vi /etc/proftpd.conf ← 修改ProFTPD的配置文件 ServerType standalone ← 找到这一行,在行首添加“#” ↓ #ServerType standalone ← 变为此状态,不使用常驻模式
#ServerType inetd ← 找到这一行,去掉行首的“#” ↓ ServerType inetd ← 变为此状态,通过超级服务器来启动ProFTPD
DefaultRoot ~ !adm ← 找到这一行,将“ !adm”改为“/public_html !wheel” ↓ DefaultRoot ~/public_html !wheel ← 变为此状态,使除wheel组用户的根目录为public_html
找到TLS设置的语句群,如下: # TLS # Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html ---------------------------------------------------------------- #TLSEngine on #TLSRequired on #TLSRSACertificateFile /usr/share/ssl/certs/proftpd.pem #TLSRSACertificateKeyFile /usr/share/ssl/certs/proftpd.pem #TLSCipherSuite ALL:!ADH:!DES #TLSOptions NoCertRequest #TLSVerifyClient off ##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 #TLSLog /var/log/proftpd/tls.log ----------------------------------------------------------------
↓将以上水平线间部分的语句,每行行首的“#”都去掉,变为下面水平线间的状态:
---------------------------------------------------------------- TLSEngine on TLSRequired on ← 只允许TLS方式的连接(如果将on改为off,普通方式也被允许) TLSRSACertificateFile /usr/share/ssl/certs/proftpd.pem TLSRSACertificateKeyFile /usr/share/ssl/certs/proftpd.pem TLSCipherSuite ALL:!ADH:!DES TLSOptions NoCertRequest TLSVerifyClient off #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 TLSLog /var/log/proftpd/tls.log ----------------------------------------------------------------
然后在配置文件的末尾填如下几行:
ExtendedLog /var/log/proftpd/access.log WRITE,READ default ← 记录连接日志到相应日志文件 ExtendedLog /var/log/proftpd/auth.log AUTH auth ← 记录认证日志到相应日志文件 MasqueradeAddress digeast.no-ip.info ← 定义服务器域名 PassivePorts 50000 50030 ← 为PASV模式连接时指定端口号(1024以后存在的任意端口号)
卸载
yum remove proftpd 即可
京公网安备 11010802041100号