Installing Pure-FTPd

There are quite a few FTP servers available, among them, VSFTP, ProFTP and my favourite, Pure-FTP. Pure FTP is easy to install and configure, light weight, and it works well. I’ll go over the quick installation process as well as creating an init script and setting it to start on boot.

We are going to configure it to use MySQL authentication and SSL encryption (FTPES)

First, we create the virtual ftp user account

groupadd -g 2001 ftpusers
useradd -d /home/vftp -g 2001 -u 48 -s /sbin/nologin ftpuser

Make sure you use the latest version, found in http://download.pureftpd.org/pub/pure-ftpd/releases/

cd /root
wget http://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.29.tar.gz
tar -xvzf pure-ftpd-1.0.29.tar.gz
cd pure-ftpd-1.0.29
./configure --with-tls --with-cookie --with-mysql --with-paranoidmsg --with-quotas --with-virtualchroot --without-inetd --without-shadow
make install-strip

Please note that you can add –with-certfile=/path/to/cert/file.pem if you already have an SSL certification for something like Apache. To create a self signed certificate follow the below instructions. Because it is self-signed, you will be prompted to accept the certificate when you connect with a client (Filezilla for instance).

mkdir -p /etc/ssl/private
openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem
chmod 600 /etc/ssl/private/*.pem

Now we create the MySQL config file

MYSQLSocket     /chroot/httpd/var/lib/mysql/mysql.sock
MYSQLUser       ftp_admin
MYSQLPassword   really_string_password
MYSQLDatabase   system_pureftpd
MYSQLCrypt      md5
MYSQLGetPW      SELECT password FROM ftpusers WHERE username="\L"
MYSQLGetDir     SELECT home FROM ftpusers WHERE username="\L"

MYSQLDefaultUID 48
MYSQLDefaultGID 2001

# This get's the maximum number of files a user can have in their home directory
MySQLGetQTAFS  SELECT max_files FROM ftpusers WHERE username="\L"

# This get's the maximum disk space a user can use
MySQLGetQTASZ  SELECT max_storage FROM ftpusers WHERE username="\L"

Now we create our table structure. Create a system_pureftpd database that the system_pureftpd user can access, and add this table

CREATE TABLE IF NOT EXISTS `ftpusers` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(200) NOT NULL,
  `password` varchar(32) NOT NULL,
  `home` varchar(200) NOT NULL,
  `max_files` int(11) NOT NULL DEFAULT '5000',
  `max_storage` bigint(20) NOT NULL DEFAULT '250' COMMENT 'in mb',
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=12 ;

And to add a user


INSERT INTO `ftpusers` (`id`, `username`, `password`, `home`, `max_files`, `max_storage`) VALUES (1, 'username', 'md5_encrypted_Pass', '/home/vftp/username/', 500000, 102400, 500, 5000),

And now we create our init file. Save this to /etc/init.d/pureftpd

#!/bin/sh
#
# pureftpd        Startup script for the PureFTP daemon
#
# chkconfig: - 85 15
# description: PureFTPd is an FTP daemon supporting FTP, FTPS, and FTPES

FTPD_BIN=/usr/local/sbin/pure-ftpd
PID_FILE=/var/run/pure-ftpd.pid
PID=0

start(){
        if [ -f $PID_FILE ]
        then
                echo -e "\E[31mPure-FTP Daemon is already running\E[0m"
        else
                echo -n "Pure-FTP Daemon                   "
                $FTPD_BIN --tls=1 -l mysql:/etc/pureftpd/mysql-conf.ini -B -E -H -d -j -i -A -D -k 60 -I 30 -c 50 -C 16 -g $PID_FILE &
                echo -e "\E[32m[STARTED]\E[0m"
        fi
}

stop(){
        if [ -f $PID_FILE ]
        then
                PID=`cat $PID_FILE`
                echo -n "Pure-FTP Daemon                   "
                kill $PID
                echo -e "\033[32m[STOPPED]\033[0m"
        else
                echo -e "\E[31mPure-FTP Daemon is not running\E[0m"
        fi
}

case $1 in
        start)
                start
                ;;
        stop)
                stop
                ;;
        restart)
                stop
                sleep 1
                start
                ;;
esac

exit 0

and make it executable

chmod 700 /etc/init.d/pureftpd

Now we make it run on boot

chkconfig --add pureftpd
chkconfig pureftpd on

You now have a server that supports regular and FTPES (FTP over Explicit SSL), as well as MySQL user authentication. Congrats! To start your server, run /etc/init.d/pureftpd start

Troubleshooting

If you are getting an error similar to:

checking for mysql_init in -lmysqlclient... yes
checking whether mysql clients can run... no
configure: error: Your MySQL client libraries aren't properly installed

It’s an easy fix caused by MySQL/Postgres libraries in the wrong location (Not wrong, just not the normal location). You must simply copy the libraries to the /usr/lib or /usr/lib64 directory depending on system architecture

ln -s /opt/mysql/lib/mysql /usr/lib/mysql

Other Resources:

http://download.pureftpd.org/pub/pure-ftpd/doc/README
http://download.pureftpd.org/pub/pure-ftpd/doc/README.TLS
http://download.pureftpd.org/pub/pure-ftpd/doc/README.MySQL

One Reply to “Installing Pure-FTPd”

  1. Thanks a ton for this guide, I couldn’t figure out ProFTPd, and this guide made it a lot easier to switch to Pure-FTP.

Leave a Reply