Difference between revisions of "Proftpd"

From ArchWiki
Jump to: navigation, search
(New page: === ProFTPD Installation === By using pacman... pacman -Sy proftpd)
 
(11 intermediate revisions by 11 users not shown)
Line 1: Line 1:
=== ProFTPD Installation ===
+
{{stub}}
By using pacman...
+
[[Category:File Transfer Protocol]]
  
pacman -Sy proftpd
+
== ProFTPD Installation ==
 +
# pacman -S proftpd
 +
 
 +
== Daemon Configuration ==
 +
Open your rc.conf in an editor:
 +
# nano /etc/rc.conf
 +
And add 'proftpd' to the DAEMONS list.
 +
  DAEMONS=(... '''proftpd''' ...)
 +
 
 +
 
 +
== Configuration ==
 +
The default configuration file is on (/etc/proftpd.conf)
 +
# This is a basic ProFTPD configuration file (rename it to
 +
# 'proftpd.conf' for actual use.  It establishes a single server
 +
# and a single anonymous login.  It assumes that you have a user/group
 +
# "nobody" and "ftp" for normal operation and anon.
 +
 +
ServerName "ProFTPD Default Installation"
 +
ServerType standalone
 +
DefaultServer on
 +
 +
# Port 21 is the standard FTP port.
 +
Port 21
 +
 +
# Don't use IPv6 support by default.
 +
UseIPv6 off
 +
 +
# Umask 022 is a good standard umask to prevent new dirs and files
 +
# from being group and world writable.
 +
Umask 022
 +
 +
# To prevent DoS attacks, set the maximum number of child processes
 +
# to 30.  If you need to allow more than 30 concurrent connections
 +
# at once, simply increase this value.  Note that this ONLY works
 +
# in standalone mode, in inetd mode you should use an inetd server
 +
# that allows you to limit maximum number of processes per service
 +
# (such as xinetd).
 +
MaxInstances 30
 +
 +
# Set the user and group under which the server will run.
 +
User nobody
 +
Group nobody
 +
 +
# To cause every FTP user to be "jailed" (chrooted) into their home
 +
# directory, uncomment this line.
 +
#DefaultRoot ~
 +
 +
# Normally, we want files to be overwriteable.
 +
AllowOverwrite on
 +
 +
# Bar use of SITE CHMOD by default
 +
<Limit SITE_CHMOD>
 +
  DenyAll
 +
</Limit>
 +
 +
# A basic anonymous configuration, no upload directories.  If you do not
 +
# want anonymous users, simply delete this entire <Anonymous> section.
 +
<Anonymous ~ftp>
 +
  User ftp
 +
  Group ftp
 +
 +
  # We want clients to be able to login with "anonymous" as well as "ftp"
 +
  UserAlias anonymous ftp
 +
 +
  # Limit the maximum number of anonymous logins
 +
  MaxClients 10
 +
 +
  # We want 'welcome.msg' displayed at login, and '.message' displayed
 +
  # in each newly chdired directory.
 +
  DisplayLogin welcome.msg
 +
  DisplayChdir .message
 +
 +
  # Limit WRITE everywhere in the anonymous chroot
 +
  <Limit WRITE>
 +
    DenyAll
 +
  </Limit>
 +
</Anonymous>
 +
 
 +
== More to Follow ==
 +
A more in depth installation & configuration tutorial will come about shortly...
 +
 
 +
To head off a common problem, for anonymous access to work with /bin/false as the shell for the ftp user (the default configuration), you must add the line "RequireValidShell off" to /etc/proftpd.conf.  Otherwise anonymous logins will receive a 530 error.
 +
 
 +
Please visit: [http://proftpd.org/ proFtpd.org]

Revision as of 11:16, 16 December 2012

Tango-document-new.pngThis article is a stub.Tango-document-new.png

Notes: please use the first argument of the template to provide more detailed indications. (Discuss in Talk:Proftpd#)

ProFTPD Installation

# pacman -S proftpd

Daemon Configuration

Open your rc.conf in an editor:

# nano /etc/rc.conf

And add 'proftpd' to the DAEMONS list.

 DAEMONS=(... proftpd ...)


Configuration

The default configuration file is on (/etc/proftpd.conf)

# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName			"ProFTPD Default Installation"
ServerType			standalone
DefaultServer			on

# Port 21 is the standard FTP port.
Port				21

# Don't use IPv6 support by default.
UseIPv6				off

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask				022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances			30

# Set the user and group under which the server will run.
User				nobody
Group				nobody

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite		on

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
  DenyAll
</Limit>

# A basic anonymous configuration, no upload directories.  If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
  User				ftp
  Group				ftp

 # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias			anonymous ftp

 # Limit the maximum number of anonymous logins
 MaxClients			10

 # We want 'welcome.msg' displayed at login, and '.message' displayed
 # in each newly chdired directory.
 DisplayLogin			welcome.msg
 DisplayChdir			.message

 # Limit WRITE everywhere in the anonymous chroot
 <Limit WRITE>
   DenyAll
 </Limit>
</Anonymous>

More to Follow

A more in depth installation & configuration tutorial will come about shortly...

To head off a common problem, for anonymous access to work with /bin/false as the shell for the ftp user (the default configuration), you must add the line "RequireValidShell off" to /etc/proftpd.conf. Otherwise anonymous logins will receive a 530 error.

Please visit: proFtpd.org