Configuración servidor de FTP: proftpd

Para configurar el servidor de FTP proftpd hay que editar (en Debian) el archivo /etc/proftpd/proftpd.conf, aquí tenemos un ejemplo (los comentarios van precedidos por almohadilla #):


#
# /etc/proftpd/proftpd.conf — This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#

# Includes DSO modules
Include /etc/proftpd/modules.conf

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 on

ServerName “Nombre_Servidor”
ServerType standalone
DeferWelcome off

MultilineRFC2228 on
DefaultServer on
ShowSymlinks on

TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200

DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions “-l”

DenyFilter \*.*/

# Port 21 is the standard FTP port.
Port 21

# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts 49152 65534

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 60

#Limitar los archivos subidos
MaxStoreFileSize 400 Kb group nombre_grupo1
MaxStoreFileSize 400 Kb group nombre_grupo2

# Set the user and group that the server normally runs at.
User proftpd
Group nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd off

# Be warned: use of this directive impacts CPU average load!
#
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
# UseSendFile off

TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log

<IfModule mod_tls.c>
TLSEngine off
</IfModule>

<IfModule mod_quota.c>
QuotaEngine on
</IfModule>

<IfModule mod_ratio.c>
Ratios on
</IfModule>

# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine on
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>

# A basic anonymous configuration, no upload directories.

# <Anonymous ~ftp>
# User ftp
# Group nogroup
# # We want clients to be able to login with “anonymous” as well as “ftp”
# UserAlias anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# RequireValidShell off
#
# # Limit the maximum number of anonymous logins
# MaxClients 10
#
# # We want ‘welcome.msg’ displayed at login, and ‘.message’ displayed
# # in each newly chdired directory.
# DisplayLogin welcome.msg
# DisplayFirstChdir .message
#
# # Limit WRITE everywhere in the anonymous chroot
# <Directory *>
# <Limit WRITE>
# DenyAll
# </Limit>
# </Directory>
#
# # Uncomment this if you’re brave.
# # <Directory incoming>
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask 022 022
# # <Limit READ WRITE>
# # DenyAll
# # </Limit>
# # <Limit STOR>
# # AllowAll
# # </Limit>
# # </Directory>
#
# </Anonymous>

#Limito al usuario para que no pueda ir más allá de su home
DefaultRoot ~

Una vez editado, “recargamos” el servidor proftpd: /etc/init.d/proftpd reload

Publicado en Linux
Un comentario en “Configuración servidor de FTP: proftpd
  1. luis dice:

    La parte interesante es la de limitar el usuario solo a su cuenta

1 Pings/Trackbacks para "Configuración servidor de FTP: proftpd"

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

*

Información básica sobre protección de datos
Responsable: Carlos Egea Oróñez
Finalidad: Moderación de comentarios
Legitimación: Consentimiento del interesado
Destinatarios: No se cederán datos a terceros, salvo obligación legal. Los datos quedarán almacenados en los servidores de OVH.ES, situados en la Unión Europea (política de privacidad de OVH.ES)
Derechos: Acceso, rectificación y supresión de tus datos. Puedes ejercer estos derechos enviando un correo electrónico a carlosegea@gmail.com
Si lo deseas puedes consultar más información sobre protección de datos de esta web: política de privacidad.