FTP Configuration Reference: Difference between revisions
(Created page with "<br /> Category:Reference Category:FTP") |
|||
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
< | [[FTP]] in Sympl is provided by [[Pure-FTPd]], and user configuration is typically done with one of two methods, either authenticating against the domain (<code>'''''example.com'''''</code>) with full access, or authenticating as a user on the domain (<code>'''''user'''''@'''''example.com'''''</code>) which supports limited access. | ||
==Domain Authentication== | |||
The most basic method of [[FTP]] authentication provides access to the <code>/srv/'''''example.com'''''/public/</code> directory and it's contents, but no directories above that. | |||
To enable this, simply add a password in <code>/srv/'''''example.com'''''/config/ftp-password</code> either in plain text or as a hashed password (generated using <code>[[sympl-encrypt-password]]</code>). | |||
Users can then log in to the server using an FTP client using any hostname or IP which points to the server, with the username <code>'''''example.com'''''</code> and password as set in <code>config/ftp-password</code>. | |||
===FTP Quota=== | |||
If necessary, an FTP quota can be set in <code>/srv/'''''example.com'''''/config/ftp-quota</code>. This defaults to <code>0</code> if unset, and is a value in bytes, supporting the normal [[File Size Suffixes|file size suffix]] format. | |||
This quota will prevent any new uploads via FTP once the total size of all files and subdirectories in <code>/srv/'''''example.com'''''/public/</code> (including logs) reaches the quota value, however it does not prevent web uploads or other processes using space. | |||
==Multi-User Authentication== | |||
The multi-user authentication method supports users with separate directory access and quotas, and is controlled with the <code>/srv/'''''example.com'''''/config/ftp-users</code> file, and again has access limited to <code>/srv/'''''example.com'''''/public/</code>. | |||
The format of the <code>config/ftp-users</code> file is made up of 2-4 values, separated by colons (<code>:</code>), for example: | |||
# Comments start with a hash | |||
# user:password:subdirectory:quota | |||
alice:jd765DF2ioh-sg2:htdocs/files:1G | |||
charlie:{CRYPT}$6$sXwVQjpI$1DCuuVaTgmmciah.sZuYGCMuV.IcJff8Rsx1PX3OcJOv5CmCWTL9RGka.m56hDXt26fJyCS53R5ZWMBPFlsH21 | |||
===Username=== | |||
The first value in the file is the username. Note that this always has the domain added, so in the example the valid usernames would be <code>'''''alice@example.com'''''</code> and <code>'''''charlie@example.com'''''</code>'''.''' | |||
===Password=== | |||
The password can be either in plain text as shown in the first example, or encrypted format in the second example as generated by <code>[[sympl-encrypt-password]]</code>. Note that you should avoid using the colon (<code>:</code>) character in passwords where possible, or escape them by preceding them with a backslash (<code>\</code>). | |||
===Subdirectory=== | |||
The subdirectory field is optional, and changes the FTP root directory from it's default of <code>/srv/'''''example.com'''''/public/</code> to a subdirectory of <code>public/</code> which can be used to limit access to a specific directory. In the example, the user <code>'''''alice@example.com'''''</code> is restricted to the <code>/srv/'''''example.com'''''/public/'''''htdocs/files'''''</code> directory and it's contents. | |||
===Quota=== | |||
The quota field is optional, is a value in bytes with an [[File Size Suffixes|optional suffix]]. This prevents files being uploaded once the quota is reached, with the limit is based on files in the FTP root directory and all subdirectories, and defaults to the value from <code>/srv/'''''example.com'''''/config/ftp-quota</code> if unset. | |||
In the example, <code>'''''alice@example.com'''''</code> is limited to 1 Gigabyte of files in <code>/srv/'''''example.com'''''/public/'''''htdocs/files'''''</code> and it's subdirectories whereas <code>'''''charlie@example.com'''''</code> has no limit. | |||
==User Permissions== | |||
The permissions used by [[Pure-FTPd]] are inherited from the FTP root directory, which avoids permissions conflicts. This differs from [[Symbiosis]] which copied the permissions from the <code>/srv/'''''example.com'''''</code> directory. | |||
==Alternate Authentication Methods== | |||
As Sympl uses [[Pure-FTPd]], it's other authentication methods can optionally be used, and information on this is available in the [https://download.pureftpd.org/pub/pure-ftpd/doc/README.Virtual-Users Pure-FTPd documentation]. | |||
==Configuration Reference== | |||
<section begin=config /> | |||
{| class="wikitable sortable" | |||
|+ | |||
!File or Directory | |||
!Used For | |||
!More | |||
|- | |||
|<code>.../config/ftp-password</code> | |||
|Sets the password for FTP access to <code>/srv/'''''example.com'''''/public/</code> with the username <code>'''''example.com'''''</code> | |||
|<small>[[FTP Configuration Reference#Domain Authentication|More...]]</small> | |||
|- | |||
|<code>.../config/ftp-quota</code> | |||
|Sets a maximum size of files and directories in <code>/srv/'''''example.com'''''/public/</code> before preventing uploads. | |||
|<small>[[FTP Configuration Reference#FTP Quota|More...]]</small> | |||
|- | |||
|<code>.../config/ftp-users</code> | |||
|Per user configuration for FTP access. | |||
|<small>[[FTP Configuration Reference#Multi-User Authentication|More...]]</small> | |||
|}<section end=config /><blockquote>See also [https://wiki.sympl.host/view/Configuration_Reference ''Configuration Reference''] for other configuration files.</blockquote> | |||
[[Category:Reference]] | [[Category:Reference]] | ||
[[Category:FTP]] | [[Category:FTP]] |
Latest revision as of 12:04, 16 July 2019
FTP in Sympl is provided by Pure-FTPd, and user configuration is typically done with one of two methods, either authenticating against the domain (example.com
) with full access, or authenticating as a user on the domain (user@example.com
) which supports limited access.
Domain Authentication
The most basic method of FTP authentication provides access to the /srv/example.com/public/
directory and it's contents, but no directories above that.
To enable this, simply add a password in /srv/example.com/config/ftp-password
either in plain text or as a hashed password (generated using sympl-encrypt-password
).
Users can then log in to the server using an FTP client using any hostname or IP which points to the server, with the username example.com
and password as set in config/ftp-password
.
FTP Quota
If necessary, an FTP quota can be set in /srv/example.com/config/ftp-quota
. This defaults to 0
if unset, and is a value in bytes, supporting the normal file size suffix format.
This quota will prevent any new uploads via FTP once the total size of all files and subdirectories in /srv/example.com/public/
(including logs) reaches the quota value, however it does not prevent web uploads or other processes using space.
Multi-User Authentication
The multi-user authentication method supports users with separate directory access and quotas, and is controlled with the /srv/example.com/config/ftp-users
file, and again has access limited to /srv/example.com/public/
.
The format of the config/ftp-users
file is made up of 2-4 values, separated by colons (:
), for example:
# Comments start with a hash # user:password:subdirectory:quota alice:jd765DF2ioh-sg2:htdocs/files:1G charlie:{CRYPT}$6$sXwVQjpI$1DCuuVaTgmmciah.sZuYGCMuV.IcJff8Rsx1PX3OcJOv5CmCWTL9RGka.m56hDXt26fJyCS53R5ZWMBPFlsH21
Username
The first value in the file is the username. Note that this always has the domain added, so in the example the valid usernames would be alice@example.com
and charlie@example.com
.
Password
The password can be either in plain text as shown in the first example, or encrypted format in the second example as generated by sympl-encrypt-password
. Note that you should avoid using the colon (:
) character in passwords where possible, or escape them by preceding them with a backslash (\
).
Subdirectory
The subdirectory field is optional, and changes the FTP root directory from it's default of /srv/example.com/public/
to a subdirectory of public/
which can be used to limit access to a specific directory. In the example, the user alice@example.com
is restricted to the /srv/example.com/public/htdocs/files
directory and it's contents.
Quota
The quota field is optional, is a value in bytes with an optional suffix. This prevents files being uploaded once the quota is reached, with the limit is based on files in the FTP root directory and all subdirectories, and defaults to the value from /srv/example.com/config/ftp-quota
if unset.
In the example, alice@example.com
is limited to 1 Gigabyte of files in /srv/example.com/public/htdocs/files
and it's subdirectories whereas charlie@example.com
has no limit.
User Permissions
The permissions used by Pure-FTPd are inherited from the FTP root directory, which avoids permissions conflicts. This differs from Symbiosis which copied the permissions from the /srv/example.com
directory.
Alternate Authentication Methods
As Sympl uses Pure-FTPd, it's other authentication methods can optionally be used, and information on this is available in the Pure-FTPd documentation.
Configuration Reference
File or Directory | Used For | More |
---|---|---|
.../config/ftp-password
|
Sets the password for FTP access to /srv/example.com/public/ with the username example.com
|
More... |
.../config/ftp-quota
|
Sets a maximum size of files and directories in /srv/example.com/public/ before preventing uploads.
|
More... |
.../config/ftp-users
|
Per user configuration for FTP access. | More... |
See also Configuration Reference for other configuration files.