`
hipeace87
  • 浏览: 170107 次
  • 性别: Icon_minigender_1
  • 来自: 山东菏泽
社区版块
存档分类
最新评论

ubuntu proftpd 配置 安装 问题 命令

UbuntuDOSSecurityAccess 
阅读更多

1- 使用下面的命令安装proftpd:
Code:
sudo apt-get install proftpd
2- 在etc/shells 加入如下代码 (sudo gedit /etc/shells to open the file)(译注:命令行模式下sudo vi /etc/shells) :
Code:
/bin/false
新建一个 /home/FTP-shared 目录 :
Code:
cd /home
sudo mkdir FTP-shared
创建一个只能用来读取ftp的用户userftp. 这个用户不需要有效的shell(更安全) ,所以选择 /bin/false shell 给 userftp , /home/FTP-shared 作为主目录.
为了是这部分更清楚,我给取此操作的命令行:
Code:
sudo useradd userftp -p your_password -d /home/FTP-shared -s /bin/false
在FTP-shared 目录下新建一个download和一个upload 目录:
Code:
cd /home/FTP-shared/
sudo mkdir download
sudo mkdir upload
现在我们来给它们设置相应的权限:
Code:
cd /home
sudo chmod 755 FTP-shared
cd FTP-shared
sudo chmod 755 download
sudo chmod 777 upload
3- 好了,现在进入proftpd的配置文件:
Code:
sudo gedit /etc/proftpd.conf
当然你可以按你的需要编辑你自己的proftpd.conf:
Code:
# To really apply changes reload proftpd after modifications.
AllowOverwrite on
AuthAliasOnly on

# Choose here the user alias you want !!!!
UserAlias sauron userftp

ServerName    "ChezFrodon"
ServerType     standalone
DeferWelcome    on

MultilineRFC2228 on
DefaultServer    on
ShowSymlinks    off

TimeoutNoTransfer 600
TimeoutStalled 100
TimeoutIdle 2200

DisplayFirstChdir               .message
ListOptions                "-l"

RequireValidShell    off

TimeoutLogin 20

RootLogin     off

# It's better for debug to create log files ;-)
ExtendedLog     /var/log/ftp.log
TransferLog     /var/log/xferlog
SystemLog    /var/log/syslog.log

#DenyFilter    \*.*/

# I don't choose to use /etc/ftpusers file (set inside the users you want to ban, not useful for me)
UseFtpUsers off

# Allow to restart a download
AllowStoreRestart   on

# Port 21 is the standard FTP port, so don't use it for security reasons (choose here the port you want)
Port     1980

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 8

# Set the user and group that the server normally runs at.
User                  nobody
Group                 nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask     022 022

PersistentPasswd   off

MaxClients 8
MaxClientsPerHost 8
MaxClientsPerUser 8
MaxHostsPerUser 8

# Display a message after a successful login
AccessGrantMsg "welcome !!!"
# This message is displayed for each access good or not
ServerIdent                  on       "you're at home"

# Set /home/FTP-shared directory as home directory
DefaultRoot /home/FTP-shared

# Lock all the users in home directory, ***** really important *****
DefaultRoot ~

MaxLoginAttempts    5

#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
DenyALL
</Limit>

<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>

<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>

<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
<Limit READ RMD DELE>
      DenyAll
    </Limit>

    <Limit STOR CWD MKD>
      AllowAll
    </Limit>
</Directory>

好了,你已经完成了proftpd的配置,你的服务端口是1980,而读取的参数如下,用户:sauron,密码:你为userftp设置的那个.

4- 启动/停止/重启动你的服务:
Code:
sudo /etc/init.d/proftpd start
sudo /etc/init.d/proftpd stop
sudo /etc/init.d/proftpd restart

对你的proftpd进行一下语法检查:
Code:
sudo proftpd -td5

想知道谁现在连接到你的服务,用ftptop命令(使用字母"t"来转换显示频率),你也可以使用"ftpwho"命令

0
0
分享到:
| ubuntu 用户管理
评论
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

Magicbox
Global site tag (gtag.js) - Google Analytics