
2- 在etc/shells 加入如下代碼 (sudo gedit /etc/shells to open the file)(譯注:命令行模式下sudo vi /etc/shells):
Code: [color=#f5fafe][/color]
/bin/false
新建一個 /home/FTP-shared 目錄:
Code: [color=#f5fafe][/color]
cd /home
sudo mkdir FTP-shared
創建一個只能用來讀取ftp的用戶userftp。這個用戶不需要有效的shell(更安全),所以選擇 /bin/false shell 給 userftp,/home/FTP-shared 作為主目錄。
為了是這部分更清楚,我給取此操作的命令行:
Code: [color=#f5fafe]Www.[/color]
sudo useradd userftp -p your_password -d /home/FTP-shared -s /bin/false
在FTP-shared 目錄下新建一個download和一個upload 目錄:
Code:
中國
cd /home/FTP-shared/ [color=#f5fafe][/color]
sudo mkdir download [color=#f5fafe][/color]
sudo mkdir upload
現在我們來給它們設置相應的權限:
Code: 中國
cd /home
sudo chmod 755 FTP-shared
cd FTP-shared
sudo chmod 755 download [color=#f5fafe][/color]
sudo chmod 777 upload
3- 好了,現在進入proftpd的配置文件: [color=#f5fafe]Www.[/color]
[table=95%][tr][td][color=#ff0000]以下為引用的內容:[/color]
Code:
sudo gedit /etc/proftpd.conf
當然你可以按你的需要編輯你自己的proftpd.conf:
Code:
# To really apply changes reload proftpd after modifications.
AllowOverwrite on
AuthAliasOnly on
# Choose here the user alias you want !!!!
UserAlias sauron userftp [color=#f5fafe][/color]
ServerName "ChezFrodon"
ServerType standalone
DeferWelcome on
MultilineRFC2228 on
DefaultServer on
ShowSymlinks off
中國
TimeoutNoTransfer 600
TimeoutStalled 100
TimeoutIdle 2200
DisplayFirstChdir .message
ListOptions "-l"
RequireValidShell off [color=#f5fafe][/color]
TimeoutLogin 20
RootLogin off [color=#f5fafe][/color]
# It's better for debug to create log files ;-)
ExtendedLog /var/log/ftp.log
TransferLog /var/log/xferlog
SystemLog /var/log/syslog.log
#DenyFilter \*.*/
# I don't choose to use /etc/ftpusers file (set inside the users you want to ban, not useful for me)
UseFtpUsers off
# Allow to restart a download
AllowStoreRestart on
# Port 21 is the standard FTP port, so don't use it for security reasons (choose here the port you want)
Port 1980
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 8
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
中國
PersistentPasswd off
中國
MaxClients 8
MaxClientsPerHost 8
MaxClientsPerUser 8
MaxHostsPerUser 8
# Display a message after a successful login
AccessGrantMsg "welcome !!!"
# This message is displayed for each access good or not
ServerIdent on "you're at home"
# Set /home/FTP-shared directory as home directory
DefaultRoot /home/FTP-shared
# Lock all the users in home directory, ***** really important *****
DefaultRoot ~
MaxLoginAttempts 5
#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
DenyALL
</Limit>
<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory> [url=http://exwolf.com/bbs/Www.]Www.[/url]
<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
中國
<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
<Limit READ RMD DELE>
DenyAll
</Limit>
<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
[/td][/tr][/table][color=#f5fafe][/color] 好了,你已經完成了proftpd的配置,你的服務端口是1980,而讀取的參數如下,用戶:sauron,密碼:你為userftp設置的那個。
4- 啟動/停止/重啟動你的服務: [color=#f5fafe][/color]
Code:
sudo /etc/init.d/proftpd start
sudo /etc/init.d/proftpd stop
sudo /etc/init.d/proftpd restart
對你的proftpd進行一下語法檢查:
中國
Code:
sudo proftpd -td5
想知道誰現在連接到你的服務,用ftptop命令(使用字母"t"來轉換顯示頻率),你也可以使用"ftpwho"命令。
頁:
[1]