配置 ProFTPD (超全)

运维 系统运维
ProFTPD是一个Unix平台、或Unix类(如Linux, FreeBSD等)FTP服务器程序,它是在自由软件基金会版权声明下开发、发布的免费软件,即任何只要遵守自由软件基金会版权声明的人,都可以修改源始码。我带大家看看如何配置ProFTPD

写下自己在配置 Proftpd的一些相关东西,希望能够和大家分享:

  配置 ProFTPD

  然后,通过修改相应配置文件配置ProFTPD。

  [root@sample ~]# vi /etc/proftpd.conf  ← 修改ProFTPD的配置文件

  ServerType        standalone   ← 找到这一行,在行首添加“#”

  ↓

  #ServerType        standalone   ← 变为此状态,不使用常驻模式

  #ServerType       inetd   ← 找到这一行,去掉行首的“#”

  ↓

  ServerType       inetd   ← 变为此状态,通过超级服务器来启动ProFTPD

  DefaultRoot        ~ !adm   ← 找到这一行,将“ !adm”改为“/public_html !wheel”

  ↓

  DefaultRoot        ~/public_html !wheel   ← 变为此状态,使除wheel组用户的根目录为public_html

  找到TLS设置的语句群,如下:

  # TLS

  # Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html

  ----------------------------------------------------------------

  #TLSEngine         on

  #TLSRequired        on

  #TLSRSACertificateFile   /usr/share/ssl/certs/proftpd.pem

  #TLSRSACertificateKeyFile /usr/share/ssl/certs/proftpd.pem

  #TLSCipherSuite      ALL:!ADH:!DES

  #TLSOptions        NoCertRequest

  #TLSVerifyClient       off

  ##TLSRenegotiate     ctrl 3600 data 512000 required off timeout 300

  #TLSLog           /var/log/proftpd/tls.log

  ----------------------------------------------------------------

  ↓将以上水平线间部分的语句,每行行首的“#”都去掉,变为下面水平线间的状态:

  ----------------------------------------------------------------

  TLSEngine          on

  TLSRequired         on  ← 只允许TLS方式的连接(如果将on改为off,普通方式也被允许)

  TLSRSACertificateFile    /usr/share/ssl/certs/proftpd.pem

  TLSRSACertificateKeyFile  /usr/share/ssl/certs/proftpd.pem

  TLSCipherSuite       ALL:!ADH:!DES

  TLSOptions         NoCertRequest

  TLSVerifyClient       off

  #TLSRenegotiate      ctrl 3600 data 512000 required off timeout 300

  TLSLog            /var/log/proftpd/tls.log

  ----------------------------------------------------------------

  然后在配置文件的末尾填如下几行:

  ExtendedLog        /var/log/proftpd/access.log WRITE,READ default  ← 记录连接日志到相应日志文件

  ExtendedLog        /var/log/proftpd/auth.log AUTH auth  ← 记录认证日志到相应日志文件

  MasqueradeAddress    digeast.no-ip.info  ← 定义服务器域名

  PassivePorts        50000 50030  ← 为PASV模式连接时指定端口号(1024以后存在的任意端口号)

  然后,为服务器建立证书。

  [root@sample ~]# cd /usr/share/ssl/certs  ← 进入相应的目录

  [root@sample certs]# make proftpd.pem  ← 建立服务器证书

  umask 77 ; \

  PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \

  PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \

  /usr/bin/openssl req -newkey rsa:1024 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 ; \

  cat $PEM1 > proftpd.pem ; \

  echo "" >> proftpd.pem ; \

  cat $PEM2 >> proftpd.pem ; \

  rm -f $PEM1 $PEM2

  Generating a 1024 bit RSA private key

  .........++++++

  ............++++++

  writing new private key to '/tmp/openssl.sG3126'

  -----

  You are about to be asked to enter information that will be incorporated

  into your certificate request.

  What you are about to enter is what is called a Distinguished Name or a DN.

  There are quite a few fields but you can leave some blank

  For some fields there will be a default value,

  If you enter '.', the field will be left blank.

  -----

  Country Name (2 letter code) [GB]:CN  ← 输入国家简写

  State or Province Name (full name) [Berkshire]:Hei Long Jiang  ← 输入省份

  Locality Name (eg, city) [Newbury]:Harbin  ← 输入城市

  Organization Name (eg, company) [My Company Ltd]:www.centospub.com  ← 输入组织名(任意)

  Organizational Unit Name (eg, section) []:  ← 直接回车跳过

  Common Name (eg, your name or your server's hostname) []:www.centospub.com   ← FTP服务器名反馈

  Email Address []:yourname@yourserver.com  ← 输入E-mail地址

通过文章的详细的说明,我相信大家都知道如何配置自己的ProFTPD,希望对你们有所帮助!

【编辑推荐】

责任编辑:赵鹏 来源: 网络转载
相关推荐

2011-03-07 17:24:33

ProFTPD安装

2011-03-07 17:25:33

ProFTPD启动

2011-02-22 10:55:13

ProFTPd服务器配置

2011-03-03 13:00:21

2011-02-24 13:15:59

2011-02-22 10:08:46

ProFTPD配置

2011-02-23 11:15:21

DebianProFTPd

2011-02-22 14:50:53

ProFTPD

2011-02-23 10:43:17

2011-02-24 14:47:48

ProFTPD

2011-03-08 17:04:10

ProFTPDUbuntu

2011-02-22 16:24:30

2011-02-25 16:39:34

proftpd配置文件

2011-03-03 10:49:37

Linux配置Proftpd

2011-02-25 10:10:41

Proftpd

2011-03-08 16:30:40

Proftpd

2011-02-25 12:30:01

ProFtpd配置

2011-02-25 13:41:59

Proftpdanonymous

2011-03-03 13:16:32

Proftpd配置文件

2011-03-03 10:06:13

ProftpdMysqlQuota
点赞
收藏

51CTO技术栈公众号