Help with proftp config

zuessh · 12-16-2002, 09:06 AM

I need to set up proftp with the following config:

no anonymous access
only allow several users ftp access
users only can access home dir

I looked at the example configs on proftp web site but was unable to put it all together. If anyone has a sample config or can easily explain it would be greatly appreciated.

int · 12-21-2002, 07:53 PM

in in the same boat... i have got it up and running but not sure how to configure proftpd.

will post if i find an "easy" config

MasterC · 12-21-2002, 08:06 PM

As far as anonymous ftp disallowing it's as simple as adding:
ftp
to /etc/ftpusers

That's 1 down, 2 to go:
allowing only several users ftp access, there is a line in /etc/proftpd.conf that says "maximum users" or something like that, edit to your desired #. The other thing with this is that you setup the accounts for these "users" to login to your system, so you could keep a pretty good tally on them with just that ability.

that's 2, 3 is a little easier:
add this to your /etc/proftpd.conf file (I put mine in the beginning):
DefaultRoot ~

Here's an example of mine (although I do use anonymous ftp, there might be something else beneficial in it):

Code:

# This is a basic ProFTPD configuration file.
# It establishes a single server and a single anonymous login.
# It assumes that you have a user/group "nobody" and "ftp"
# for normal/anonymous operation.

#ServerName "ProFTP MasterC Style"
#ServerType standalone
ServerType inetd
DefaultServer on
DefaultRoot ~

# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30

# Set the user and group that the server normally runs at.
User nobody
Group nogroup

# This next option is required for NIS or NIS+ to work properly:
#PersistentPasswd off

SystemLog /var/log/proftpd.log
TransferLog /var/log/xferlog

# Normally, we want files to be overwriteable.
<Directory /*>
AllowOverwrite on
</Directory>

# A basic anonymous FTP server configuration.
# To enable this, remove the user ftp from /etc/ftpusers.
<Anonymous ~ftp>
RequireValidShell off
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp

# Limit the maximum number of anonymous logins
MaxClients 50

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>

# An upload directory that allows storing files but not retrieving
# or creating directories.
# <Directory incoming/*>
# <Limit READ>
# DenyAll
# </Limit>
#
# <Limit STOR>
# AllowAll
# </Limit>
# </Directory>

</Anonymous>

Cool

int · 01-10-2003, 01:03 PM

very helpful information will give it a try when i get out of class

thx again