Novell Home

Installing Pure-FTPd on SLES 10

Novell Cool Solutions: Feature
By Dave Simons

Digg This - Slashdot This

Posted: 14 Dec 2006
 

The FTP server that Novell recommends in the CLP certification is Pure-FTPd, reason enough to explain how to install and setup this ftp server.

First of all note that the Default installed pure-ftpd version is 1.0.20. To check this, open Yast from the main menu. Click "Software Management". In the Search field enter "FTP" . In the right table you will find that pure-ftpd in installed and the version is 1.0.20

There are a couple of configurations you can use for pure-ftpd.

Anonymous login

First I will explain how to use pure-ftpd as an anonymous ftp server.

Check that pure-ftpd is running. To do this, open a terminal window while you are logged in as user "Root", cd to /etc/init.d and then enter ./pure-ftpd status

If the above screen is shown, your FTP server is running.

If you see the message "unused" after you entered ./pure-ftpd status, the ftp server is NOT running. To get it started, enter: "./pure-ftpd start" and you will see the results as the picture below.

The pure-ftp deamon now uses the default /etc/pure-ftpd/pure-ftpd.conf configuration file with allows anonymous login.

Pure-ftpd and Virtual Users

With pure-ftpd you can use virtual users. This is a very nice function because you can let users use the FTP function of your server without the need to create a local user account on the server for these users. Let me explain how to configure and enable the virtual users in pure-ftpd.

There a couple of things you need to do.

First you have to edit the configuration file "/etc/pure-ftpd/pure-ftpd.conf". Find the below entries then give the same parameter:

AnonymousOnly     no;    This will allow virtual user login
NoAnonymous    yes;    This will disallow anonymous login
PureDB    /etc/pure-ftpd/pureftpd.pdb;    The virtual user database file
CreateHomeDir    yes;    This creates the virtual user home directory when the user logs in the first time

After you make the changes in the configuration file, you must restart the ftp server to make these changes active. This can be done by giving the "rcpure-ftpd restart" command.

Notice that the pure-ftpd is stopped and started.

Now that the configuration file is ready to accept virtual users we can go on to the next step.

We need to create a system user and system group that will be used to give rights to all of the virtual users. These are the only accounts we need to create "physically" on the system.

To create a user and group, open a terminal window with the Root user.

Create a user called "ftpuser" and a group called "ftpgroup".

Enter in the console:

groupadd ftpgroup

useradd -g ftpgroup -s /usr/bin/false -d /srv/ftp/ ftpuser

With -g you say that the user is a member of the group "ftpgroup"

With -s you give the Name of the user's login shell. I give a false path so the user is not able to login locally on the server

With -d you give the user a Home Directory, in my case this is /srv/ftp.

Now we have to make sure that the "ftpuser" and "ftpgroup" have the proper rights to the /srv/ftp directory. To do this, I will make them owner of the /srv/ftp directory.

Enter the following in the terminal window:

"chown -R ftpuser:ftpgroup /srv/ftp"

With the -R option you tell the chown command that you also would like to change the ownership of all the file's and directory's beneath the given directory (/srv/ftp).

Now that you have created the ftpuser, ftpgroup, and you have set the rights, it's time to actually create the virtual users that will be used to log in to the FTP server.

Because you are going to create pure-ftpd virtual users, you can't create them with the normal "useradd" command. This would create a system account for you. To create a virtual pure-ftpd user you have to use the "pure-pw" command.

So lets create a virtual ftp user called "sddu":

pure-pw useradd sddu -u ftpuser -d /srv/ftp/sddu

You will be asked to enter a password twice.

All of the virtual users that you create will be stored in the virtual user database file called /etc/pure-ftpd/pureftpd.pdb.

To create or update this file/database you have to give the "pure-pw mkdb" command.

Every time you create or change a user you will have to give this command to update the virtual user database file!!!

Now it's time to test and you will see that you can login with user "sddu". Notice that the Home Directory is automatically created in the /srv/ftp directory.

Because the user you just created is a virtual user, you can't see him in the user management tool from Yast. To see all of the virtual pure-ftpd users, enter "pure-pw list" in the terminal window.

This will bring up a list of all of the virtual users that you have created.

To see the properties of a virtual user enter:

pure-pw show <username>

This will bring up a screen with the properties of the user.

PAM authentication

Pure-ftpd also allows a local system user to login to the ftp server. This is not allowed by default so we have to configure a few things.

First of all, make sure you have a local system account with a home directory.

Then you have to configure the pure-ftpd server to allow local system users to login. This is done by editing the /etc/pure-ftpd/ pure-ftpd.conf file.

Open the file and look for the entry

"PAMAuthentication"

Make sure it has been given the Yes parameter.

If you changed it to Yes, save the file and restart the ftp server by entering:

"rcpure-ftpd restart"

The ftp server will restart and the local system users are now able to login.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell