Gentoo – FTP Server

image_pdfimage_print

If you have the need for a FTP server on your Gentoo system, Pure-ftp is a good choice. It is a lightweight, standards compliant, and production quality FTP server that is available in portage.

To install pure-ftp do the following:

emerge -avq pure-ftp

The default use flags should be fine for most installations.

After it is done installing you need to edit the config file located in /etc/conf.d/pure-ftpd

Make sure to uncomment the following line:

#IS_CONFIGURED="yes"

So that it looks like this:

IS_CONFIGURED="yes"

Now you need to figure out how you want users to authenticate to the FTP server.

To allow login to the FTP server with local user accounts use the following setting for AUTH:

AUTH="-l unix"

For PAM authentication use the following:

AUTH="-l pam"

And finally for built in virtual user support use the following:

AUTH="-l puredb:/etc/pureftpd.pdb"

The virtual user method stores the user information in the file /etc/pureftpd.pdb. In order to setup FTP virtual users do the following:

First setup the ftpgroup and the ftpuser system user

groupadd ftpgroup
useradd -g ftpgroup -d /dev/null -s /etc ftpuser

Now virtual users can be created by using the following syntax:

pure-pw useradd someuser -u ftpuser -d /home/ftpusers/someuser [-m]

The -d flag specifies the user’s home directory. This can be changed to any location you like as long as the user has sufficient privileges on the folder.

The following commands can be used to manage virtual users:

To delete a user:

pure-pw userdel someuser [-m]

To change a user’s password:

pure-pw passwd someuser [-m]

To view a user’s status:

pure-pw show someuser [-m]

To commit changes (NOTE: changes are commited automatically when using the [-m] flag):

pure-pw mkdb

Lastly we need to start the pure-ftpd service and add it to the default runlevel:

/etc/init.d/pure-ftpd start
rc-update add pure-ftpd default

NOTE: If you are running iptables you will want to add the following rule to allow FTP traffic:

iptables -A INPUT -p tcp -m state --state NEW \
-m tcp --dport 21 -j ACCEPT
  1. No Comments