Ubuntu9.10 install ProFTPD to support SFTP

Purpose

1) Support for SFTP protocol
2) do not use the System Account Verification Method. Instead, use the MySQL database for verification.
3) No Password is saved in the database. Only the 16-bit lowercase string that has been encrypted by the sha256 algorithm can be printed. A salt file must be saved in the system.
4) Specify the user directory in the database, and ProFTPD can dynamically create User Directories

Modify the SSH service port number to 21.

Modify the configuration in the/etc/ssh/sshd_config file.
Then restart the SSH service.
Sudo/etc/init. d/ssh restart
This does not affect SSH usage. The client must use the-p parameter to specify the port number.

Create an ftp system account

Sudo groupadd FTP
Sudo useradd-u 1005-S/bin/false-D/bin/null-c "ProFTPD user"-g ftp ftpuser

Sudo passwd FTP

Dependent Library

Make sure that/usr/include/MySQL. h and/usr/lib/libmysqlclient. A are available in Ubuntu.

Obtain source code compilation and Installation

Note: there cannot be other programs that occupy port 22 in the system.

CD/usr/src
Sudo wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3rc3.tar.gz
Sudo tar xvzf proftpd-1.3.3rc3.tar.gz
CD proftpd-1.3.3rc3
Install_user = FTP install_group = FTP sudo. /configure -- prefix =/usr -- sysconfdir =/etc -- localstatedir =/var/run -- Mandir =/usr/local/man -- without-pam -- disable-auth-pam -- enable -OpenSSL -- With-modules = mod_ratio: mod_readme: mod_sftp: mod_ SQL: mod_ SQL _passwd: mod_ SQL _mysql -- With-supported des =/usr/include/MySQL -- With-libraries =/usr/lib
Sudo make
Sudo make install

After compilation, the current directory and/usr/sbin/both have ProFTPD programs.

Modify configurations

Modify the configuration file/etc/proftd. conf and add the following configuration at the beginning of the file:

Servername "ProFTPD default installation"
Servertype Standalone
Defaultserver on

Rootlogin off
Requirevalidshell off
Defaultroot ~
Identlookups off
Usereversedns off
Createhome on

<Ifmodule mod_ SQL _passwd.c>
Sqlpasswordengine on
Sqlpasswordencoding hex
Sqlpasswordsaltfile/home/chenshu/salt
</Ifmodule>

<Ifmodule mod_ SQL .c>

# Other mod_ SQL Configuration
Here
 
Sqlbackend MySQL

Sqlauthtypes
Sha256

Sqlauthenticate users *
Sqlconnectinfo databasename
@ IP
: 3306 Username
Password
30
Sqlultuid 1003
Sqlultgid 1005

Sqluserinfo users login password_hash null homedir
Null

</Ifmodule>

<Ifmodule mod_sftp.c>
Sftpengine on
Sftplog/etc/SFTP. Log
Sftpauthmethods Password

# Host keys, for server host
Authentication
 
Sftphostkey/etc/ssh/ssh_host_rsa_key
Sftphostkey/etc/ssh/ssh_host_dsa_key
</Ifmodule>

#
Port 21 is the standard FTP
Port.
 
Port 22

Create a data table

Create Table 'users '(
'Id' int (10) unsigned not null auto_increment,
'Login' varchar (16) not null,
'Password _ hash' varchar (80) not null,
'Homedir' varchar (1024) not null,
Primary Key ('id ')
)

Manufacturing data:
The following is the ruby code:
Require 'digest/sha2'
Puts Digest: sha256.hexdigest ("770328" + "7 wjceqx /")

"770328" is the User Password
"7 wjceqx/" is a salt and should also be saved in the/home/chenshu/salt file. Do not add line breaks to files.
The calculated string is saved to the password_hash column.

The homedir field stores the user directory. If it is not found during the First Login, it is automatically created.

Finally, start the service:
Chenshu @ chenshu-desktop:/usr/sbin $ sudo./ProFTPD

Test, pass.