PureFTPd Manager no longer works after upgrading Mac OS X to version 10.5 (Leopard). What to do, for those of us who want FTP access to our machines using SSL/TLS login encryption?
Location of pure-ftpd files
Although the GUI for the manager doesn't start up, the pure-ftpd application is still operational under Leopard. In other words, the server will still work, we just don't have the nice interface.
The application itself should still be located at /usr/local/sbin/pure-ftpd, with man files at /usr/local/man/man8/pure-ftpd.8. The associated files, including the self-signed certificate, should still be located under the /private/etc/pure-ftpd/ directory. If you don't have them on your machine because you did a clean erase-and-install, migrating the files from your backup should do the trick. All the files should be owned by root:wheel.
Firewall Issues
Make sure that the Mac OS X FTP server is turned off under the Sharing system preferences. I dislike the interface of the Leopard firewall, and I couldn't get it to punch the right holes for pure-ftpd. If you have an external hardware firewall, you may just want to allow all connections under the Security / Firewall system preference. To properly configure the Mac OS X firewall, I recommend WaterRoof.
Server Startup
Now it's just a matter of starting up the server. It can be started in principle using
sudo /usr/local/sbin/pure-ftpdin the terminal. However, to have any semblance of the server running as it was using the PureFTPd Manager, some options are necessary. A full list of options is available from the official site here.
To avoid having to keep the Terminal application open, run it in the background using -B. To allow only TLS encrypted connections, use -Y 2. I use
sudo /usr/local/sbin/pure-ftpd -a 0 -B -c 5 -E -k 95 -p 50000:50010 -Y 2
which should read as all one line, of course. The other options restrict all users except root to their home directories (-a 0), allow a maximum of 5 connections total (-c 5), disable anonymous logins (-E), disable uploads if the hard drive is 95% full (-k 95) and allow passive connections to the port range 50000-50010 (-p 50000:50010).
After entering the command with your options, the FTP server should be accessible exactly as it was under your previous system.
4 comments:
That was awesome. Just what I was looking for.
Two things now:
a) Can you give tips on creating a startup item for this ftp server?
b) How do you add/modify users?
Thanks!
In terms of the startup item, make sure to delete the /Library/StartupItems/PureFTPD folder if it still exists, otherwise it will automatically start the built in Leopard FTP server.
To make a startup item for pure-ftpd, I recommend checking out Lingon to create a user daemon:
http://lingon.sourceforge.net/
I don't know how to add/modify users, though I suspect /usr/local/bin/pure-pw would help - see:
http://jeanmatthieu.free.fr/pureftpd/doc/adv/man.html.
Hopefully we'll have an update of the manager soon...
I've got everything working except adding/modifying users. I followed the manual pages and I'm trying to use pure-pw, but I keep getting the error:
"Check that [usr] does not exist,
and that [/etc/pureftpd.passwd] can be written"
I've tried everything - permissions, locations, paths, -f argument - each and every single thing I try I get the exact same error. I don't know why it won't work!
I guess I'll have to wait for the updated PureFTPD Manager.
The manager has now been updated.
Post a Comment