安装配置ProFTPd
1 下载proftpd
地址:www.proftpd.org。这里我们下载了1.2.9版本
[code:1:de92f96787] wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.2.9.tar.gz
[/code:1:de92f96787]
2 安装proftpd
切换到下载目录,假设为/tmp/proftpd,然后
[code:1:de92f96787] tar zxvf proftpd-1.2.9.tar.gz //解压
- cd proftpd-1.2.9
- ./configure --prefix=/var/proftpd --sysconfdir=/etc //设置安装目录/var/proftpd,配置文件目录/etc
- make
- make install
- [/code:1:de92f96787]
3 新建ftp专用帐号
就是上面目的中提到的那个专用帐号,这里以skate/skate(u/p)为例。
[code:1:de92f96787] groupadd skate
useradd skate -g skate -d /var/ftp -s /sbin/nologin //设置/var/ftp目录为ftp的目录
passwd skate //设置skate用户的密码
mkdir /var/ftp/upload
chown skate.skate /var/ftp/upload //设置upload目录skate用户可写
[/code:1:de92f96787]
4 设置proftpd
proftpd的配置文件就一个,就是/etc/proftpd.conf
[code:1:de92f96787] vi /etc/proftpd.conf //打开proftpd.conf
[/code:1:de92f96787]
[code:1:de92f96787]
####具体配置如下######
ServerName "Test ftp server..."
ServerType standalone
DefaultServer on
#端口
Port 21
Umask 022
#最大线程数
MaxInstances 30
User skate
Group skate
#DNS反查
UseReverseDNS off
IdentLookups off
#最大尝试连接次数
MaxLoginAttempts 3
#每用户线程
MaxClientsPerHost 2
#最大用户数
MaxClients 20
DirFakeUser On skate
DirFakeGroup On skate
DeferWelcome On
#日志文件位置
SystemLog /var/log/proftpd.log
ServerIdent off
#限制skate组的skate用户登录时不能切换到其他目录(只能呆在他的home目录)
DefaultRoot ~ skate,skate
#设置只允许192.168.0的用户登录
#
#Order allow,deny
#Allow from 192.168.0.
#Deny from all
#
#设置只允许skate用户登录,否则系统用户也可以登录ftp
#
#Order allow,deny
#DenyUser !skate
#
#开起全盘的写权限
AllowOverwrite on
AllowStoreRestart on
#允许FXP
# AllowForeignAddress on
AllowAll
#设置skate用户在upload的限制
#DELE删除权限
#RNFR RNTO重命名权限
#RMD XRMD移动目录权限
DenyUser skate
#####结束######
[/code:1:de92f96787]
编辑完以后按Esc,然后输入:x保存。
5 启动ProFTPd服务
编辑一个启动脚本(这个是从网上copy的,不是我写的,感谢那个写这个脚本的人,很好用,thx)
- [code:1:de92f96787] vi /etc/rc.d/init.d/proftpd[/code:1:de92f96787]
- [code:1:de92f96787]
- #####脚本内容开始########
- #!/bin/sh
- #
- # Startup script for ProFTPD
- #
- # chkconfig: 345 85 15
- # description: ProFTPD is an enhanced FTP server with \
- # a focus toward simplicity, security, and ease of configuration. \
- # It features a very Apache-like configuration syntax, \
- # and a highly customizable server infrastructure, \
- # including support for multiple 'virtual' FTP servers, \
- # anonymous FTP, and permission-based directory visibility.
- # processname: proftpd
- # config: /etc/proftpd.conf
- #
- # By: Osman Elliyasa
- # $Id: proftpd.init.d,v 1.7 2002/12/07 21:50:27 jwm Exp $
- # Source function library.
- . /etc/rc.d/init.d/functions
- if [ -f /etc/sysconfig/proftpd ]; then
- . /etc/sysconfig/proftpd
- fi
- #下面这行设置环境变量,注意设置好你的proftpd的安装目录
- PATH="$PATH:/usr/local/sbin:/var/proftpd/bin:/var/proftpd/sbin"
- # See how we were called.
- case "$1" in
- start)
- echo -n "Starting proftpd: "
- daemon proftpd $OPTIONS
- echo
- touch /var/lock/subsys/proftpd
- ;;
- stop)
- echo -n "Shutting down proftpd: "
- killproc proftpd
- echo
- rm -f /var/lock/subsys/proftpd
- ;;
- status)
- status proftpd
- ;;
- restart)
- $0 stop
- $0 start
- ;;
- reread)
- echo -n "Re-reading proftpd config: "
- killproc proftpd -HUP
- echo
- ;;
- suspend)
- hash ftpshut >/dev/null 2>&1
- if [ $? = 0 ]; then
- if [ $# -gt 1 ]; then
- shift
- echo -n "Suspending with '$*' "
- ftpshut $*
- else
- echo -n "Suspending NOW "
- ftpshut now "Maintanance in progress"
- fi
- else
- echo -n "No way to suspend "
- fi
- echo
- ;;
- resume)
- if [ -f /etc/shutmsg ]; then
- echo -n "Allowing sessions again "
- rm -f /etc/shutmsg
- else
- echo -n "Was not suspended "
- fi
- echo
- ;;
- *)
- echo -n "Usage: $0 {start|stop|restart|status|reread|resume"
- hash ftpshut
- if [ $? = 1 ]; then
- echo '}'
- else
- echo '|suspend}'
- echo 'suspend accepts additional arguments which are passed to ftpshut(8)'
- fi
- exit 1
- esac
- if [ $# -gt 1 ]; then
- shift
- $0 $*
- fi
- exit 0
#######脚本结束#########
[/code:1:de92f96787]
按Esc,输入:x保存。
然后添加到系统服务并启动
[code:1:de92f96787]
chkconfig --add profptd
service proftpd start[/code:1:de92f96787]
以后可以用service proftpd restart来重起proftpd。
6 ProFTPd的一点体会
看proftpd的文档翻译过的一句话:Finally, a special command is allowed which can be used to control login access: LOGIN Connection or login to
the server. Applying a to this pseudo-command can be used to allow or deny initial connection or login to the context. It has no
effect, and is ignored, when used in a context other than server config, or (i.e. using it in a context
is meaningless).
翻译下:最后,有一个用来限制登陆的特殊命令,就是LOGIN。在中用这个,可以禁止或者允许连接进来。但是,如果不在Server config,
或者中使用的话,他将失去效用,或者说被忽略掉(比如在中使用就是无效的)。
proftpd感觉还是比vsftp功能配置上好用一点,主要掌握好段基本上应用来说就没有问题了。
【编辑推荐】
- 用MySQL和Proftpd配置FTP服务器
- ProFTPD 下的五大问题
- Linux ProFTPd服务器配置(全)
- ProFTPD的配置文件proftpd.conf
- ProFTPD的启动与测试
- 手把手教你 配置ProFTPD服务器
- ProFTPd的启动
- 在图形界面下控制ProFTPD
下一篇:看知名企业如何选用人才