http://www.debian-administration.org/articles/228

As a means of distributing large collections of files FTP is still a popular choice, despite the rise of bittorrent, and the growing number of HTTP servers.

FTP is an often overlooked method of storing and giving access to files, in many cases FTP servers have been retired in place of webservers such as Apache.

But there are a lot of cases where offering access via FTP makes sense, even with the limitations of FTP - most notably the difficulty of firewalling and the security risk involved in using plaintext passwords.

There are several different FTP servers packaged within Debian, which you can see via:

apt-cache search ftp-server
One of the most popular servers around is proftpd, and that can be installed upon Debian systems with:

apt-get install proftpd
Once downloaded debconf will ask if you wish to run the server via inetd, or in a standalone fashion. In general you want the latter option.

After the installation the server will be running, and will grant access to all user accounts upon the host.

If you wish to stop the server prior to more configuration you can do so with:

/etc/init.d/proftpd stop
The configuration of proftpd is conducted via the configuration file of /etc/proftpd.conf.

Security Options
There are several security options you can enable in proftpd, the most notable is the use of TLS security.

To use TLS you will need to generate a key, and update your server's configuration file to use it.

Generating a key is simple enough with the openssl command, which is contained in the openssl package:

mkdir /etc/proftpd
cd /etc/proftpd
openssl req -new -x509 -days 365 -nodes -out ftpd-rsa.pem \
-keyout ftpd-rsa-key.pem
With the files generated you can add the following to your proftpd.conf file:

<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd-tls.log
TLSProtocol TLSv1

# Are clients required to use FTP over TLS when talking to this server?
TLSRequired off

TLSRSACertificateFile /etc/proftpd/ftpd-rsa.pem
TLSRSACertificateKeyFile /etc/proftpd/ftpd-rsa-key.pem

# Authenticate clients that want to use FTP over TLS?
TLSVerifyClient off
</IfModule>
Other security options include limiting users to particular directories. To limit the user "bob" to the starting directory "/tmp" you can use:

DefaultRoot /tmp bob
The more general approach is to restrict users to their own home directory, which you can accomplish via:

DefaultRoot ~
This causes all users to be presented with the contents of their home directory (as specified by /etc/passwd) when they login.

Permitting Anonymous Access
To permit anonymous access to your server you will need to uncomment the configuration options which are already present in the standard /etc/proftpd.conf file.

This is a good starting point:

<Anonymous ~ftp>
User ftp
Group nogroup

# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp

# Cosmetic changes, all files belongs to ftp user
DirFakeUser on ftp
DirFakeGroup on ftp

RequireValidShell off

# Limit the maximum number of anonymous logins
MaxClients 10

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
</Anonymous>
This configuration setting allows users to login with either anonymous, or ftp, as username and they will be able to read from /home/ftp.

Thankfully they will be unable to upload new content, or delete existing files. They will be given only read-only access to the server.

Miscallaneous Options
There are some other options which you might wish to change, for example the welcome message presented to clients.

The welcome message presented is read from /home/ftp/welcome.msg, editing that file will immediately change the text sent to users.

The hostname of your server is typically displayed to clients when they connect - in the Debian package the greeting only includes the string "Debian" - as you can see from the following session:

user@host:~ ftp localhost
Connected to localhost.localdomain.
220 ProFTPD 1.2.10 Server (Debian) [127.0.0.1]
To change this update the proftpd.conf file to include:

ServerName "My.host.name"

【Raspberry pi】set up an ftp server的更多相关文章

  1. 【转】【Raspberry Pi】Unix NetWork Programming:配置unp.h头文件环境

    一.初衷 近期正在做网络计算编程的作业.要求平台为unix/linux,想着Raspberry Pi装的Debian系统也是Linux改的,也应该能够勉强用着,所以就用它来做作业了! 二.说明 先把环 ...

  2. 【Raspberry Pi】新入手的Raspberry Pi3拼装日志

    一.概述 2016年暑假某宝入手Raspberry Pi 3,装机清单: 树莓派主板 亚克力外壳 小风扇 散热片 30G SD card 螺丝若干颗 因机型问题,可能与你的机器有微小差异 二.装机过程 ...

  3. 【Raspberry Pi】USB无线网卡自动连接

    Raspberry Pi 使用USB无线网卡的时候不会因为路由重启而掉线. #!/bin/bash while true ; do if ifconfig wlan0 | grep -q " ...

  4. 【Raspberry Pi】修改时区

    Raspberry Pi没有时钟模块,所以每次断电都会丢失时间,但它有联网获取时间的预设.但要修改默认时区 http://outofmemory.cn/code-snippet/2899/shumei ...

  5. 【Raspberry pi】系统安装及基础配置

    1.系统安装 见官网:http://www.raspberrypi.org/quick-start-guide 2.基础配置 转载自http://www.eeboard.com/bbs/thread- ...

  6. 【Raspberry pi】cpu、内存等查看及扩展

    使用树莓派时,需要在其系统中部署几个不同功能的程序系统,并涉及到数据库读写.串口读写.web访问等,使系统使用压力较大,在查看树莓派使用情况时也遇到些许问题. free命令 total used fr ...

  7. 【Raspberry Pi】crontab 定时任务

    在linux上做定时任务一般用crond 两种方法上文已列,但昨天写的crond命令却一直都没有运行,上网查,有说是环境变量的,也有说是时间问题的,都改过,但还没有效. 今天再次认真读了一遍cront ...

  8. 【Raspberry Pi】定时运行python程序读温湿度传感器数据&发邮件

    1.定时执行脚本 http://tech.it168.com/a2011/0707/1214/000001214830_all.shtml /sbin/service crond start //启动 ...

  9. 【Raspberry Pi】DHT11 温度湿度传感器数据读取

    时序图参考厂家说明书:DHT11数字湿温度传感器的原理和应用范例 四个阵脚连接:VCC接3.3伏电源,Dout接GPIO口,我接的是物理12针脚,NC留空,GND接地. 波折1:电阻被错接进了VCC, ...

随机推荐

  1. iOS AVPlayer视频播放器

    代码地址如下:http://www.demodashi.com/demo/11168.html 一.运行效果 二.实现过程 ①.创建播放器avPlayer //创建播放器 url = [url str ...

  2. Layui 弹出层组件——layer的模块化开发实例应用

    Layui 弹出层组件——layer的模块化开发实例应用 1.首先在package.json中引入layer组件依赖 2.在源码中应用这个依赖 3.在源码中编写代码应用此组件 4.效果验证:点击日历上 ...

  3. js 时间毫秒

    1. "2014-08-18 00:00:00"  与 13位毫秒 互换 var oTime = { _format_13_time:function (str){ var tim ...

  4. List分组迭代器 C#--深入理解类型

    List分组迭代器   说明: 针对长度较大的List对象,可以分组批量进行处理, 如:长度为1000的List对象,可分为10组,每组100条,对数据进行业务逻辑处理... Source /**** ...

  5. Inno Setup 打包的文件以管理员权限执行

    最近发现一个问题,就是Inno Setup打包的程序安装完毕后执行需求管理员权限的程序的时候会失败( inno createprocess   须要提升),解决问题的最简单办法就是打包的后的程序也以管 ...

  6. BootStrap modal() 如何根据返回的HTML宽度自动调整宽度?

    首先声明,如果真的这么做了也就失去了 bootstrap 多分辨率适配的好处.bootstrap 的 modal 窗口能够自动在不同分辨率下用不同的宽度,这就是它的特色呢. 以默认大小的 modal ...

  7. JUC组件扩展(二)-JAVA并行框架Fork/Join(三):在任务中抛出异常

    在java当中,异常一共分为两种.一种是运行时异常,一种是非运行是异常. 非运行时异常:这些异常必须在方法上通过throws子句抛出.或者在方法体内进行try{…}catch{…}来捕获异常. 运行时 ...

  8. 4.lists(双向链表)

    一.概述 是一个线性链表结构,它的数据由若干个节点构成,每一个节点都包括一个信息块(即实际存储的数据).一个前驱指针和一个后驱指针.它无需分配指定的内存大小且可以任意伸缩,这是因为它存储在非连续的内存 ...

  9. Python 常用内建模块(os, sys,random)

    一.os 模块 1,操作系统与环境变量 import osprint(os.name) #操作系统类型,如果是posix 说明系统是linux unix 或 mac os x :如果是nt 就是win ...

  10. JS高程3:表单脚本

    HTML和CSS对表单的操作还是比较乏力的,在表单操作中,JS势必会使用到. 基础知识 文本框 选择框 序列化 富文本编辑器 基础知识 HTMLFormElement接口可以创建或者修改<for ...