Pure-ftpd是一款轻量化ftpd服务提供软件,其基于本地用户的家目录来实现目录切换;匿名用户访问只需要指定ftp用户的家目录即可指定匿名用户的访问目录;而指定用户访问只能添加虚拟用户的方式来新增验证用户、口令。
添加虚拟用户的命令如下:
pure-pw useradd <login>
[-f <passwd file>] -u <uid> [-g <gid>]
-D/-d <home directory> [-c <gecos>]
[-t <download bandwidth>] [-T <upload bandwidth>]
[-n <max number of files>] [-N <max Mbytes>]
[-q <upload ratio>] [-Q <download ratio>]
[-r <allow client ip>/<mask>] [-R <deny client ip>/<mask>]
[-i <allow local ip>/<mask>] [-I <deny local ip>/<mask>]
[-y <max number of concurrent sessions>]
[-C <max number of concurrent login attempts>]
[-M <total memory (in MB) to reserve for password hashing>]
[-z <hhmm>-<hhmm>] [-m]
参数:
-d:chroot user
-D:don’t chroot user
-m:also update the /etc/pure-ftpd/pureftpd.pdb
例如:
pure-pw useradd test –u cios –g users –d /home/server/workload –m
此时,/etc/pure-ftpd/目录下自动生成两个文件:pureftd.pdb、pureftpd.passwd;
cios用户对/home/server/workload目录的权限则直接影响虚拟用户对目录的使用权限
配置虚拟用户密码:
pure-pw passwd <login> [-f <passwd file>] [-m]
例如:
pure-pw passwd joe -m
This command will change Joe’s password in pureftpd.passwd and commit the change to /etc/pureftpd.pwd .
刷新虚拟用户数据
pure-pw mkdb
查看虚拟用户信息
pure-pw show <login> [-f <passwd file>]
删除虚拟用户
pure-pw userdel <login> [-f <passwd file>] [-m]
例如:
pure-pw userdel test –m
接口服务器pure-ftpd配置方案
修改配置文件:
INT2-2:/tmp # grep -v '^$' pure-ftpd.conf |grep -v '^#'
ChrootEveryone yes
BrokenClientsCompatibility no
MaxClientsNumber 10
Daemonize yes
MaxClientsPerIP 3
VerboseLog no
AllowDotFiles yes
DisplayDotFiles yes
NoAnonymous yes
SyslogFacility ftp
DontResolve yes
MaxIdleTime 15
PureDB /etc/pure-ftpd/pureftpd.pdb
LimitRecursion 10000 8
AnonymousCanCreateDirs no
MaxLoad 4
PassivePortRange 30000 30100
AntiWarez yes
Umask 133:022
MinUID 20
AllowUserFXP no
AllowAnonymousFXP no
ProhibitDotFilesWrite yes
ProhibitDotFilesRead no
AutoRename yes
AnonymousCantUpload yes
MaxDiskUsage 99
NoRename yes
CustomerProof yes
注释:需要注意以下参数配置
ChrootEveryone 默认每个用户都支持chroot功能
MaxClientsPerIP 每个IP支持的最大连接数
PureDB pure-ftpd的本地用户数据文件,虚拟用户信息就保存在这个文件中
LimitRecursion 单目录可见的文件数/可支持的目录层数,很重要
添加虚拟用户
INT2-2:/ #pure-pw useradd test –u cios –g users –d /home/server/workload –m
Password:
Enter it again:
注释:password:xxxxxxxx
刷新用户信息
INT2-2:/#pure-pw mkdb
查看虚拟用户信息
INT2-2:/# pure-pw show test
Login : test
Password : $2a 07 07 07CD89FdRlJh8GiPjdWfL4cubquEZRAuXAPDoSg4H3xyjN2BSb494DG
UID : 1001 (cios)
GID : 100 (users)
Directory : /home/server/workload/./
Full name :
Download bandwidth : 0 Kb (unlimited)
Upload bandwidth : 0 Kb (unlimited)
Max files : 0 (unlimited)
Max size : 0 Mb (unlimited)
Ratio : 0:0 (unlimited:unlimited)
Allowed local IPs :
Denied local IPs :
Allowed client IPs :
Denied client IPs :
Time restrictions : 0000-0000 (unlimited)
Max sim sessions : 0 (unlimited)
查看虚拟用户列表
INT2-2:/# pure-pw list