CONTENT
- CHANGES
Szukaj
#top Konfiguracja¶
#top Listen¶
Zobacz także Listen dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | Bind (OPTIONS -S) (kopia)
Dokumentacja Pure-FTPd: STANDALONE INSTALLATION | STANDALONE INSTALLATION (kopia)
Dokumentacja Pure-FTPd: SUPER-SERVER INSTALLATION | SUPER-SERVER INSTALLATION (kopia)
Dokumentacja Pure-FTPd: OPTIONS | PassivePortRange (OPTIONS -p) (kopia)
Dokumentacja Pure-FTPd: OPTIONS | ForcePassiveIP (OPTIONS -P) (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# IP address/port to listen to (default=all IP and port 21). # Bind 127.0.0.1,21 # listen on ipv4 address only #Bind 0.0.0.0,21 # listen on ipv6 address only #Bind ::,21 # listen on all interfaces and address Bind *,21 # Port range for passive connections replies. - for firewalling. # PassivePortRange 30000 50000 PassivePortRange 32768 65534 # Force an IP address in PASV/EPSV/SPSV replies. - for NAT. # Symbolic host names are also accepted for gateways with dynamic IP # addresses. # ForcePassiveIP 192.168.0.1 # ForcePassiveIP 1.1.1.1
Command line options:
# Now, if you want to listen for an incoming connection on a non-standard port, # just append '-S' and the port number: /usr/sbin/pure-ftpd -S 42 # Service names are also allowed ('-S smtp' and the daemon will be accepting # connections on the SMTP port (25) . Very uncommon, but we should please # everybody anyway, even disturbed minds). /usr/sbin/pure-ftpd -S ftp # Now, what if your system has many IP addresses and you want the FTP server # to be reachable on only one of these addresses, let's say 192.168.0.42? # Just use the following command line: /usr/sbin/pure-ftpd -S 192.168.0.42, # The final comma is important, don't forget it. Actually, it's a shorthand for: /usr/sbin/pure-ftpd -S 192.168.0.42,21 # If you prefer host names over IP addresses, it's your choice: /usr/sbin/pure-ftpd -S ftp.example.com,21 # IPv6 addresses are of course supported. # - '-p <first port>:<last port>': Use only ports in the range <first port>; # to <last port> inclusive for passive-mode downloads. This is especially # useful if the server is behind a firewall without FTP connection tracking. # Use high ports (40000-50000 for instance), where no regular server should be # listening. /usr/sbin/pure-ftpd -p 32768:61000 # - '-P <ip address or host name>': Force the specified IP address in reply to # a PASV/EPSV/SPSV command. If the server is behind a masquerading (NAT) box # that doesn't properly handle stateful FTP masquerading, put the ip address # of that box here. If you have a dynamic IP address, you can put the public # host name of your gateway, that will be resolved every time a new client will # connect. # /usr/sbin/pure-ftpd -P <ip address> # /usr/sbin/pure-ftpd -P 1.1.1.1
#top Timeout¶
Zobacz także Timeout dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | Timeout (OPTIONS -I) (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:
# Maximum idle time in minutes (default = 15 minutes)
MaxIdleTime 15
Command line options:
# - '-I <timeout>': Change the maximum idle time. The timeout is in minutes # and defaults to 15 minutes. Modern FTP clients are trying to fool timeouts # by sending fake commands at regular interval. We disconnect these clients # when they are idle for twice (because they are active anyway) the normal # timeout. /usr/sbin/pure-ftpd -I 900
#top Banner¶
Zobacz także Banner dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | FortunesFile (OPTIONS -F) (kopia)
Dokumentacja Pure-FTPd: DISPLAYING BANNERS | DISPLAYING BANNERS (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# Display fortune cookies # FortunesFile /usr/share/fortune/zippy
OPTIONS
If a '.banner' file is located in the 'ftp' user home directory (or in the
root directory of a virtual server, see below), it will be printed when the
client logs in. Put a nice ASCII-art logo with your name in that file.
This file shouldn't be larger than 4000 bytes, or it won't be displayed.
In each directory, you may also have a '.message' file. Its content will be
printed when a client enters the directory. Such a file can contain important
information ("Don't download version 1.7, it's broken!") .
Command line options:
# - '-F <fortune file>': Display a fortune cookie on login. The sentence is # a random extract from the text file <fortune file>. This text file should be # formatted like standard "fortune" files (fortunes are separated by a '%' # sign on a single line) . Pure-FTPd has to be compiled with support for # cookies (--with-cookie). If you just want a simple banner displayed before #the login prompt, add the name of any text file here. # create /etc/pure-ftpd/conf/FortunesFile echo "/home/user/fortunes.txt" > /etc/pure-ftpd/conf/FortunesFile /usr/sbin/pure-ftpd -F /etc/pure-ftpd/conf/FortunesFile
#top vhosts¶
Zobacz także Listen dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: VIRTUAL SERVERS | VIRTUAL SERVERS
EXAMPLES
mkdir /srv/ftpd/vhosts-1-35 mkdir /srv/ftpd/vhosts-2-35 mkdir /srv/ftpd/vhosts-3-35 touch /srv/ftpd/vhosts-1-35/test-vhosts-1-35.txt touch /srv/ftpd/vhosts-2-35/test-vhosts-2-35.txt touch /srv/ftpd/vhosts-3-35/test-vhosts-3-35.txt
cd /etc/pure-ftpd mkdir pure-ftpd cd /etc/pure-ftpd/pure-ftpd ln -s /srv/ftpd/vhosts-1-35 10.41.1.35 ln -s /srv/ftpd/vhosts-2-35 10.41.2.35 ln -s /srv/ftpd/vhosts-3-35 10.41.3.35
ll -d /etc/pure-ftpd/pure-ftpd/*
lrwxrwxrwx 1 root root 9 2019-08-16 23:08 /etc/pure-ftpd/pure-ftpd/10.41.0.35 -> /srv/ftpd/ lrwxrwxrwx 1 root root 21 2019-08-16 23:08 /etc/pure-ftpd/pure-ftpd/10.41.1.35 -> /srv/ftpd/vhosts-1-35/ lrwxrwxrwx 1 root root 21 2019-08-16 23:08 /etc/pure-ftpd/pure-ftpd/10.41.2.35 -> /srv/ftpd/vhosts-2-35/ lrwxrwxrwx 1 root root 21 2019-08-16 23:08 /etc/pure-ftpd/pure-ftpd/10.41.3.35 -> /srv/ftpd/vhosts-3-35/ lrwxrwxrwx 1 root root 44 2019-08-16 23:08 /etc/pure-ftpd/pure-ftpd/fd0a:2002:10:41:a:29:0:23 -> /srv/ftpd/vhosts-1-fd0a:2002:10:41:a:29:0:23/
#top AccessLog¶
Zobacz także Listen dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | AltLog (OPTIONS -O) (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# Create an additional log file with transfers logged in a Apache-like format # : # fw.c9x.org - jedi [13/Dec/1975:19:36:39] "GET /ftp/linux.tar.bz2" 200 # 21809338 # This log file can then be processed by www traffic analyzers. #AltLog clf:/var/log/pureftpd.log AltLog clf:/var/log/pureftpd/pureftpd.log # Create an additional log file with transfers logged in a format optimized # for statistic reports. # AltLog stats:/var/log/pureftpd.log AltLog stats:/var/log/pureftpd/pureftpd.xfer.log # Create an additional log file with transfers logged in the standard W3C # format (compatible with most commercial log analyzers) # AltLog w3c:/var/log/pureftpd.log
Command line options:
# OPTIONS # - '-O <format>:<log file>': Record all file transfers into a specific log # file, in an alternative format. Currently, four formats are supported: CLF # (Apache-like), Stats, W3C and xferlog. # If you add '-O clf:/var/log/pureftpd.log' to your starting options, # Pure-FTPd will log transfers in /var/log/pureftpd.log in a format similar to # the Apache web server in default configuration. # If you use '-O stats:/var/log/pureftpd.log' to your starting options, # Pure-FTPd will create log files in a special format, designed for statistical # reports. The Stats format is compact, more efficient and more accurate that # CLF and the old broken "xferlog" format. /usr/sbin/pure-ftpd -O clf:/var/log/pureftpd/pureftpd.log -O stats:/var/log/pureftpd/pureftpd.xfer.log
#top LogFormat¶
Zobacz także Listen dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: ADVANCED COMPILATION | with-altlog (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:Command line options:
ADVANCED COMPILATION --with-altlog: in addition to the syslog output, support logging into a specific file, in an alternative format. Currently, the CLF, Stats, W3C and xferlog formats are implemented. CLF (common log format) is the basic format produced by Apache, WebFS, Roxen and most web servers. These log files only record file transfers and they can feed web statistic software (Analog, Webalizer, etc.) to analyze the load of your FTP server. The Stats format is a special output format, designed for log file analysis software. The W3C format is a standard format parsed by most commercial log analyzers (all analyzers with support for IIS should deal with it) . Xferlog is the traditional format created by wu-ftpd. Check the -O option later in this documentation for additional info.
#top Autoryzacja¶
#top Anonymous¶
Zobacz także Anonymous dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -E (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:
# Disallow anonymous connections. Only allow authenticated users.
NoAnonymous no
Command line options:
# NoAnonymous yes # -E --noanonymous
#top Auth PAM / UNIX¶
Zobacz także Auth PAM / UNIX dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -l (kopia)
Dokumentacja Pure-FTPd: AUTHENTICATION | AUTHENTICATION (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# PureDB user database (see README.Virtual-Users) # PureDB /etc/pure-ftpd/pureftpd.pdb # Path to pure-authd socket (see README.Authentication-Modules) # ExtAuth /var/run/ftpd.sock # If you want to enable PAM authentication, uncomment the following line PAMAuthentication yes # If you want simple Unix (/etc/passwd) authentication, uncomment this UnixAuthentication yes # Please note that LDAPConfigFile, MySQLConfigFile, PAMAuthentication and # UnixAuthentication can be used only once, but they can be combined # together. For instance, if you use MySQLConfigFile, then UnixAuthentication, # the SQL server will be asked. If the SQL authentication fails because the # user wasn't found, another try # will be done with /etc/passwd and # /etc/shadow. If the SQL authentication fails because the password was wrong, # the authentication chain stops here. Authentication methods are chained in # the order they are given.
Command line options:
# PAMAuthentication yes /usr/sbin/pure-ftpd -l pam # UnixAuthentication yes /usr/sbin/pure-ftpd -l unix # PureDB /etc/pure-ftpd/pureftpd.pdb /usr/sbin/pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb # ExtAuth /var/run/ftpd.sock /usr/sbin/pure-ftpd -l extauth:/var/run/ftpd.sock
#top Auth PgSQL¶
Zobacz także Auth PgSQL dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -l (kopia)
Dokumentacja Pure-FTPd: AUTHENTICATION | AUTHENTICATION (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# Postgres configuration file (see README.PGSQL) # PGSQLConfigFile /etc/pure-ftpd/pureftpd-pgsql.conf PGSQLConfigFile /etc/pure-ftpd/pureftpd-pgsql.conf [...] # Minimum UID for an authenticated user to log in. MinUID 450
Config file
/etc/pure-ftpd/pureftpd-pgsql.conf:# If PostgreSQL listens to a TCP socket #PGSQLServer localhost PGSQLServer 10.5.5.5 PGSQLPort 5432 # *or* if PostgreSQL can only be reached through a local Unix socket # PGSQLServer /tmp # PGSQLPort .s.PGSQL.5432 # Mandatory : user to bind the server as. #PGSQLUser postgres PGSQLUser pureftpd # Mandatory : user password. You *must* have a password. #PGSQLPassword rootpw PGSQLPassword pureftpd # Mandatory : database to open. #PGSQLDatabase pureftpd PGSQLDatabase virtual # Mandatory : how passwords are stored # Valid values are : "cleartext", "crypt", "md5" and "any" PGSQLCrypt cleartext [...] # Query to execute in order to fetch the password #PGSQLGetPW SELECT Password FROM users WHERE User='\L' PGSQLGetPW SELECT password FROM pureftpd_users WHERE username='\L' # Query to execute in order to fetch the system user name or uid #PGSQLGetUID SELECT Uid FROM users WHERE User='\L' PGSQLGetUID SELECT uid FROM pureftpd_users WHERE username='\L' # Optional : default UID - if set this overrides PGSQLGetUID #PGSQLDefaultUID 1000 # Query to execute in order to fetch the system user group or gid #PGSQLGetGID SELECT Gid FROM users WHERE User='\L' PGSQLGetGID SELECT gid FROM pureftpd_users WHERE username='\L' # Optional : default GID - if set this overrides PGSQLGetGID #PGSQLDefaultGID 1000 # Query to execute in order to fetch the home directory #PGSQLGetDir SELECT Dir FROM users WHERE User='\L' PGSQLGetDir SELECT home FROM pureftpd_users WHERE username='\L'
Command line options:
/usr/sbin/pure-ftpd -l pgsql:/etc/pure-ftpd/pureftpd-pgsql.conf
#top Auth MySQL¶
Zobacz także Auth MySQL dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -l (kopia)
Dokumentacja Pure-FTPd: AUTHENTICATION | AUTHENTICATION (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# MySQL configuration file (see README.MySQL) # MySQLConfigFile /etc/pure-ftpd/pureftpd-mysql.conf MySQLConfigFile /etc/pure-ftpd/pureftpd-mysql.conf [...] # Minimum UID for an authenticated user to log in. MinUID 450
Config file
/etc/pure-ftpd/pureftpd-mysql.conf:# Optional : MySQL server name or IP. Don't define this for unix sockets. # MYSQLServer 127.0.0.1 MYSQLServer 10.5.5.5 # Optional : MySQL port. Don't define this if a local unix socket is used. # MYSQLPort 3306 MYSQLPort 3306 # Optional : define the location of mysql.sock if the server runs on this host. #MYSQLSocket /var/lib/mysql/mysql.sock # Mandatory : user to bind the server as. #MYSQLUser root MYSQLUser pureftpd # Mandatory : user password. You must have a password. #MYSQLPassword rootpw MYSQLPassword pureftpd # Mandatory : database to open. #MYSQLDatabase pureftpd MYSQLDatabase virtual # Mandatory : how passwords are stored # Valid values are : "cleartext", "crypt", "md5" and "password" # ("password" = MySQL password() function) # You can also use "any" to try "crypt", "md5" *and* "password" MYSQLCrypt cleartext [...] # Query to execute in order to fetch the password #MYSQLGetPW SELECT Password FROM users WHERE User="\L" MYSQLGetPW SELECT password FROM pureftpd_users WHERE username="\L" # Query to execute in order to fetch the system user name or uid #MYSQLGetUID SELECT Uid FROM users WHERE User="\L" MYSQLGetUID SELECT uid FROM pureftpd_users WHERE username="\L" # Optional : default UID - if set this overrides MYSQLGetUID #MYSQLDefaultUID 1000 # Query to execute in order to fetch the system user group or gid #MYSQLGetGID SELECT Gid FROM users WHERE User="\L" MYSQLGetGID SELECT gid FROM pureftpd_users WHERE username="\L" # Optional : default GID - if set this overrides MYSQLGetGID #MYSQLDefaultGID 1000 # Query to execute in order to fetch the home directory #MYSQLGetDir SELECT Dir FROM users WHERE User="\L" MYSQLGetDir SELECT home FROM pureftpd_users WHERE username="\L"
Command line options:
/usr/sbin/pure-ftpd -l mysql:/etc/pure-ftpd/pureftpd-mysql.conf
#top Auth SQLite¶
Zobacz także Auth SQLite dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -l (kopia)
Dokumentacja Pure-FTPd: AUTHENTICATION | AUTHENTICATION (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# PureDB user database (see README.Virtual-Users) # PureDB /etc/pure-ftpd/pureftpd.pdb PureDB /etc/pure-ftpd/pureftpd.pdb [...] # Minimum UID for an authenticated user to log in. MinUID 450
create PureDB accounts
pure-pw useradd sp -u vmail -g vmail -d /home/vmail/cen05dev.xen.wbcd.pl/sp -F /etc/pure-ftpd/pureftpd.pdb pure-pw useradd ola -u vmail -g vmail -d /home/vmail/cen05dev.xen.wbcd.pl/ola -F /etc/pure-ftpd/pureftpd.pdb pure-pw useradd ala -u vmail -g vmail -d /home/vmail/cen05dev.xen.wbcd.pl/ala -F /etc/pure-ftpd/pureftpd.pdb pure-pw useradd ela -u vmail -g vmail -d /home/vmail/cen05dev.xen.wbcd.pl/ela -F /etc/pure-ftpd/pureftpd.pdb pure-pw useradd ula -u vmail -g vmail -d /home/vmail/cen05dev.xen.wbcd.pl/ula -F /etc/pure-ftpd/pureftpd.pdb
Command line options:
/usr/sbin/pure-ftpd -l pdb:/etc/pure-ftpd/pureftpd.pdb
#top Auth LDAP¶
Zobacz także Auth LDAP dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -l (kopia)
Dokumentacja Pure-FTPd: AUTHENTICATION | AUTHENTICATION (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# LDAP configuration file (see README.LDAP) LDAPConfigFile /etc/pure-ftpd/pureftpd-ldap.conf # Please note that LDAPConfigFile, MySQLConfigFile, PAMAuthentication and # UnixAuthentication can be used only once, but they can be combined # together. For instance, if you use MySQLConfigFile, then UnixAuthentication, # the SQL server will be asked. If the SQL authentication fails because the # user wasn't found, another try # will be done with /etc/passwd and # /etc/shadow. If the SQL authentication fails because the password was wrong, # the authentication chain stops here. Authentication methods are chained in # the order they are given.
Config file
/etc/pure-ftpd/pureftpd-ldap.conf:Command line options:
# LDAPConfigFile /etc/pure-ftpd/pureftpd-ldap.conf /usr/sbin/pure-ftpd -l ldap:/etc/pure-ftpd/pureftpd-ldap.conf
#top Auth Radius¶
Zobacz także Auth Radius dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd:
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:Command line options:
#top Access Restrictions¶
#top AccessAllow¶
Zobacz także AccessAllow dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -V (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# Only connections to this specific IP address are allowed to be # non-anonymous. You can use this directive to open several public IPs for # anonymous FTP, and keep a private firewalled IP for remote administration. # You can also only allow a non-routable local IP (like 10.x.x.x) to # authenticate, and keep a public anon-only FTP server on another IP. #TrustedIP 10.1.1.1
Command line options:
# - '-V <ip address>': Allow non-anonymous FTP access only on this specific # local IP address. All other IP addresses are only anonymous. With that # option, you can have routed IPs for public access and a local IP (like # 10.x.x.x) for administration. You can also have a routable trusted IP # protected by firewall rules and only that IP can be used to login as a # non-anonymous user.
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -e (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:
# Don't allow authenticated users - have a public anonymous FTP only.
AnonymousOnly no
Command line options:
-e --anonymousonly
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -E (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:
# Disallow anonymous connections. Only allow authenticated users.
NoAnonymous no
Command line options:
-E --noanonymous
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -M (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:
# Are anonymous users allowed to create new directories ?
AnonymousCanCreateDirs no
Command line options:
-M --anonymouscancreatedirs
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -q (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# Upload/download ratio for anonymous users. # AnonymousRatio 1 10
Command line options:
-q --anonymousratio <upload ratio>:<download ratio>
#top AccessDeny¶
Zobacz także AccessDeny dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -s (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# Disallow downloading of files owned by "ftp", ie. # files that were uploaded but not validated by a local admin. AntiWarez yes
Command line options:
-s --antiwarez
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# Do not use the /etc/ftpusers file to disable accounts. We're already # using MinUID to block users with uid < 500 UseFtpUsers no
Command line options:
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -X (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:
# Prohibit *reading* of files beginning with a dot (.history, .ssh...)
ProhibitDotFilesRead no
Command line options:
-X --prohibitdotfilesread
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -x (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# Users can't delete/write files beginning with a dot ('.') # even if they own them. If TrustedGID is enabled, this group # will have access to dot-files, though. ProhibitDotFilesWrite no
Command line options:
-x --prohibitdotfileswrite
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -i (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:
# Disallow anonymous users to upload new files (no = upload is allowed)
AnonymousCantUpload yes
Command line options:
-i --anonymouscantupload
#top TLS Engine¶
#top TLS Enable¶
Zobacz także TLS Enable dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -Y (kopia)
Dokumentacja Pure-FTPd: ACCEPTING TLS SESSIONS | ACCEPTING TLS SESSIONS (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:# This option can accept three values : # 0 : disable SSL/TLS encryption layer (default). # 1 : accept both traditional and encrypted sessions. # 2 : refuse connections that don't use SSL/TLS security mechanisms, # including anonymous sessions. # Do _not_ uncomment this blindly. Be sure that : # 1) Your server has been compiled with SSL/TLS support (--with-tls), # 2) A valid certificate is in place, # 3) Only compatible clients will log in. # TLS 1 TLS 1
Command line options:
# OPTIONS # -Y --tls <0:no TLS | 1:TLS+cleartext | 2:enforce TLS | # 3: enforce encrypted data channel as well> /usr/sbin/pure-ftpd -Y 1
#top TLS Cert/Key File¶
Zobacz także TLS Cert/Key File dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: CERTIFICATES | CERTIFICATES (kopia)
To use SSL/TLS, you must provide a file called /etc/ssl/private/pure-ftpd.pem with a private key for your host and the related certificate.
The location can be changed at compile-time with the --with-certfile option passed to ./configure.
The location can be changed at compile-time with the --with-certfile option passed to ./configure.
Zgodnie z powyższą informacją z dokumentacji (The location can be changed at compile-time) ścieżka do pliku z certyfikatem jest ustalana na etapie kompilacji. W przypadku dystrybucji Linux CentOS / RedHat / Fedora ścieżka do pliku z certyfikatem jest następująca:
/etc/pki/pure-ftpd/pure-ftpd.pem.#top TLS Protocols¶
Zobacz także TLS Protocols dla: ProFTPd | Pure-FTPd | vsftpd
#top TLS CipherSuite¶
Zobacz także TLS CipherSuite dla: ProFTPd | Pure-FTPd | vsftpd
Dokumentacja Pure-FTPd: OPTIONS | OPTIONS -J (kopia)
EXAMPLES
Config file
/etc/pure-ftpd/pure-ftpd.conf:Command line options:
# OPTIONS # - '-J <ciphers>': Sets the list of ciphers that will be accepted for # SSL/TLS connections. # For example: -J HIGH:MEDIUM # -J --tlsciphersuite <ciphers> /usr/sbin/pure-ftpd -J HIGH:MEDIUM
#top TLS Compression¶
Zobacz także TLS Compression dla: ProFTPd | Pure-FTPd | vsftpd
#top TLS Options¶
Zobacz także TLS Options dla: ProFTPd | Pure-FTPd | vsftpd
Zmodyfikowany ostatnio: 2019/08/22 12:24:26 (4 lata temu),
textsize: 32,1 kB,
htmlsize: 52,3 kB
Zapraszam do komentowania, zgłaszania sugestii, propozycji, własnych przykładów, ...
Dodaj komentarzKomentarze użytkowników