{"id":2863,"date":"2018-07-26T12:26:36","date_gmt":"2018-07-26T12:26:36","guid":{"rendered":"https:\/\/tst-amo.net.ua\/blog\/?p=2863"},"modified":"2019-02-27T08:12:30","modified_gmt":"2019-02-27T08:12:30","slug":"2863","status":"publish","type":"post","link":"https:\/\/tst-amo.net.ua\/blog\/?p=2863","title":{"rendered":"ProFTPD"},"content":{"rendered":"

ProFTPD<\/b>\u00a0(Professional FTP Daemon) \u2014\u00a0FTP-\u0441\u0435\u0440\u0432\u0435\u0440\u00a0\u0434\u043b\u044f\u00a0Linux<\/i>\u00a0\u0438\u00a0UNIX<\/i>-\u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\u00a0ProFTPD<\/i>\u00a0\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043b\u0438\u0448\u044c \u043e\u0434\u0438\u043d \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b\u00a0proftpd.conf.
\n\u0421\u0435\u0440\u0432\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u043e\u0432, \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u00a0chroot<\/i>. \u041c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u043f\u0443\u0449\u0435\u043d \u0432 \u0432\u0438\u0434\u0435 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (\u0434\u0435\u043c\u043e\u043d\u0430) \u0438\u043b\u0438 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 \u0441\u0443\u043f\u0435\u0440\u0441\u0435\u0440\u0432\u0435\u0440\u0430\u00a0inetd<\/i>. \u0422\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u00a0IPv6.<\/p>\n

\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f: \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043c\u043e\u0434\u0443\u043b\u0438, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435\u00a0SSL\/TLS-\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435, \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0447\u0435\u0440\u0435\u0437\u00a0LDAP, \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u00a0SQL, \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439 \u0447\u0435\u0440\u0435\u0437\u00a0SSH.<\/p>\n

$ sudo yum update\r\n$ sudo yum install proftpd<\/pre>\n
\u041f\u0440\u0430\u0432\u0438\u043c:<\/p>\n
nano \/etc\/proftpd.conf<\/pre>\n
ServerName            \"FTP server\"\r\nServerIdent           on \"FTP Server ready.\"\r\nServerAdmin           root@localhost\r\nDefaultServer         on\r\nUseIPv6               off<\/span>\r\nIdentLookups          off<\/span>\r\nPassivePorts          40900 40999<\/span>\r\nDefaultRoot           ~ !adm\r\nAuthPAMConfig         proftpd\r\nAuthOrder             mod_auth_pam.c* mod_auth_unix.c\r\nUseReverseDNS         off<\/span>\r\nUser                  nobody<\/span>\r\nGroup                 nobody<\/span>\r\nMaxInstances          20<\/span>\r\nUseSendfile           off\r\nSystemLog             \/var\/log\/proftpd\/proftpd.log\r\nTransferLog           \/var\/log\/proftpd\/xfer.log\r\nExtendedLog           \/var\/log\/proftpd\/access.log WRITE,READ write\r\nExtendedLog           \/var\/log\/proftpd\/auth.log AUTH auth\r\nDebugLevel            9\r\nLoadModule            mod_ctrls_admin.c\r\nLoadModule            mod_vroot.c\r\nModuleControlsACLs    insmod,rmmod allow user root\r\nModuleControlsACLs    lsmod allow user *\r\nControlsEngine        on\r\nControlsACLs          all allow user root\r\nControlsSocketACL     allow user *\r\nControlsLog           \/var\/log\/proftpd\/controls.log\r\n\r\n\r\n<IfModule mod_ctrls_admin.c>\r\n    AdminControlsEngine   on\r\n    AdminControlsACLs     all allow user root\r\n<\/IfModule>\r\n<IfModule mod_vroot.c>\r\n    VRootEngine on\r\n<\/IfModule>\r\n<IfDefine TLS>\r\n    TLSEngine on\r\n    TLSRequired on\r\n    TLSRSACertificateFile    \/etc\/pki\/tls\/certs\/proftpd.pem\r\n    TLSRSACertificateKeyFile \/etc\/pki\/tls\/certs\/proftpd.pem\r\n    TLSCipherSuite           ALL:!ADH:!DES\r\n    TLSOptions               NoCertRequest\r\n    TLSVerifyClient          off\r\n    #TLSRenegotiate          ctrl 3600 data 512000 required off timeout 300\r\n    TLSLog                   \/var\/log\/proftpd\/tls.log\r\n <IfModule mod_tls_shmcache.c>\r\n TLSSessionCache             shm:\/file=\/var\/run\/proftpd\/sesscache\r\n <\/IfModule>\r\n<\/IfDefine>\r\n<IfDefine DYNAMIC_BAN_LISTS>\r\n    LoadModule               mod_ban.c\r\n    BanEngine                on\r\n    BanLog                   \/var\/log\/proftpd\/ban.log\r\n    BanTable                 \/var\/run\/proftpd\/ban.tab\r\n # If the same client reaches the MaxLoginAttempts limit 2 times\r\n # within 10 minutes, automatically add a ban for that client that\r\n # will expire after one hour.\r\n    BanOnEvent               MaxLoginAttempts 2\/00:10:00 01:00:00\r\n # Inform the user that it's not worth persisting\r\n    BanMessage              \"Host %a has been banned\"\r\n# Allow the FTP admin to manually add\/remove bans\r\n    BanControlsACLs         all allow user ftpadm\r\n<\/IfDefine>\r\n<IfDefine QOS>\r\n    LoadModule              mod_qos.c\r\n # RFC791 TOS parameter compatibility\r\n    QoSOptions              dataqos throughput ctrlqos lowdelay\r\n # For a DSCP environment (may require tweaking)\r\n #QoSOptions dataqos CS2 ctrlqos AF41\r\n<\/IfDefine>\r\n<Global>\r\n # Umask 022 is a good standard umask to prevent new dirs and files\r\n # from being group and world writable\r\n    Umask                   022\r\n # Allow users to overwrite files and change permissions\r\n AllowOverwrite             yes\r\n <Limit ALL SITE_CHMOD>\r\n AllowAll\r\n <\/Limit>\r\n<\/Global>\r\n<IfDefine ANONYMOUS_FTP>\r\n <Anonymous ~ftp>\r\n User                      ftp\r\n Group                     ftp\r\n AccessGrantMsg \"Anonymous login ok, restrictions apply.\"\r\n # We want clients to be able to login with \"anonymous\" as well as \"ftp\"\r\n UserAlias                 anonymous ftp\r\n # Limit the maximum number of anonymous logins\r\n MaxClients                10 \"Sorry, max %m users -- try again later\"\r\n # Put the user into \/pub right after login\r\n #DefaultChdir \/pub\r\n # We want 'welcome.msg' displayed at login, '.message' displayed in\r\n # each newly chdired directory and tell users to read README* files.\r\n    DisplayLogin \/welcome.msg\r\n    DisplayChdir .message\r\n    DisplayReadme README*\r\n # Cosmetic option to make all files appear to be owned by user \"ftp\"\r\n    DirFakeUser on ftp\r\n    DirFakeGroup on ftp\r\n # Limit WRITE everywhere in the anonymous chroot\r\n <Limit WRITE SITE_CHMOD>\r\n    DenyAll\r\n <\/Limit>\r\n # An upload directory that allows storing files but not retrieving\r\n # or creating directories.\r\n #\r\n # Directory specification is slightly different if mod_vroot is in\r\n # use: see http:\/\/sourceforge.net\/p\/proftp\/mailman\/message\/31728570\/\r\n # https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=1045922\r\n\r\n\r\n<IfModule mod_vroot.c>\r\n <Directory \/uploads\/*>\r\n    AllowOverwrite     no\r\n <Limit READ>\r\n    DenyAll\r\n <\/Limit>\r\n\r\n<Limit STOR>\r\n    AllowAll\r\n <\/Limit>\r\n <\/Directory>\r\n <\/IfModule>\r\n <IfModule !mod_vroot.c>\r\n <Directory uploads\/*>\r\n    AllowOverwrite no\r\n <Limit READ>\r\n    DenyAll\r\n <\/Limit>\r\n\r\n<Limit STOR>\r\n    AllowAll\r\n <\/Limit>\r\n <\/Directory>\r\n <\/IfModule>\r\n # Don't write anonymous accesses to the system wtmp file (good idea!)\r\n WtmpLog off\r\n # Logging for the anonymous transfers\r\n    ExtendedLog       \/var\/log\/proftpd\/access.log WRITE,READ default\r\n    ExtendedLog       \/var\/log\/proftpd\/auth.log AUTH auth\r\n <\/Anonymous>\r\n<\/IfDefine><\/pre>\n
\u0421 \u0442\u0430\u043a\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u043e\u0439 \u0443\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c\u0441\u044f \u043b\u044e\u0431\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.<\/p>\n
\u041f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u043c \u043a \u0431\u043e\u043b\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u043c\u0443 \u0438 \u0433\u0438\u0431\u043a\u043e\u043c\u0443 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0443 – \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c<\/a>.<\/p>\n
 <\/p>\n
\"image_pdf\"<\/a>\"image_print\"<\/a><\/div>","protected":false},"excerpt":{"rendered":"
ProFTPD\u00a0(Professional FTP Daemon) \u2014\u00a0FTP-\u0441\u0435\u0440\u0432\u0435\u0440\u00a0\u0434\u043b\u044f\u00a0Linux\u00a0\u0438\u00a0UNIX-\u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\u00a0ProFTPD\u00a0\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043b\u0438\u0448\u044c \u043e\u0434\u0438\u043d \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b\u00a0proftpd.conf. \u0421\u0435\u0440\u0432\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u043e\u0432, \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u00a0chroot. \u041c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u043f\u0443\u0449\u0435\u043d \u0432 \u0432\u0438\u0434\u0435 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (\u0434\u0435\u043c\u043e\u043d\u0430) \u0438\u043b\u0438 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 \u0441\u0443\u043f\u0435\u0440\u0441\u0435\u0440\u0432\u0435\u0440\u0430\u00a0inetd. \u0422\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u00a0IPv6. \u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f: \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043c\u043e\u0434\u0443\u043b\u0438, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435\u00a0SSL\/TLS-\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435, \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0447\u0435\u0440\u0435\u0437\u00a0LDAP, \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u00a0SQL, \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439 \u0447\u0435\u0440\u0435\u0437\u00a0SSH. $ sudo yum update $ sudo yum install proftpd …<\/p>\n
Continue reading ‘ProFTPD’ »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[47],"tags":[133,132],"class_list":["post-2863","post","type-post","status-publish","format-standard","hentry","category-linux","tag-ftp","tag-proftpd"],"_links":{"self":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts\/2863"}],"collection":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2863"}],"version-history":[{"count":5,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts\/2863\/revisions"}],"predecessor-version":[{"id":3854,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts\/2863\/revisions\/3854"}],"wp:attachment":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2863"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2863"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2863"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}