pureftpd

1. 安裝

參考：http://opensourceholic.com/2014/05/11/setup-ftp-account-on-amazon-ec2-using-pure-ftpd/

Install Pure-FTPd:

To install Pure-FTPD on Ubuntu run below command on terminal

sudo apt-get install pure-ftpd

Unlike most FTP servers, Pure-FTPd has almost no configuration files. It is all command-line driven.

Create an unprivileged user and group using the following commands:

sudo groupadd ftpgroup

sudo useradd -g ftpgroup -d /dev/null -s /etc ftpuser

sudo chown -R ftpuser:ftpgroup /home/ftpusers

Next create your ftpuser directory

sudo mkdir /home/ftpusers

This will be the home directory at /home/ftpusers. This will be the root of their access on the server if you create your users with jail access where they can’t move up to higher levels. You can also create a individual home directories for each user using symlink.

The ‘ftpgroup’ group and the ‘ftpuser’ user will be needed when you are setting up users in your ftp server.

Setup FTP user account:

Create a user directory or a home directory for user $USER. Replace $USER with your user name.

sudo mkdir /home/ftpusers/$USER

Create user $USER

sudo pure-pw useradd joe -u ftpuser -d /home/ftpusers/$USER

If you wish to create a admin user with full server access omit the -d /home/ftpusers/$USER parameter.

Create a user database

sudo pure-pw mkdb

Create symbolic links between the respective files. Use following commands to create a symbolic links.

sudo ln -s /etc/pure-ftpd/pureftpd.passwd /etc/pureftpd.passwd

sudo ln -s /etc/pure-ftpd/pureftpd.pdb /etc/pureftpd.pdb

sudo ln -s /etc/pure-ftpd/conf/PureDB /etc/pure-ftpd/auth/PureDB

Configure Pure-FTPd:

• Disable UNIX authentication

root@ec2-user:~# echo no > /etc/pure-ftpd/conf/UnixAuthentication

• Run as a daemon

root@ec2-user:~# echo "yes" > /etc/pure-ftpd/conf/Daemonize

• Prohibit Anonymous

root@ec2-user:~# echo "yes" > /etc/pure-ftpd/conf/NoAnonymous

• Enable chroot

root@ec2-user:~# echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone

• Only IPV4

root@ec2-user:~# echo "yes" > /etc/pure-ftpd/conf/IPV4Only

All this configuration is for normal FTP server below are some configuration specific for Amazon EC2 Server

• Enable Passive mode

root@ec2-user:~# echo "50000 50100" > /etc/pure-ftpd/conf/PassivePortRange

• Access to public IP

root@ec2-user:~# echo "public_ip" > /etc/pure-ftpd/conf/ForcePassiveIP

Here put your EC2 server Public IP. Enable port range 50000-50100 and 21 in your amazon security group.

• Restart Pure-FTPd

sudo /etc/init.d/pure-ftpd restart

And its done try to access your FTP account using your favorite FTP client ex Filezilla, gFTP.

Pure-FTPd commands:

Following are the parameters that you can use with pure-pw command. Look at Pure-FTPd documentation for list of options use pure-pw –help

-d <home directory> : chroot user (recommended)
-D <home directory> : don't chroot user
-z <time> : To allow access only between given time period
-y <max number of concurrent sessions>
-r <allow client ip>/<mask>
-R <deny client ip>/<mask>
-m : also update the /etc/pure-ftpd/pureftpd.pdb database

• Update an existing User

sudo pure-pw usermod $user $options -m

• Remove an existing User

sudo pure-pw userdel $USER -m

• List out all Users 

sudo pure-pw list

• Update the User/Password Database Manually

In case you forget -m option update the User/Password Database manually

sudo pure-pw mkdb

• View Server Activity

sudo pure-ftpwho

2. ECONNREFUSED - Connection refused by server error

關閉防火牆：ufw disable

設置iptable：iptables -A INPUT -p tcp --dport 21 -j ACCEPT

iptables -A INPUT -p tcp --dport 20 -j ACCEPT

iptables -A INPUT -p tcp --dport 50000：50100 -j ACCEPT

    仍是連不上。最後參考：http://adamschepis.com/blog/2011/02/23/pure-ftpd-passive-ftp-on-amazon-ec2/

     移除 ForcePassiveIP 127.0.0.1 參數，或者將其改成虛擬服務器的公網IP

      問題解決

注：雲服務器若是有防火牆的話也要打開相關的端口

3. 修改用戶工做目錄

 pure-pw usermod riboud -u ftpuser -D /.