Related Ubuntu has a few details useful tool series

Source: Internet
Author: User

Objective

In Linux, Ftpserver has a lot of software, we have matured, like vsftpd, Wu-ftp, pure-ftpd and so on. However, the installation of the software all, the configuration is more troublesome, the establishment of personal ftpserver, is still proftpd relatively simple.

Folder

    1. PROFTPD Introduction
    2. PROFTPD Installation
    3. PROFTPD configuration file
    4. PROFTPD Usage Scenarios
    5. Client Interview
1. PROFTPD Introduction

PROFTPD is an open source Ftpserver software, it is the original world-wide use of the wu-ftpd of the improved version, it fixes many defects of wu-ftpd, in many ways, a major improvement, one of the important changes is that it learned how Apache configuration , making PROFTPD configuration and management easier to understand.

There are two ways to do this, stand-alone server and the child server of the super server.

This is a good choice for both security and stability, and for configuration.

Official site:http://www.proftpd.org/

2. PROFTPD Installation

System environment

    • Linux Ubuntu 12.04.2 LTS 64bit Server

Installing PROFTPD

~ sudo apt-get install proftpd

Select "Standalone"

View PROFTPD Status

~ sudo /etc/init.d/proftpd statusProFTPD is started in standalone mode, currently running.~ ps -aux|grep ftpproftpd   6674  0.0  0.1  94648  2092 ?        Ss   16:05   0:00 proftpd: (accepting connections)#启动port21~ netstat -nltp|grep 21tcp6       0      0 :::21                   :::*                    LISTEN      -
3. PROFTPD configuration file

Configuration file:/etc/proftpd/proftpd.conf

#配置server名ServerName""blog.fens.me FTP Server" #设置server执行模式,独立服务,或者被监管ServerTypestandalone #设置为默认serverDefaultServeron #设置server进程执行使用的用户Userproftpd#设置server进程执行使用的组Group        nogroup#设置关闭IPv6支持UseIPv6        off#设置server接受请求的portPort21 #设置被动模式使用的port范围PassivePorts 60000 65535#设置用户上传文件的权限掩码Umask022#设置用户被chroot锁定到的各自的Home文件夹DefaultRoot/ftp#关闭欢迎信息显示DeferWelcomeoff #假设显示欢迎信息,则指定显示的文件DisplayLoginwelcome.msg #指定切换文件夹时,显示的欢迎信息DisplayChdir.message #设置日志SystemLog                       /var/log/proftp.logTransferLog                     /var/log/proftp-transfer.log

#限定操作

<Limit SITE_CHMOD>DenyAll</Limit>

#设置匿名用户资源

<Anonymous "/ftp/c">...</Anonymous>

#配置存储文件夹权限

<Directory "/ftp/a/" ><Limit ALL>AllowUser xAllowUser a1DenyAll</Limit><Limit CWD READ RETR DIRS>AllowAll</Limit></Directory>

Limit Permission Description:

    • Cwd:change working Directory into the folder
    • Mkd:make Directory Creation folder
    • Rnfr:rename from renaming
    • Dele:delete Deleting files
    • Rmd:remove Directory Delete Folder
    • READ: Readable
    • Write: Writable
    • STOR: Can be uploaded
    • RETR: Available for download
    • DIRS: Agree to list folders
    • Login: Consent to Login
    • All: All
4. PROFTPD Usage Scenarios

Description of the scene: a company to establish a unified ftpserver (/FTP). The company has a department (/FTP/A), b two Departments (/ftp/b). There is a separate storage space.

A1 for a department manager has the right to (/FTP/A) operational rights, A2 for a department staff can only read documents.

B1 for the B Department manager has the right (/ftp/b) operation permission, B2 for the B Department staff only can read the document.

X is the general manager of the company and has rights to (/FTP) operations.

Operation Permissions:

/ftp    -- x全部操作/ftp/a  -- a1全部操作, a2仅仅读/ftp/b  -- b1全部操作, b2仅仅读

Command operation:

# 创建FTP文件夹sudo mkdir /ftpsudo mkdir /ftp/asudo mkdir /ftp/b# 创建用户组sudo groupadd asudo groupadd b

Ubuntu System configuration Nologin, slightly different from other Linux

~  sudo vi /etc/shells# /etc/shells: valid login shells/bin/sh/bin/dash/bin/bash/bin/rbash/usr/bin/tmux/usr/bin/screen/usr/sbin/nologin

Last line Add/usr/sbin/nologin

Create user and set Nologin, disable FTP account login

sudo useradd a1 -g a -s /usr/sbin/nologinsudo useradd a2 -g a -s /usr/sbin/nologinsudo useradd b1 -g b -s /usr/sbin/nologinsudo useradd b2 -g b -s /usr/sbin/nologinsudo useradd x -G a,b -s /usr/sbin/nologin#设置账户passwordecho -e "a1:123" | sudo chpasswdecho -e "a2:123" | sudo chpasswdecho -e "b1:123" | sudo chpasswdecho -e "b1:123" | sudo chpasswdecho -e "x:123" | sudo chpasswd#设置文件夹权限sudo chown x /ftpsudo chown a1:a /ftp/asudo chmod 770 /ftp/asudo chmod g+s /ftp/asudo chown b1:b /ftp/bsudo chmod 770 /ftp/bsudo chmod g+s /ftp/b

Change config file:/etc/proftpd/proftpd.conf

~ sudo vi /etc/proftpd/proftpd.confServerName "blog.fens.me FTP Server"ServerType standaloneDefaultServer onPort 21Umask 022MaxInstances 30User proftpdGroup nogroupDefaultRoot /ftpAllowOverwrite onSystemLog /var/log/proftp.logTransferLog /var/log/proftp-transfer.log<Directory "/ftp/*"><Limit CWD READ>AllowAll</Limit></Directory><Directory "/ftp/a/" ><Limit ALL>AllowUser xAllowUser a1DenyAll</Limit><Limit CWD READ RETR DIRS>AllowAll</Limit></Directory><Directory "/ftp/b/" ><Limit ALL>AllowUser xAllowUser b1DenyAll</Limit><Limit CWD READ RETR DIRS>AllowAll</Limit></Directory><Limit SITE_CHMOD>DenyAll</Limit>

Once again server

~ sudo /etc/init.d/proftpd restart * Stopping ftp server proftpd        
5. Client Interview

Client command line: Win7 64bit command

Analog A1 User login:

~ ftp#建立连接ftp> open 192.168.1.201连接到 192.168.1.201。

ProFTPD 1.3.4a Server (blog.fens.me FTP server) [:: ffff:192.168.1.201] User (192.168.1.201: (None)): a1331 Password Required for a1password:230 User A1 logged in# view folder ftp> dir200 PORT command successful150 Opening ASCII mode Data conn ection for File Listdrwxrws---2 A1 a 4096 Nov 3 12:59 ADRWXRWS---2 b1 b 4096 Nov 3 12:25 b226 Transfer completeftp: Received 116 bytes, spents 0.00 seconds 58.00 kilobytes per second. ftp> cd a250 CWD command successfulftp> pwd257 "/A" is the current directoryftp> dir200 PORT command successful15 0 Opening ASCII Mode data connection for file list-rw-r--r--1 A2 a 55723 Nov 3 12:56 36kryunjiasu.docx -rw-r--r--1 A1 a 4 Nov 3 12:24 test.txt226 Transfer completeftp: 139 Bytes Received, spents 0.00 seconds 69.50 Kilobytes per second. #上传文件ftp > put c:\22.log200 PORT command successful150 Opening ASCII mode data connection for 22.log226 Transfer complet Eftp: Send 120 bytes, spents 0.06 seconds 2.18 kilobytes per second. #下载文件ftp > Get test.txt200 PORT command successful150 Opening ASCII mode data connection for Test.txt (4 bytes) 226 Transfer completeftp: Received 5 bytes, spents 0.00 seconds 5000.00 kilobytes per second. #尝试訪问B文件夹, error ftp> CD. /b550. /b:no such file or directory# exits ftp> bye221 Goodbye.

Analog A2 User login:

~ ftp#建立连接ftp> open 192.168.1.201连接到 192.168.1.201。

220 ProFTPD 1.3.4a Server (blog.fens.me FTP Server) [::ffff:192.168.1.201]用户(192.168.1.201:(none)): a2331 Password required for a2password:230 User a2 logged in#查看文件夹 ftp> dir200 PORT command successful150 Opening ASCII mode data connection for file listdrwxrws--- 2 a1 a 4096 Nov 3 13:09 adrwxrws--- 2 b1 b 4096 Nov 3 12:25 b226 Transfer completeftp: 收到 116 字节,用时 0.00秒 116.00千字节/秒。#上传文件,出错ftp> put c:\11.log200 PORT command successful550 11.log: Operation not permitted#下载文件ftp> get 22.log200 PORT command successful150 Opening ASCII mode data connection for 22.log (114 bytes)226 Transfer completeftp: 收到 120 字节,用时 0.00秒 120000.00千字节/秒。

With PROFTPD we build ftpserver in a high-speed interior. than WU-FTPD for convenience.

Copyright notice: This article Bo Master original articles, blogs, without consent may not be reproduced.

Related Ubuntu has several useful tool series for details

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.