Torqzone

Abstract

This article will explain how to install and configure pure-ftpd server on openSuSE linux. We will configure it to use virtual users through pure-ftpd’s own database. This article will also explain how to setup pure-ftpd with MySQL based authentication.

Installation

Log in to your box and open up YaST (yast2). Then navigate to Software Management:

There search for pure-ftpd (you may even enter exactly like this). Agree to install it. This will install all the configuration files and init scripts needed for pure-ftpd to run. At this point, if you do not have mysql-server package installed, please do so, as it will be needed in the last section of this tutorial, explaining how to configure pure-ftpd with MySQL.

Configuration

By default pure-ftpd uses PAM authentication, which is great for personal use, but not generally recommended, as it is bad to use your account passwords as FTP passwords, because they are sent in clear text to the server.

So what we need to do now is go to /etc/pure-ftpd/pure-ftpd.conf and change the following lines for the server to work properly:

• AnonymousOnly must be set to no, else you will not be able to log in
• NoAnynymous should be set to yes, otherwise you will have a public ftp
• PAMAuthentication should be set to no (it is on by default)

PureDB should be un-commented and pointing to the location on the screenshot below:

I would also advise to change the Umask to 137:027 for simpler security and set AutoRename to no, otherwise if you upload a file with the same name it will not be overwritten, but given a different name (which is not what most people expect). Also NoRename should be set to no, else you will not be able to rename the files, which is also not convenient. Ok, now save and close the file. You can start the server now with /etc/init.d/pure-ftpd start

Adding a User

Users are now added with the pure-pw utility. If you just type pure-pw you will see how powerful this tool really is. Right now I will only go over the basics of user creation.

First you need to find out which system user needs to use the ftp account. This is necessary for the ftp server to properly assign user permissions to the uploaded file, so for instance we have a system user tester, who belongs to the users group. To create an ftp account for this user we will use:

pure-pw useradd tester_ftp -u tester -g users -d /home/tester/public_html

this will ask you for the user password and then add the user. Obviously, as you can see it will point the ftp account to the public_html directory. There is also a number of options and restrictions you can apply to the user and you can see those in reply of the pure-pw utility.

After this step one needs to compile the database using pure-pw mkdb. This will create the pdb file needed by the server. No restart is necessary, which makes this a very clean approach to user adding.

Who is on my ftp server right now

Pure-ftpd provides many useful utilities, one of my favorites is the pure-ftpwho, which shows all logged in users and what they are doing. It can also export the list as xml, which is great for integration with other applications.

MySQL Based authentication

For this to work you need to perform several steps. First check that the MySQL server is installed and running. Try something like /etc/init.d/mysql status. If you see something other, than running you need to check what is the problem.  If it is running login to the database server as some user, who can create databases and users and type the following:

create database pureftpd;

grant all on pureftpd.* to pureftpd@localhost identified by ‘ftpdpassword’;

Replace the ftpdpassword with some password, which is more secure.

Then create the table, where users will be stored:

CREATE TABLE ftpd (
User varchar(16) NOT NULL default ”,
status enum(’0′,’1′) NOT NULL default ‘0′,
Password varchar(64) NOT NULL default ”,
Uid varchar(11) NOT NULL default ‘-1′,
Gid varchar(11) NOT NULL default ‘-1′,
Dir varchar(128) NOT NULL default ”,
ULBandwidth smallint(5) NOT NULL default ‘0′,
DLBandwidth smallint(5) NOT NULL default ‘0′,
comment tinytext NOT NULL,
ipaccess varchar(15) NOT NULL default ‘*’,
QuotaSize smallint(5) NOT NULL default ‘0′,
QuotaFiles int(11) NOT NULL default 0,
PRIMARY KEY (User),
UNIQUE KEY User (User)
) TYPE=MyISAM;

This database is basically a replica of what you have see while executing the pure-pw utility and it allows you to store all the information you can enter into the pure-db database.

Now, you need to tell pure-ftpd how to access the dabase. You need to create the

/etc/pure-ftpd/pureftpd-mysql.conf file and put the text there as follows:

Also, replace the password with the string you typed previously.

Now, open up the /etc/pure-ftpd/pure-ftpd.conf file and uncomment the MySQLConfigFile.  I would also recommend commenting out the PureDB line, as it could get confusing if you have users with the same name here and there.

Now, you can restart the server and enter users into the database table. The server will immediately pick them up, so no restart will be necessary.

Tags: mysql authentication, pure-ftpd, pure-pw, Virtual Hosting

This entry was posted on Saturday, December 29th, 2007 at 9:13 am and is filed under FTP Server, Virtual Hosting. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.