ubuntu服务器安装proftpd ftp服务器的详细过程

这篇文章主要讲解了“ubuntu服务器安装proftpd ftp服务器的详细过程”，文中的讲解内容简单清晰，易于学习与理解，下面请大家跟着小编的思路慢慢深入，一起来研究和学习“ubuntu服务器安装proftpd ftp服务器的详细过程”吧！

一、安装

代码如下:

sudo apt-get install proftpd

安装过程中会让选择运行模式：Standalone和Inetd，前者是单一服务器模式，后者是超级服务器模式，
我选的Standalone。

二、配置

代码如下:

sudo vim /etc/shells

加入如下代码

代码如下:

/bin/false

新建用户ftpuser1和用户组ftp并设置密码，此用户不需要有效的shell(更安全)，所以选择/bin/false
给fptuser1

代码如下:

sudo groupadd ftp
sudo useradd ftpuser1 -p pass -g ftp -d /home/ftp -s /bin/false

在/home/ftp目录下新建upload和download目录并修改权限

代码如下:

cd /home/ftp
sudo mkdir download
sudo mkdir upload
cd /home
sudo chmod 755 ftp
cd /home/ftp
sudo chmod 755 download
sudo chmod 777 upload

三、修改proftpd核心配置文件proftpd.conf

代码如下:

sudo vim /etc/proftpd/proftpd.conf
#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#
# Includes DSO modules
Include /etc/proftpd/modules.conf
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6    off    # 我们不需要IPv6，所以off
ServerName   "xiaoyigeng's FTP Server"    # 修改服务器名
ServerType   standalone    # 服务器运行模式，这里填standalone，也可以选
inetd
DeferWelcome   on    # 用户登陆时是否显示欢迎信息
MultilineRFC2228  on
DefaultServer   on
ShowSymlinks   on
TimeoutNoTransfer  600
TimeoutStalled   600    # 可以降到100
TimeoutIdle   1200    # 发呆超时
DisplayLogin                    welcome.msg    # 如果上边DeferWelcom设置成on，则显示
welcome.msg中的内容
DisplayFirstChdir               .message    # 更改目录时显示的内容
ListOptions                 "-l"
DenyFilter   \*.*/
# Use this to jail all users in their homes
DefaultRoot /home/ftp    # ftp用户被限制在这个目录中
# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell  off    # 匿名用户要选on
# Port 21 is the standard FTP port.
Port    21    # 服务运行的端口
# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts                  49152 65534    # PASV模式下用到的端口
# If your host was NATted, this option is useful in order to
# allow passive tranfers to work. You have to use your public
# address and opening the passive ports used on your firewall as well.
# MasqueradeAddress  1.2.3.4
# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances   30
# Set the user and group that the server normally runs at.
User    nobody    # 服务器运行在nobody用户下
Group    nobody    # 服务器运行在nobody组下
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask    022  022    # 默认新建文件的权限
# Normally, we want files to be overwriteable.
AllowOverwrite   on    # 文件可以被覆盖
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd  off
# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
#
# UseSendFile   off
# Choose a SQL backend among MySQL or PostgreSQL.
# Both modules are loaded in default configuration, so you have to specify the backend
# or comment out the unused module in /etc/proftpd/modules.conf.
# Use 'mysql' or 'postgres' as possible values.
#
#<IfModule mod_sql.c>
# SQLBackend   mysql
#</IfModule>
TransferLog /var/log/proftpd/xferlog    # 传送文件日志
SystemLog   /var/log/proftpd/proftpd.log    # 系统运行日志
<IfModule mod_tls.c>
TLSEngine off
</IfModule>
<IfModule mod_quota.c>
QuotaEngine on
</IfModule>
<IfModule mod_ratio.c>
Ratios on
</IfModule></p> <p># Delay engine reduces impact of the so-called Timing Attack described in
# <a href="http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02">http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02</a>
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine        on
ControlsMaxClients    2
ControlsLog           /var/log/proftpd/controls.log
ControlsInterval      5
ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>
# A basic anonymous configuration, no upload directories.
# <Anonymous ~ftp>
#   User    ftp
#   Group    nogroup
#   # We want clients to be able to login with "anonymous" as well as "ftp"
#   UserAlias   anonymous ftp
#   # Cosmetic changes, all files belongs to ftp user
#   DirFakeUser on ftp
#   DirFakeGroup on ftp
#
#   RequireValidShell  off
#
#   # Limit the maximum number of anonymous logins
#   MaxClients   10
#
#   # We want 'welcome.msg' displayed at login, and '.message' displayed
#   # in each newly chdired directory.
#   DisplayLogin   welcome.msg
#   DisplayFirstChdir  .message
#
#   # Limit WRITE everywhere in the anonymous chroot
#   <Directory *>
#     <Limit WRITE>
#       DenyAll
#     </Limit>
#   </Directory>
#
#   # Uncomment this if you're brave.
#   # <Directory incoming>
#   #   # Umask 022 is a good standard umask to prevent new files and dirs
#   #   # (second parm) from being group and world writable.
#   #   Umask    022  022
#   #            <Limit READ WRITE>
#   #            DenyAll
#   #            </Limit>
#   #            <Limit STOR>
#   #            AllowAll
#   #            </Limit>
#   # </Directory>
#
# </Anonymous>
# Valid Logins    # 以下部分为设置用户权限部分
<Limit LOGIN>
 AllowUser ftpuser1
 DenyAll
</Limit>
<Directory /home/ftp>
 Umask 022 022
 AllowOverwrite off
 <Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
   DenyAll
 </Limit>
</Directory>
<Directory /home/ftp/download/>
 Umask 022 022
 AllowOverwrite off
 <Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
   DenyAll
 </Limit>
</Directory>
<Directory /home/ftp/upload/>
 Umask 022 022
 AllowOverwrite on
 <Limit READ RMD DELE>
   DenyAll
 </Limit>
 <Limit STOR CWD MKD>
   AllowAll
 </Limit>
</Directory>

四、启动、停止、重启服务器

代码如下:

sudo /etc/init.d/proftpd start
sudo /etc/init.d/proftpd stop
sudo /etc/init.d/proftpd restart

五、维护

可以到/var/log/proftpd目录查看日志

查看ftp服务器负载命令 ftptop
查看什么认登陆服务器 ftpwho

PS:proftpd中Limit的使用介绍

我们用到的比较多的可能是Limit的使用，Limit大致有以下动作，基本能覆盖全部的权限了。

CMD：Change Working Directory 改变目录
MKD：MaKe Directory 建立目录的权限
RNFR： ReName FRom 更改目录名的权限
DELE：DELEte 删除文件的权限
RMD：ReMove Directory 删除目录的权限
RETR：RETRieve 从服务端下载到客户端的权限
STOR：STORe 从客户端上传到服务端的权限
READ：可读的权限，不包括列目录的权限，相当于RETR，STAT等
WRITE：写文件或者目录的权限，包括MKD和RMD
DIRS：是否允许列目录，相当于LIST，NLST等权限，还是比较实用的
ALL：所有权限
LOGIN：是否允许登陆的权限
针对上面这个Limit所应用的对象，又包括以下范围
AllowUser 针对某个用户允许的Limit
DenyUser 针对某个用户禁止的Limit
AllowGroup 针对某个用户组允许的Limit
DenyGroup 针对某个用户组禁止的Limit
AllowAll 针对所有用户组允许的Limit
DenyAll 针对所有用户禁止的Limit

关于限制速率的参数为：
TransferRate STOR|RETR 速度（Kbytes/s） user 使用者

感谢各位的阅读，以上就是“ubuntu服务器安装proftpd ftp服务器的详细过程”的内容了，经过本文的学习后，相信大家对ubuntu服务器安装proftpd ftp服务器的详细过程这一问题有了更深刻的体会，具体使用情况还需要大家实践验证。这里是亿速云，小编将为大家推送更多相关知识点的文章，欢迎关注！