#
# /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#
ServerName
"Debian"
ServerType
standalone
DeferWelcome
off
MultilineRFC2228
on
DefaultServer
on
ShowSymlinks
on
TimeoutNoTransfer
600
TimeoutStalled
600
TimeoutIdle
1200
DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions
"-l"
DenyFilter
\*.*/
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
#PersistentPasswd
off
# Uncomment this if you would use TLS module:
#TLSEngine
on
# Uncomment this if you would use quota module:
#Quotas
on
# Uncomment this if you would use ratio module:
#Ratios
on
# Port 21 is the standard FTP port.
Port
21
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances
30
# Set the user and group that the server normally runs at.
User
nobody
Group
nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask
022 022
# Normally, we want files to be overwriteable.
AllowOverwrite
on
# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
#DelayEngine
off
# A basic anonymous configuration, no upload directories.
# <Anonymous ~ftp>
# User
ftp
# Group
nogroup
# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias
anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
# DirFakeUser
on ftp
# DirFakeGroup on ftp
#
# RequireValidShell
off
#
# # Limit the maximum number of anonymous logins
# MaxClients
10
#
# # We want 'welcome.msg' displayed at login, and '.message' displayed
# # in each newly chdired directory.
# DisplayLogin
welcome.msg
# DisplayFirstChdir
.message
#
# # Limit WRITE everywhere in the anonymous chroot
# <Directory *>
# <Limit WRITE>
# DenyAll
# </Limit>
# </Directory>
#
# # Uncomment this if you're brave.
# # <Directory incoming>
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask
022 022
# # <Limit READ WRITE>
# # DenyAll
# # </Limit>
# # <Limit STOR>
# # AllowAll
# # </Limit>
# # </Directory>
#
# </Anonymous>
# Ergänzungen
# chroot für alle User der Gruppe ftpuser
DefaultRoot ~
# Login nur von Mitgliedern der Gruppe ftpuser erlauben
<Limit LOGIN>
DenyGroup !ftpuser
</Limit>
# Root-Login verbieten und gültige Shell verlangen (in /etc/shells)
<Global>
RootLogin off
RequireValidShell off
</Global>
# Speed erhöhen
UseReverseDNS off
IdentLookups off
# Logging Formate
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
# Logging aktivieren
# alle logins
ExtendedLog /var/log/ftp_auth.log AUTH auth
# file/dir Zugriff
ExtendedLog /var/log/ftp_acces.log WRITE,READ write
# für paranoide (vorsicht, erzeugt grosse Logfiles)
#ExtendedLog /var/log/ftp_paranoid.log ALL default
habe dann die einstellungen, die du mir gesagt hast, in der .conf geändert und inetd restartet. hat allerdings nicht funktioniert...
