Howto install pureftpd on a debian machine
Posted by remofritzsche on Thu 6 Apr 2006 at 08:17
The target of this tutorial is to have a successful installation of the ftp-daemon pureftpd working with virtual user accounts. You should already know about installing pureftpd.
If you don't have it installed already just run:
# apt-get install pure-ftpd-common pure-ftpd
First of all, create a new system group for pureftpd:
# groupadd ftpgroup
As the second step you may add a user for it and give him no permission to a home directory or any shell:
# useradd -g ftpgroup -d /dev/null -s /etc ftpuser
Now lets create our first FTP user. For this example the user "remo":
# pure-pw useradd remo -u ftpuser -g ftpgroup -d /home/pubftp/remo -N 10
I gave him a limit of 10 MB disk space with the option "-N 10". Now you have to enter remo's new password twice.
By default your users will be saved in /etc/pureftpd.passwd, but first we have to update the pureftpd-Database:
# pure-pw mkdb
The "Database" here is simply a binary file. But it is ordered and has an index for quick access. To get some userdetails, enter:
pure-pw list
to get a complete list of all pureftpd users.
If you want to show information about a specific user: # pure-pw show remo
This will show you detailled information about the user "remo".
What does the line "Directory: /home/pubftp/helmut/./" specificaly the trailing ./ mean? Its simply the chroot for the user, that means he can't go "above" his directory.
If you forgot the password for a user, you can reset it as follows:
# pure-pw passwd remo
But please don't forget to update your database after you've done that:
# pure-pw mkdb
To test the server, first start it:
# /usr/sbin/pure-ftpd -S 127.0.0.1,21 -c 30 -C 1 -l puredb:/etc/pureftpd.pdb -x -E -j -R
Now you should be able to connect via any FTP client
-
A programmer is just a tool which converts coca cola into code.
[ Parent | Reply to this comment ]
How to prevent plain text password flow in the interent? (i.e. Via SSL )
How to enable SSL on pureftpd ? (pureftpd said it was supported.)
Normal FTP client does not support SSL , Any Debian FTP cleint can work on SSL to connect to pureftpd ?
Anyone can help on this ?
[ Parent | Reply to this comment ]
Greez
Remo
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
for more informations :
man pure-ftpd-wrapper
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
-
A programmer is just a tool which converts coca cola into code.
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
cd /etc/ssl/private
make-ssl-cert /usr/share/ssl-cert/ssleay.cnf pure-ftpd.pem
and enable ssl using pure-ftpd wrapper
I would point out one particular feature, I'm a long-time user of proftpd, but I found something in pure-ftpd, that is unique to this daemon. It's the virtual chroot feature. When you log in, you can
see only home directory, but symlinks outside chroot work. While not very good security feature, you
can limit your users to home directory and allow them to work on shared folders while avoiding them
browsing through your whole system.
You need to recompile the package for this to work however, it's as simple as:
apt-get build-dep pure-ftpd
apt-get source pure-ftpd
change in debian/rules:
optflags=--with-everything --with-pam --with-privsep --with-tls --with-virtualchroot
and then recompile using ./debian/rules binary (optionally using fakeroot or dpkg-build-package, as
you are used to).
What I don't like is the lack of per-directory configuration (like changing umask on per
directory basis), in this area, proftpd is really much better.
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
ssl-cert: /usr/sbin/make-ssl-cert
ssl-cert: /usr/share/man/man8/make-ssl-cert.8.gz
[ Parent | Reply to this comment ]
421 Service not available, remote server has closed connection
Login failed.
No control connection for command: Success
while trying to login, check if you are not as stupid as i was...
/usr/sbin/pure-ftpd ... -l puredb:/etc/pureftpd.pdb ...
If you want to use puredb you just created you have to actaully refer to it. puredb on my system resided in a file /etc/pure-ftpd/pureftpd.pdb and as long as the server does not print out any warning that the file passed does not exist... it took me more than half an hour to figure it out.
[ Parent | Reply to this comment ]
when a user i added using this command:
pure-pw useradd USERNAME -u ftpuser -g ftpgroup -d /var/www/users/USERNAME -N 200
And when the USERNAME is trying to upload a file the following error occurs:
Connecting FTP data socket mydomain.com...
553-Can't open that file: Permission denied
553 Rename/move failure: No such file or directory
ERROR:> Access denied.
Please help...
[ Parent | Reply to this comment ]
how do I change so the pure-ftpd starts up wit following setup
/usr/sbin/pure-ftpd -S 127.0.0.1,21 -c 30 -C 1 -l puredb:/etc/pureftpd.pdb -x -E -j -R instead for the normal.
[ Parent | Reply to this comment ]
first of all thank you
i did it all and its works till ...
i dont knew what i did wronge ? please read and help !
debdeb:/etc/pure-ftpd/conf# /usr/sbin/pure-ftpd -S 127.0.0.1,21 -c 30 -C 1 -l puredb:/etc/pureftpd.pdb -x -E -j -R
-bash: /usr/sbin/pure-ftpd: No such file or directory
debdeb:/etc/pure-ftpd/conf# /usr/sbin/pure-ftpd -S 127.0.0.1,21 -c 30 -C 1 -l puredb:/etc/pureftpd.pdb -x -E -j -R
-bash: /usr/sbin/pure-ftpd: No such file or directory
debdeb:/etc/pure-ftpd/conf# cd /usr/sbin/pure-ftpd
-bash: cd: /usr/sbin/pure-ftpd: No such file or directory
debdeb:/etc/pure-ftpd/conf# cd /usr/sbin/
debdeb:/usr/sbin# cd pure-ftpd
-bash: cd: pure-ftpd: No such file or directory
debdeb:/usr/sbin# pure-ftpd -S 127.0.0.1,21 -c 30 -C 1 -l puredb:/etc/pureftpd.pdb -x -E -j -R
-bash: pure-ftpd: command not found
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
its just that your user is not allowed to execute that file.
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
e.g.
# ./configure --with-puredb
[ Parent | Reply to this comment ]
The Pure-FTPd Server does not start at all.
Could you please check it? I have checked this article on 3 different Systems and Pure-FTPd does not starts while it returns no errors!
[ Parent | Reply to this comment ]
By default STANDALONE_OR_INETD is set to inetd.
Change it to
STANDALONE_OR_INETD=standalone
and start pure-ftpd:
$ sudo /etc/init.d/pure-ftpd start
[ Parent | Reply to this comment ]
What I doing wrong? Any idea?
[ Parent | Reply to this comment ]
-S "Is needed, when server runs standalone. Accepts connections on this ip and port (usually 21)"
A service name (see /etc/services) can be used instead of a numeric port number.
-c "Maximum allowed connections"
Allow a maximum of clients to be connected. clients must be at least 1, and if you combine it with -p it will be forced down to half the number of ports specified by -p...
-C Limit the number of simultanous connections coming from the same IP address. This is yet another very effective way to prevent stupid denial of services and bandwidth starvation by a single user...
-l "Provides in this case a PureDB (could be mysql) Authentification-DB. This is already available after pureftpd installation (In my case under /etc/pure-ftpd/pureftpd.pdb"
Enable a new authentication method. It can be one of : -l unix For standard (/etc/passwd) authentication...
-x In normal operation mode, authenticated users can read/write files beginning with a dot ('.'). Anonymous users can't, for security reasons...
-E Only allow authenticated login. Anonymous users are prohibited.
-j If the home directory of an user doesn't exist, automatically create it. The newly created home directory belongs to the user, and permissions are set according to the current directory mask...
-R Disallow users (even non-anonymous ones) usage of the CHMOD command (enter man chmod in terminal if you don't understand)
So concluding from this I change this for home purposes:
-S 192.168.2.X,21 Where X is the last octet (?!?) of your machines ip adress.
Use ifconfig in a terminal, if you want to find out the ip of your interface.
Whats the purpose of an FTP-Server only accepting connections from the same machine, anyhow?
-c 2 Only allowed 2 users
removed -j Created directories beforehand
Changed "puredb:/etc/pureftpd.pdb" to "puredb:/etc/pure-ftpd/pureftpd.pdb"
I'm in no way an experienced linuxer or english native speaking. So excuse any errors.
So long and thanks for the fish.
[ Parent | Reply to this comment ]
root@pixelwor:/# apt-get install pure-ftpd-common pure-ftpd
Reading package lists... Done
Building dependency tree... Done
E: Unable to locate package pure-ftpd-common
E: Unable to locate package pure-ftpd
[ Parent | Reply to this comment ]
either using wireless or wired?
can somebody help me.
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]