I recently built a NAS server for my local network as I want a secure (raid supported) working space with movie archive and a few more stuff. However besides accessing it with samba I wanted to be able to access it with ftp from either my local computer or remotely through the net. I also wanted to chroot the users for safety (which requires building the install myself to be able to access symlinks from a chrooted pure-ftp environment).
VirtualChroot: VirtualChroot means that a user may access and follow symlinks from within the chrooted environment of the user. For example, user is located in / (which is his chrooted home) and got a symlink to /mnt/stuff, then the user may follow this symlink and will get directed to /stuff which is totally awesome! :D
This is a short tutorial of how to install it with VirtualChroot, TLS support, possible mysql support.
Start by running:
sudo apt-get install openssl libssl-dev libssl0.9.8 libmysqlclient16-dev
Next go to http://download.pureftpd.org/pub/pure-ftpd/releases/ and download the latest release
Untar the release by typing (replace name with your downloaded release name):
tar xzvf pure-ftpd-1.0.29.tar.gz
Next go into untared location
then run the configuration command
./configure --with-tls --with-virtualchroot --with-puredb --with-quotas --with-throttling --with-mysql
The above command may have to be changed if you want some other options and don’t want some options I have decided to add. All options may be found in the README file located in the directory you are located in when running
./configure –with-mysql: Enable mysql support for user database –with-tls: Enable encrypted connections (TLS) –with-quotas: Enable user quotas –with-puredb: Support virtual users, ie. a local users database –with-throttling: Support bandwidth throttling (see below). –with-virtualchroot: Read earlier description
Next your configuring should be done after some moments depending on your hardware configuration and you should see something like this:
configure: +——————————————————–+ configure: | You can subscribe to the Pure-FTPd users mailing-list | configure: | to ask for help and to stay informed of new releases. | configure: | Go to http://www.pureftpd.org/ml/ now! | configure: +——————————————————–+
After you see those lines run:
This will take a short while but not too long, after the make process is done you may install the compiled software by running. After the installation is done I simply started my version with:
pure-ftpd -A -E -B -D -z &
The above command doesn’t add TLS encryption, for this we must generate a certificate for pure-ftp to use, we can do this by calling the following command
sudo openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem
The above command will generate a 1024-bit certificate that the ftp server may use. Now we should be able to run the pure-ftpd daemon with -Y 1 or -Y 2 to enable TLS encryption. -Y 1 will allow users to still connect with an unencrypted session (fallback) while -Y 2 will force TLS encryption, this will disconnect users who does not have TLS encryption enabled.
pure-ftpd -A -E -B -D -z -Y 1 &
For a detailed instruction about commands type
comments powered by Disqus