pureftpd

a ftp deamon

As usual, this documentation is severly tersified, see the pure-ftpd website

Virtual Users

List of users, password, , etc. stores individual quotas, ratios, bandwidth, etc.

Create an ftpgroup group and an ftpuser user.

groupadd ftpgroup
useradd -g ftpgroup -d /dev/null -s /etc ftpuser
Maintenance virtual users with pure-pw

Only uname, password, uid, gid & home directory are required.

CREATING A NEW USER

To add a new user, use the following syntax:
pure-pw useradd uname -D|-d home directory -u uid [-g gid]
[-c gecos] [-t download bandwidth] [-T upload bandwidth]
[-n max number of files] [-N max Mbytes]
[-q upload ratio] [-Q download ratio]
[-r allow client host/mask][,allow client host/mask]]...] [-R deny client host/mask][,deny client host/mask]]...]
[-i allow local host/mask][,allow client host/mask]]...] [-I deny local host/mask][,deny local host/mask]]...]
[-y max number of concurrent sessions] [-z hhmm-hhmm]
[-f passwd file]
[-m]
Example: create joe, home directory /home/ftpusers/joe, system account associated is ftpusers.
pure-pw useradd joe -u ftpuser -d /home/ftpusers/joe
-m run mkdb on exit
-d dir user is chrooted.
-D diruser can access the whole filesystem,
--createhome home directories are created when users login
-z hhmm-hhmmallow connect only during time.
A user that connected during authorized hours continues
-r
-R
restrict where the user can connect from.
  • IP/mask pair (-r 192.168.1.0/24),
  • multiple pairs separated by a coma (-r 192.168.1.0/24,10.1.0.0/16,127.0.0.1/32),
  • single IPs (-r 192.168.1.4,10.1.1.5),
  • host names (-r bla.bla.net,yopcitron.com), or any
combination of those.
-y restrict the number of concurrent sessions . '' or 0 for unlimited. Avoid this feature on very loaded servers. Use per-ip<.code> limits instead.
-f fidDefault, /etc/pureftpd.passwd

Displaying info

pure-pw show uname [-f passwdfile] example:
Login              : joe
Password           : 6GMHJRyUdSRwNROunwtRbEDHlx5t3eNQew7bb1dz29K2
UID                : 500 (ftpuser)
GID                : 101 (ftpgroup)
Directory          : /home/ftpusers/joe/./
Full name          : 
Download bandwidth : 0 Kb (unlimited)
Upload   bandwidth : 0 Kb (unlimited)
Max files          : 1000 (enabled)
Max size           : 10 Mb (enabled)
Ratio              : 0:0 (unlimited:unlimited)
Allowed local  IPs : 
Denied  local  IPs : 
Allowed client IPs : 192.168.0.0/16
Denied  client IPs : 192.168.1.1,blah.verybadhost.com
Time restrictions  : 0900-1800 (enabled)
Max sim sessions   : 0 (unlimited)

/./ at the end of a home directory means that this user will be chrooted.

Changing info

pure-pw usermod

Example: Add a quota to Joe. limited to 1000 files and 10 Megabytes.

pure-pw usermod joe -n 1000 -N 10

Resetting attributes

Disabling with pure-pw usermod username:
run mkdb on exit-m
file quotas -n ''
size quotas -N ''
ratios -q '' -Q ''
download bandwidth throttling -t ''
upload bandwidth throttling -T ''
IP filtering -i,-I,-r or -R ''
time restrictions -z ''
number of concurrent sessions -y ''

Deleting users

pure-pw userdel login [-f passwd file] [-m]
The content of home directory is kept.

Changing passwords

pure-pw passwd uname [-f passwd file] [-m]

Committing changes

Convert /etc/pureftpd.passwd to /etc/pureftpd.pdb pure-pw mkdb
It is not necessary to restart the pure-ftpd server.

Enabling virtual users

At compile-time, --with-puredb to ./configure (--with-everything also enables it and binary packages have it compiled in) .

add this switch to pure-ftpd switches: --login puredb:/path/to/puredb_file

Run the server with automatic creation of home directories and puredb authentication:

/usr/local/sbin/pure-ftpd -j --login puredb:/etc/pureftpd.pdb & # in background

converting system accounts

Convert all system (/etc/passwd) accounts to virtual FTP users, with the "pure-pwconvert" tool. pure-pwconvert >> /etc/pureftpd.passwd

Execute as root to include passwords.

Environnement variables

$PURE_PASSWDFILE path, default /etc/pureftpd.passwd
$PURE_DBFILE path, default /etc/pureftpd.pdb

Install libsodium (http://doc.libsodium.org) before compiling Pure-FTPd.

One line per user.

account:password:uid:gid:gecos:home directory:upload bandwidth:download bandwidth:upload ratio:download ratio:max number of connections:files quota:size quota:authorized local IPs:refused local IPs:authorized client IPs:refused client IPs:time restrictions

pureftpd Documentaion