FreeBSD 12.0: Pure-FTPd with inetd

I spent much time to configure Pure-FTPd for some problems. I wanted to:

  1. make it run by inetd.
  2. force users to connect with the strongest SSL/TLS connection.


Pure-FTPd can be started and run by inetd set up like below:

ftp stream tcp nowait root /usr/local/sbin/pure-ftpd pure-ftpd /usr/local/etc/pure-ftpd.conf


We have to specify the path to its configuration file and write all settings in it. This keeps inetd.conf lines simple.


First, finish setting up the other options except for ones about TLS (I don’t see details but sorry for my idleness).

Secondly, set these up like below:

TLSCipherSuite HIGH
#CertFile /etc/ssl/private/pure-ftpd.pem
CertFileAndKey “/path/to/cert.pem” “/path/to/privkey.pem”


Make sure “CertFile” is commented out. Set CertFileAndKey with certificate file and private key file together. Even symbolic links work fine, like ones created by letsencrypt/certbot.

The error message below is shown when CertFile option is set wrong:

Jul 28 16:45:50 home pure-ftpd[42438]: (?@?) [ERROR] Sorry, but that file doesn’t exist: [/etc/ssl/private/pure-ftpd.pem]


I hope this sample helps you.



このサイトはスパムを低減するために Akismet を使っています。コメントデータの処理方法の詳細はこちらをご覧ください