I am one of those who likes to innovate and learn new things, not long ago I had to install and configure an FTP server and I decided to do it differently than I always did.
In this case I opted for an FTP service with virtual users, users that will be stored in an encrypted file (user, password, settings, etc.), all with pure ftpd.
Here I will show you how to do it ... well, let's get started 😉
First of all, specify that the commands in this tutorial are intended for distros like Debian or based on them, however if someone uses another distro on their server they must install the same packages and use the settings set below, the only thing that needs to change is the install command.
1. First we must install Pure FTPd:
apt-get install pure-ftpd
The output will end something like this:
2. The service is already activated, but it is of no use to us if we have not configured it properly, let's put an extensive configuration file but it is almost standard, it contains the normal, establishing that anonymous users are not allowed, etc. etc.
cd /etc/pure-ftpd/ && wget http://ftp.desdelinux.net/pure-ftpd.conf
3. Well, suppose our FTP folder is / var / www / ftp / and we want to create a user that can upload information to the / var / www / ftp / sysadmin / folder, let's put the following in a terminal:
pure-pw useradd sysadmin -u 2001 -g 2001 -d /var/www/ftp/sysadmin/
This means the following:
pure-pw: Command used to manipulate Pure-FTPd users
useradd: We indicate that we will add a user
sysadmin: The user I want to create
-u 2001: UserID of that user
-g 2001: GroupID of that user
-d / var / www / ftp / sysadmin /: The folder that will be the home of that user, that is, where they will upload things
When you enter the previous line, it will ask you the password of that user.
4. Now they must refresh the user database file, for this we enter the folder / etc / pure-ftpd / (cd / etc / pure-ftpd) and put in the terminal:
pure-pw mkdb
5. Now we must start Pure-FTPd but indicating that we will use the virtual users file, first let's stop the service:
/etc/init.d/pure-ftpd stop
Then we will make sure that it will not start by default normally:
chmod -x /etc/init.d/pure-ftpd
And now we start the service our way:
/usr/sbin/pure-ftpd -j -lpuredb:/etc/pure-ftpd/pureftpd.pdb
6. If they try using an application like Filezilla they will see that they can connect without problems with the created user, however they will not be able to copy anything or create directories, this is because the / var / www / ftp / sysadmin / folder (the user's home as per the example) does not have the appropriate permissions, it will be fixed with a:
chown -R 2001:2001 /var/www/ftp/sysadmin/
Remember, the Uid and Gid 2001 is the one of the user that we created, we created it with the command in the previous step 3 😉
7. To stop the service, just press [Ctrl] + [C] in the same terminal or do a:
killall pure-ftpd
Now we will indicate that the service will start automatically with the system when the server starts, for this we modify the /etc/rc.local file and before the last line that says "exit 0" we put the command with which we start the FTP service:
/usr/sbin/pure-ftpd -j -lpuredb:/etc/pure-ftpd/pureftpd.pdb
In other words, it would look like this:
You can edit the file with nano, vi or your preferred editor, or if you prefer, copy and paste this command that will make your work easier:
perl -pi -e "s[exit 0][/usr/sbin/pure-ftpd -j -lpuredb:/etc/pure-ftpd/pureftpd.pdb]g" /etc/rc.local && echo "exit 0" >> /etc/rc.local
... yes yes ... as you read, «facilitate», it is an extensive command yes, but it is simply to replace text with perl and a harmless echo 🙂
8. Once this is done, restart the server and you will see that the pure-ftpd service is started and ready to work 😀
How to delete users?
As I told you before, the command pure-pw is what we need to manipulate users, to delete a user (for example, sysadmin) let's put the following:
cd /etc/pure-ftpd/
pure-pw userdel sysadmin
pure-pw mkdb
Remember that whenever you make a change to any user, you must regenerate the virtual database file of the users, it is located in / etc / pure-ftpd / and it is generated / updated with pure-pw mkdb
Anyway friends I think there is not much more to add, invite you to read the help of pure-pw because it allows us much more than the ones I showed you here (this is just a short and almost basic tutorial).
One or two years ago I was one of those who linked everything to OpenLDAP or MySQL, but as time went by I realized that so many connections to databases that are servers as such generate a consumption that many times we cannot afford, For this reason, the use of completely viable alternatives such as using databases in the application's own files, as in this case of Pure-FTPd's .pdb 🙂
Any doubt or question I will try to help as much as I can.
Greetings and… happy hacking!
That that .. Documentation in case of errors 😀
And I'm already writing the post on how to install Nginx + MySQL + Spawn_FastCGI like I did in Justice, and thanks to that the blog works so well :)
I hope to have it ready for tomorrow or the day after tomorrow.
Good post; It's funny, recently I was struggling to put my ftp server I couldn't even with vsftpd and I went to pure-ftpd and what if I think I need it is to put an example of the clear conf the documentation is very good, but at least the basics . Encryption, or at least the forwading port in case router is used.
By the way with this command pure-ftpwho lets you know who is connected to the server, and if something is downloading;).
And according to you, putting a database to connect to the server is not so necessary.
Thanks for the comment 🙂
Yes indeed, I did not explain many things (all in fact) in the configuration, it is that I assumed that someone who knows how to manage a server, who wants to install an FTP service, that someone would not have major problems reading the comments of the conf file ^ - ^
Greetings and again, thanks for the comment
Hello Very good post, I use (or at least for now) vsftpd but I have some problems with it, and I wanted to see if I happened to this, do you have any url or doc to see how its configuration is?
Thanks a lot };)
You can see the configuration here: http://ftp.desdelinux.net/pure-ftpd.conf
Any questions or if you need something open a thread in the forum that we will gladly help you 🙂
Very good 😀
Just a little thing, the perl command is missing the ^ symbol, so it doesn't change the other exit 0 that is in the comments:
perl -pi -e "s[^exit 0][/usr/sbin/pure-ftpd -j -lpuredb:/etc/pure-ftpd/pureftpd.pdb]g" rc.local && echo "exit 0" >> rc.localregards
Excellent, I just have a question, how can I create a read-only user? I use Centos 6.5, pureftpd, ispconfig and graphics mode.
I use ispconfig only for ftp
greetings and thanks
This way of installing pureftp is an ASCO 🙂 you leave the service running as root, create a virtual user and then change the permissions on the filesystem, and ufff a long etc. The way the package is installed is ready to use, there is no need to do all these steps
You are invited to publish a less "disgusting" guide .. 😉
What do you propose? Put the ftp server to listen on a port> 1024? If the ftp server is listening on its standard port: 22 it must be run as root unless you modify the kernel's capabilities, if what you want is to improve security use a MAC framework with SELinux another variant would be to jail / chroot the server ftp.
The link for the pure-ftpd.conf is down or does not exist. Can you restore it?
Thank you
2 years later the link for the pure-ftpd.conf file is still down 🙁