http://proftpd.org/docs/howto/index.html 官网地址
一、安装
1、wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.5.tar.gz
tar -zxf proftpd-1.3.5.tar.gz
cd proftpd-1.3.5
./configure --prefix=/usr/local/proftpd --with-modules=mod_sql:mod_sql_mysql:mod_quotatab:mod_quotatab_sql:mod_tls --with-includes=/usr/local/mysql/include/mysql --with-libraries=/usr/local/mysql/bin/
make && make install
#注意:--with-modules=后面可以加要使用的模块(多个)用‘:’隔开,如果用2个以上--with-modules会导致只编译最后一个模块;--with-includes= 指msyql模块的头文件,yum装的mysql(/usr/include/mysql);--with-libraries指mysql的库文件yum装的mysql(/usr/lib64/mysql),
源码安装的mysql,proftpd 启动会报 libmysqlclient.so.18 不存在,
ln -s /usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib/
或
ln -s /usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib64/
二、mysql 重建数据及表,这里我只建了用户和组,没有创建配额表
create database proftpd;
grant all privileges on proftpd.* to proftpd@localhost identified by '123456';
CREATE TABLE `ftpUser` (
`idno` int(11) NOT NULL AUTO_INCREMENT,
`userid` varchar(100) NOT NULL DEFAULT '',
`uid` int(11) DEFAULT NULL,
`gid` int(11) DEFAULT NULL,
`passwd` varchar(200) NOT NULL DEFAULT '',
`shell` varchar(150) NOT NULL DEFAULT '/bin/false',
`homedir` varchar(250) DEFAULT NULL,
`regtime` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`expire_date` date NOT NULL DEFAULT '2100-01-01',
`active` enum('Y','N') NOT NULL DEFAULT 'Y',
`count` int(11) DEFAULT '0',
`memo` varchar(250) DEFAULT NULL,
`agent` varchar(30) NOT NULL DEFAULT '111',
PRIMARY KEY (`idno`),
KEY `userid` (`userid`)
) ;
CREATE TABLE `ftpGroups` (
`gidno` int(11) NOT NULL AUTO_INCREMENT,
`groupname` varchar(100) NOT NULL DEFAULT '',
`gid` int(11) NOT NULL DEFAULT '0',
`members` varchar(200) NOT NULL DEFAULT '',
PRIMARY KEY (`gidno`),
KEY `groupname` (`groupname`)
) ;
三、配置文件
1、ServerName "FTP Server"
ServerType standalone
DefaultServer on
Port 21
Umask 022
MaxInstances 50
User nobody
Group nobody
DefaultRoot ~
AllowOverwrite on
AllowRetrieveRestart on
AllowStoreRestart on
<Limit SITE_CHMOD>
</Limit>
#加密模块tls
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd-tls.log
TLSProtocol SSLv23
TLSRequired ctrl
#生成证书及key值(了解openssl 加密技术)
#openssl req -new -x509 -nodes -out proftpd.crt -keyout proftpd.key 一路回车即可
TLSRSACertificateFile /usr/local/proftpd/etc/proftpd.crt
TLSRSACertificateKeyFile /usr/local/proftpd/etc/proftpd.key
TLSVerifyClient off
</IfModule>
ServerIdent off
PassivePorts 55000 60000
TimesGMT off
UseReverseDNS off
IdentLookups off
#mysql 虚拟用户配置
SQLConnectInfo proftpd@localhost :3306 proftpd 123456
SQLAuthTypes Crypt #使用mysqld encrypt 模式加密,还有其他passwd、md5加密方式,针对不同认证模式
SQLUserInfo ftpUser userid passwd uid gid homedir shell
SQLGroupInfo ftpGroups groupname gid members
RequireValidShell off
SQLAuthenticate users groups usersetfast groupsetfast
SQLUserWhereClause " active='Y' AND agent='111' AND expire_date > CURDATE() "
SQLLogFile /var/log/proftpd-sql.log
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1 WHERE userid='%u'" ftpUser
2、
useradd nobody
groupadd nobody
touch /var/log/proftpd-tls.conf
touch /var/log/proftpd-sql.conf
chown -R nobody:nobody /var/log/proftpd.conf /var/log/proftpd-tls.conf
chown -R nobody:nobody /var/log/proftpd.conf /var/log/proftpd-sql.conf
3、插入数据
insert into ftpuser(userid,uid,gid,passwd,homedir) VALUES('test2',1001,1001,ENCRYPT('test'),'/www/test_ksgw')
四、客户端登录(FileZilla)
选择登录模式,
协议:ftp -文件传输协议
加密:要求显示的FTP over TLS