安裝 Pure-ftpd
yum 安裝
yum -y install pure-ftpd
修改配置文件
vim /etc/pure-ftpd/pure-ftpd.conf
ChrootEveryone yes BrokenClientsCompatibility no MaxClientsNumber 50 Daemonize yes MaxClientsPerIP 8 VerboseLog no DisplayDotFiles yes AnonymousOnly no NoAnonymous no SyslogFacility ftp DontResolve yes MaxIdleTime 15 PureDB /etc/pure-ftpd/pureftpd.pdb PAMAuthentication yes LimitRecursion 10000 8 AnonymousCanCreateDirs no MaxLoad 4 AntiWarez yes Umask 133:022 MinUID 1000 AllowUserFXP no AllowAnonymousFXP no ProhibitDotFilesWrite no ProhibitDotFilesRead no AutoRename no AnonymousCantUpload yes AltLog clf:/var/log/pureftpd.log PIDFile /var/run/pure-ftpd.pid MaxDiskUsage 99 CustomerProof yes
創建系統用戶
useradd www
更改所屬主和所屬組:
chown -R www:www /data/www/wordpress
創建ftp用戶
pure-pw useradd user005 -u www -d /data/www/wordpress
此時會出現爲該ftp新用戶創建密碼的提示:
pure-pw useradd user005 -u www -d /data/www/wordpress Password: Enter it again:
-u選項將虛擬用戶user005與系統用戶www關聯在一起,即使用user005賬號登錄FTP後,會以www的身份來讀取和下載文件。
-d選項後面的目錄爲user005賬戶的家目錄,這樣可以使user005只能訪問其家目錄/data/www/wordpress
創建用戶信息數據庫文件:
pure-pw mkdb
查看用戶列表:
pure-pw list
pure-pw list user005 /data/www/wordpress/./
啓動pure-ftpd/添加開機啓動
systemctl start pure-ftpd systemctl enable pure-ftpd
測試連接
ftp 127.0.0.1
[root@localhost pure-ftpd]# ftp 127.0.0.1 Connected to 127.0.0.1 (127.0.0.1). 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 20:45. Server port: 21. 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. Name (127.0.0.1:root): user005 331 User user005 OK. Password required Password: 230 OK. Current directory is / Remote system type is UNIX. Using binary mode to transfer files. ftp>
登錄成功
添加新的ftp用戶
pure-pw useradd user006 -u www -d /data/www/wordpress
pure-pw useradd user006 -u www -d /data/www/wordpress 輸入密碼 Password: Enter it again:
創建新的ftp用戶之後,需要重新生成用戶數據庫文件,新的賬戶才能登錄。
pure-pw mkdb
刪除賬號的命令爲:
pure-pw userdel user006
修改ftp用戶的密碼
pure-pw passwd user006 #修改密碼 Password: Enter it again:
pure-pw mkdb #重新生成數據庫文件
修改用戶的上傳路徑
pure-pw usermod user006 -d /data/www/web pure-pw mkdb
pure-pw show user006 #查看用戶信息
[root@localhost ~]# pure-pw show user006 Login : user006 Password : $6$1eHOVB9O/aDbkn30$/ftGMK2dBTHlk.uqYoEYRZ6T.DKobaXjPTshLIMgpCdVbBSEBWpvOHtGxsLRRfFexiGse7tSdCiUlBl3wlPOF. UID : 1001 (www) GID : 1001 (www) Directory : /data/www/web/./ Full name : Download bandwidth : 0 Kb (unlimited) Upload bandwidth : 0 Kb (unlimited) Max files : 0 (unlimited) Max size : 0 Mb (unlimited) Ratio : 0:0 (unlimited:unlimited) Allowed local IPs : Denied local IPs : Allowed client IPs : Denied client IPs : Time restrictions : 0000-0000 (unlimited) Max sim sessions : 0 (unlimited)
調整pure-ftpd日誌文件的路徑,默認把日誌寫在/var/log/messages
~這個按需求,一般不用調整~
修改/etc/rsyslog.conf
在這行的cron.none後面添加 ;ftp.none 使ftp的日誌信息成私有,(我這裏直接註釋,新加一行。)
vim /etc/rsyslog.conf
... #*.info;mail.none;authpriv.none;cron.none /var/log/messages *.info;mail.none;authpriv.none;cron.none;ftp.none /var/log/messages ftp.* -/var/log/pureftpd.log #pure-ftpd的日誌輸出文件 ...
注意: 不要去掉/var前面的-號,否則日誌會在/var/log/messages與/var/log/pureftpd.log裏各記錄一份。
重啓rsyslog生效
systemctl restart rsyslog.service
修改主端口
vim /etc/pure-ftpd/pure-ftpd.conf
#Bind 127.0.0.1,21 修改爲 Bind 0.0.0.0,8121
端口修改爲8121
重啓pure-ftpd
systemctl restart pure-ftpd
PureFTP被動端口設置
vim /etc/pure-ftpd/pure-ftpd.conf
# PassivePortRange 30000 50000 修改爲 PassivePortRange 30000 50000 把前面的#刪除