Pure-FTPd
Pure-FTPd is a ftp server designed with security in mind.
Installation
pure-ftpd can be installed from the Arch User Repository.
The Server can be started using # systemctl start pure-ftpd
.
To start the Server automaticly use # systemctl enable pure-ftpd
.
For more informations how to manage the Service read using units.
Configuration
Pure-FTPd configuration is completly done with its startup arguments.
There is a wrapper script, which is used to read /etc/pure-ftpd.conf
. It then calls Pure-FTPd with the corresponding arguments.
Set up Virtual Users
With Pure-FTPd its possible to use virtual users instead of real system users.
The avaliable users needs to be provided by one ore more backends. See backends.
We are going to use the PureDB backend since it is simple and requires no further dependencies. Uncomment the following two lines:
# We disable the anonymous account. NoAnonymous yes # We use PureDB as backend and specify its path. PureDB /etc/pureftpd.pdb
Now only authenticated users can connect. To add users to the PureDB we need to create a /etc/passwd
like file which is then used to create the PureDB.
To create, view or modify the /etc/pureftpd.passwd
file we use the pure-pw command.
# pure-pw useradd someuser -u ftp -d /srv/ftp
This creates the user someuser which runs as the ftp systemuser. He is chrooted to /srv/ftp
. If you dont want to chroot him use -D instead of -d.
Now before this account is usable we need to commit our changes:
# pure-pw mkdb
The virtual user someuser can now access everything in /srv/ftp
.
Command pure-pw mkdb creates the file mentioned earlier called /etc/pureftpd.pdb, this file houses all information related to your virtual users, there is no need to restart your service when issuing this command as it is updated on the fly and changes take effect immediately. Lets say someuser forgot his password and wants it changed, here's what you'd do:
# pure-pw passwd someuser
Enter someuser new password, then commit your changes by updating pureftpd.pdb:
# pure-pw mkdb
Thats it, someuser is ready to go, now lets say someuser has become a liability and you want to get rid of him, just do the following:
# pure-pw userdel someuser
This deletes someuser's login, but not his home directory, directories must be deleted manually if desired. Ok, now that someuser was deleted, lets say we have another user named another_user, and we want to check his current account settings, simply issue the following command:
# pure-pw show another_user
Backends
You need to specify one or more Backends. If you specify more than one, Pure-FTPd will respect the order in which they are specified. It will use the first backend which contains the requested user.
Available backends are:
-
/etc/passwd
- MySQL
- LDAP
- PostgreSQL
- PAM
- PureDB
- you can write your own