AdminSysGNULinux

Outils pour utilisateurs

Outils du site

Piste : todo-mutt notes_cri_runtimes_-_container_runtime_interface envoyer_un_message_a_un_poste_gnu_linux notes_pki notes_icones cluster_pacemaker_et_corosync notes_arm_soc postgres_-_se_connecter_a_une_socket notes_ftp_proftpd
tech:notes_ftp_proftpd

Table des matières

, ,

Notes FTP ProFTPd

Voir aussi :

Debian 

apt-get install proftpd-basic

RedHat 

yum install proftpd proftpd-utils

RedHat

/etc/sysconfig/proftpd 

#PROFTPD_OPTIONS=""
PROFTPD_OPTIONS="-DTLS -DDYNAMIC_BAN_LISTS"

/etc/proftpd/proftpd.conf 

UseIPv6                         off
UseReverseDNS                   off
ServerType                      standalone
DefaultRoot                     ~

AuthPAM                         off
#AuthOrder                      mod_auth_pam.c* mod_auth_unix.c
AuthOrder                       mod_auth_file.c

FTPS passif

/etc/proftpd.conf 

MasqueradeAddress     55.128.131.215

# ServerName                    "ProFTPD server"
ServerName                    "ftp.acme.fr"

SystemLog /var/log/proftpd/proftpd.log
TransferLog /var/log/proftpd/xferlog

TLSRSACertificateFile               /etc/pki/tls/certs/wildcard.acme.fr.cer
TLSRSACertificateKeyFile            /etc/pki/tls/certs/wildcard.acme.fr.key

#   TLSOptions                  NoCertRequest                                                      
    TLSOptions                  NoCertRequest NoSessionReuseRequired

    PassivePorts 40000 40200

#   BanOnEvent                  MaxLoginAttempts 2/00:10:00 01:00:00                          
    BanOnEvent                  MaxLoginAttempts 5/00:10:00 01:00:00

/etc/shells 

/bin/false
ftpasswd --passwd --name=ftpuser --uid=$(id -u linuxuser) --gid=$(id -g linuxuser) --home=/home/ftp --shell=/bin/false --file=/etc/proftpd/ftpd.passwd
ftpasswd --group  --name=ftpuser --gid=$(id -g linuxuser) --file=/etc/proftpd/ftpd.group --member=ftpuser

/etc/proftpd/conf.d/plop.conf 

AuthUserFile /etc/proftpd/ftpd.passwd
AuthGroupFile /etc/proftpd/ftpd.group
UseFtpUsers on
 
<Directory />
  HideFiles (lost\+found|welcome\.msg|\.message|^\..*)
  <Limit ALL>
        IgnoreHidden            on
  </Limit>
</Directory>

Validate - check syntax 

#proftpd -td10
proftpd -td10 -c /etc/proftpd.conf

Lancer & activer le service 

systemctl start proftpd.service
systemctl enable proftpd.service

Autres Liste des modules 

proftpd -l
proftpd -V
proftpd -vv
proftpd -nd6

Test TLS/SSL 

openssl s_client -connect 192.0.2.10:21 -starttls ftp

Pb

Pb error: no valid servers configured

journalctl -xe
Aug 10 14:36:11 acme proftpd[1331]: Starting ftp server: proftpd2017-08-10 14:36:11,019 acme proftpd[1338]: warning: unable to determine IP address of 'acme'
Aug 10 14:36:11 acme proftpd[1331]: 2017-08-10 14:36:11,019 acme proftpd[1338]: error: no valid servers configured
Aug 10 14:36:11 acme proftpd[1331]: 2017-08-10 14:36:11,020 acme proftpd[1338]: fatal: error processing configuration file '/etc/proftpd/proftpd.conf'

Cela peut arriver à la suite d'un changement de hostname 

hostname -i
hostname: Temporary failure in name resolution

Solution

Le hostname doit être résolvable 

echo "127.0.1.1       $(hostname -s).localdomain     $(hostname -f)" >> /etc/hosts

/etc/hosts 

127.0.0.1       localhost
127.0.1.1       acme.localdomain      acme

Autre solution /etc/proftpd/proftpd.conf 

DefaultAddress 127.0.0.1
sed -i -e 's/^LoadModule mod_unique_id.c/#&/' /etc/proftpd/modules.conf
tech/notes_ftp_proftpd.txt · Dernière modification : de Jean-Baptiste
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki