利用pureftp搭建ftp服务

利用pureftp实现虚拟帐号验证ftp服务

拓扑图：

后台管理：利用web方式进行管理，增加帐号，配额，速度限制。增加帐号放在数据库内，web通过php来调用mysql

前台应用：pureftp支持mysql身份验证，其中mysql中放置的是虚拟帐号

实验准备：

pure-ftpd-1.0.36.tar.gz //服务器主程序

ZendOptimizer-3.3.3-linux-hicode.tar.gz //支持php加速

PureAdmin-0.3.tar.gz //web管理工具

pureftpd-mysql.conf

pureftp.sql

实验配置：

一、安装

[[email protected] ~]# yum -y install httpd php php-mysql mysql mysql-server mysql-devel

[[email protected] ~]# service httpd start

[[email protected] ~]# service mysqld start

[[email protected] ~]# mysqladmin -u root -p password '123456'

二、源码安装pure-ftp

[[email protected] ~]# tar -zxvf pure-ftpd-1.0.36.tar.gz -C /usr/local/src/

[[email protected] ~]# cd /usr/local/src/pure-ftpd-1.0.36/

[[email protected] pure-ftpd-1.0.36]# ./configure \

--prefix=/usr/local/pureftpd \

--with-mysql \

--with-shadow \

--with-pam \

--with-welcomemsg \

--with-uploadscript \

--with-cookie \

--with-virtualchroot \

--with-virtualhosts \

--with-diraliases \

--with-quotas \

--with-puredb \

--with-sysquotas \

--with-ratios \

--with-ftpwho \

--with-throttling \

--with-language=simplified-chinese

\：表示一行没有写完

--prefix:安装目录

--with-quotas：配额

--with-puredb：虚拟帐号和本地帐号映射的存放数据库

[[email protected] pure-ftpd-1.0.36]# make

[[email protected] pure-ftpd-1.0.36]# make install

三、生成pure-ftpd的服务配置脚本

[[email protected] pure-ftpd-1.0.36]# mkdir /usr/local/pureftpd/etc

[[email protected] pure-ftpd-1.0.36]# cd configuration-file/

[[email protected] configuration-file]# cp pure-ftpd.conf /usr/local/pureftpd/etc

[[email protected] configuration-file]# chmod 755 pure-config.pl

[[email protected] configuration-file]# cp pure-config.pl /usr/local/pureftpd/sbin/

四、生成pure-ftpd的服务控制脚本

[[email protected] pure-ftpd-1.0.36]# cd contrib/

[[email protected] contrib]# cp redhat.init /etc/init.d/pureftpd

[[email protected] contrib]# chmod 755 /etc/init.d/pureftpd

[[email protected] contrib]# vim /etc/init.d/pureftpd

文件内容：

18 fullpath=/usr/local/pureftpd/sbin/$prog

19 pureftpwho=/usr/local/pureftpd/sbin/pure-ftpwho

24 $fullpath /usr/local/pureftpd/etc/pure-ftpd.conf --dae monize

[[email protected] contrib]# service pureftpd start

[[email protected] contrib]# netstat -tupln |grep ftp

tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 9480/pure-ftpd (SER

[[email protected] contrib]# chkconfig --add pureftpd

[[email protected] contrib]# chkconfig --list |grep ftp

五、配置匿名（虚拟）用户登录环境

[[email protected] contrib]# mkdir /ftproot

[[email protected] contrib]#chmod -R 777 /ftproot //这不不做可以能会引起登录时报421错误

[[email protected] contrib]## useradd virtualftp -d /ftproot -s /sbin/nologin -M //创建接下来的虚拟用户对应的系统用户

[[email protected] contrib]# chown virtualftp:virtualftp /ftproot

vim /usr/local/pureftpd/etc/pure-ftpd.conf

文件内容修改：

20 chrootEveryone yes //限定在自己的家目录

40 MaxClientsNumber 50 //最大连接数目

52 MaxClientsPerIP 8 //每个IP最大连接数目

77 NoAnonymous yes //不允许匿名登录

336 CreateHomeDir yes //允许用户登录后自动创建家目录

六、用pureDB认证

vim /usr/local/pureftpd/etc/pure-ftpd.conf //用mysql认证

文件内容修改：

116 MySQLConfigFile /usr/local/pureftpd/etc/pureftpd-mysql.conf

[[email protected] ~]# cp pureftpd-mysql.conf /usr/local/pureftpd/etc/

[[email protected] ~]# cd /usr/local/pureftpd/etc/

vim pureftpd-mysql.conf

文件内容修改：

32 MYSQLPassword tmppasswd

45 MYSQLCrypt md5 //密码类型

vim pureftp.sql

文件内容修改：

50 INSERT INTO admin VALUES ('admin',MD5('123')); //后台管理密码

[[email protected] ~]# mysql -u root -p < pureftp.sql //导入数据到mysql

[[email protected] ~]# mysql -u root -p

Enter password:

mysql> show databases; //查看mysql中是否导入

+--------------------+

| Database |

+--------------------+

| information_schema |

| ftpusers |

| mysql |

| test |

mysql>grant all privileges on ftpusers.* to [email protected] identified by 'tmppasswd'; //添加连接mysql用户,使其都有访问权限

mysql>flush privileges;

mysql>quit;

配置PHP管理界面

[[email protected] ~]# tar -zxvf PureAdmin-0.3.tar.gz -C /var/www/html

[[email protected] html]# mv PureAdmin-0.3 pureadmin

vim config.php

文件内容修改：

3 $cfg['dbname']='ftpusers'; //mysql db name

4 $cfg['dbuser']='ftp'; //mysql user

5 $cfg['dbpasswd']='tmppasswd'; //mysql password

10 $cfg['passwdtype']='MD5';

14 $cfg['dir']='/ftproot/'; //用户家目录

16 $cfg['qs']=100; //配额限制100M

17 $cfg['ul']=0; //上传速录无限制

18 $cfg['dl']=200; //下载速度限制为200k

[[email protected] pureadmin]# service httpd restart

[[email protected] pureadmin]# service pureftpd restart

测试：

客户端访问后台管理：

创建用户user1

访问数据库，自动创建了user1用户

[[email protected] pureadmin]# mysql -u root -p

Enter password:

mysql> use ftpusers;

mysql> show tables;

+--------------------+

| Tables_in_ftpusers |

+--------------------+

| admin |

| users |

+--------------------+

mysql> select * from users;

+-------+----------------------------------+------+------+----------------+------------+-----------+-------------+-------------+-----------+---------+--------+---------+---------+

+-------+----------------------------------+------+------+----------------+------------+-----------+-------------+-------------+-----------+---------+--------+---------+---------+

| user1 | d41d8cd98f00b204e9800998ecf8427e | 1000 | 1000 | /ftproot/user1 | 0 | 100 | 0 | 200 | * | | 1 | 0 | 0 |

+-------+----------------------------------+------+------+----------------+------------+-----------+-------------+-------------+-----------+---------+--------+---------+---------+

vim /usr/local/pureftpd/etc/pure-ftpd.conf //映射

文件内容修改：

126 PureDB /usr/local/pureftpd/pureftpd.pdb

[[email protected] ~]# echo PATH=$PATH:/usr/local/pureftpd/bin/ >>/etc/profile //设置环境变量

[[email protected] ~]#. /etc/profile //立即生效

[[email protected] ~]# pure-pw useradd user2 -u virtualftp -g virtualftp -d /ftproot/user2 -m [[email protected] ~]# pure-pw mkdb /usr/local/pureftpd/pureftpd.pd //建立用户数据库

[[email protected] ~]# service httpd restart

[[email protected] ~]# service pureftpd restart

客户端测试

用户user2访问ftp：