# file generated by gen.sh v1.1.6 16.06.2007 16:39:48 <help name="START_SSH"> start ssh 'yes' or 'no' Default: START_SSH='yes' </help> <help name="SSHD_START_METHOD"> Start method for sshd. 'st' start sshd as standalone server. 'xi' start sshd via xinetd. 'xi' requires START_XINETD='yes'. Default: SSHD_START_METHOD='st' </help> <help name="SSH_PORT"> ssh port, see also FIREWALL_DENY_PORT_x Default: SSH_PORT='22' </help> <help name="SSH_USE_SSH1"> use ssh1 protocol - default: no Default: SSH_USE_SSH1='no' </help> <help name="SSH_USE_SSH2"> use ssh2 protocol - default: yes Default: SSH_USE_SSH2='yes' </help> <help name="SSH_SVR_KEYBITS"> server keybits - default: 1536 Default: SSH_SVR_KEYBITS='1536' </help> <help name="SSH_LISTEN_ADDR_N"> Number of addresses sshd should listen to 0 - listen on all local addresses Default: SSH_LISTEN_ADDR_N='0' </help> <help name="SSH_LISTEN_ADDR_#"> First ip address, sshd should listen to use n'th ethernet card configured in /etc/config.d/base. E.g. SSH_LISTEN_ADDR_1='2' points to<br>IP_ETH_2_IPADDR in /etc/config.d/base. </help> <help name="SSH_ALLOW_USER_N"> Number of user name patterns. Login is allowed only for user names that match one of the pattern. '*' and '?' can<br>be used as wildcards in the patterns. Default: 0 - login is allowed for all users. Default: SSH_ALLOW_USER_N='0' </help> <help name="SSH_ALLOW_USER_#"> First user name pattern. </help> <help name="SSH_DENY_USER_N"> Number of user name patterns. Login is disallowed only for user names that match one of the pattern. '*' and '?' can be<br>used as wildcards in the patterns. Default: 0 - login is allowed for all users. Default: SSH_DENY_USER_N='0' </help> <help name="SSH_DENY_USER_#"> First user name pattern. </help> <help name="SSH_ALLOW_GROUP_N"> Number of group name patterns. Login is allowed only for users whose primary group or supplementary group<br>matches one of the pattern. '*' and '?' can be used as wildcards in the patterns. Default: 0 - login is allowed for all groups Default: SSH_ALLOW_GROUP_N='0' </help> <help name="SSH_ALLOW_GROUP_#"> First group name pattern. </help> <help name="SSH_DENY_GROUP_N"> Number of group name patterns. Login is disallowed only for users whose primary group or supplementary group<br>matches one of the pattern. '*' and '?' can be used as wildcards in the patterns. Default: 0 - login is allowed for all groups Default: SSH_DENY_GROUP_N='0' </help> <help name="SSH_DENY_GROUP_#"> First group name pattern. </help> <help name="SSH_PERMITROOTLOGIN"> Secifies whether root can login using ssh. 'yes' User root can login. 'no' User root can't login. 'without-password' Password authentication<br>for user root is disabled. Note that other authentications (e.g. keyboard-interactive/ PAM) may still allow root to login using a<br>password. 'forced-commands-only' root login with public key authentication will be allowed, but only if the command option has been<br>specified. Default: SSH_PERMITROOTLOGIN='yes' </help> <help name="SSH_PUBLIC_KEY_N"> number of public keys or keyfile to add to /root/.ssh/authorized_keys Default: SSH_PUBLIC_KEY_N='0' </help> <help name="SSH_PUBLIC_KEY_#"> public key (identity.pub) generated by ssh-keygen If the first character is a slash (/) the value is interpreted as an absolut<br>pathname of a file. The content of this file is added to the file /root/.ssh/authorized_keys </help> <help name="SSH_MAX_STARTUPS"> maximum number of concurrent unauthenticated connections. default: 10 Default: SSH_MAX_STARTUPS='10' </help> <help name="SSH_ENABLE_PRIV_SEPARATION"> enable privilege separation: 'yes' or 'no' Default: SSH_ENABLE_PRIV_SEPARATION='no' </help> <help name="SSH_COMPRESSION"> allow compression: 'yes' or 'no' Default: SSH_COMPRESSION='yes' </help> <help name="SSH_STRICTMODES"> Use Strictmodes: 'yes' or 'no' Default: SSH_STRICTMODES='yes' </help> <help name="SSH_PASSWDAUTH"> Allow password authentication 'yes' or 'no'. If password authentication is not allowed you have to use key<br>authentication. Check that key authentication works fine before you set SSH_PASSWDAUTH to 'no'. Default: SSH_PASSWDAUTH='yes' </help> <help name="SSH_USEPAM"> Enable Pluggable Authentication Module interface (PAM) 'yes' or 'no'. Default: SSH_USEPAM='no' </help> <help name="SSH_CH_RESPONSEAUTH"> Allow challenge response authentication 'yes' or 'no'. Default: SSH_CH_RESPONSEAUTH='yes' </help> <help name="SSH_CLIENTALIVEINTERVAL"> Timeout interval in seconds for client alive message. Default: 0 - no message Default: SSH_CLIENTALIVEINTERVAL='0' </help> <help name="SSH_CLIENTALIVECOUNTMAX"> Number of client alive messages until disconnection. Default: 3 Default: SSH_CLIENTALIVECOUNTMAX='3' </help> <help name="SSH_ENABLE_SFTP"> activate sftp: 'yes' or 'no' Default: SSH_ENABLE_SFTP='yes' </help> <help name="SSH_LOGLEVEL"> Verbosity level that is used when logging messages from sshd. Values QUIET FATAL ERROR INFO VERBOSE DEBUG DEBUG1 DEBUG2 DEBUG3 are allowed.<br>Default: INFO Logging with a DEBUG level violates the privacy of users and is not recommended. Default: SSH_LOGLEVEL='INFO' </help> <help name="START_FTP"> start pure-ftpd 'yes' or 'no' Default: START_FTP='no' </help> <help name="FTP_START_METHOD"> Start method for pure-ftpd. 'st' start pure-ftpd as standalone server. 'xi' start pure-ftpd via xinetd.<br>'xi' requires START_XINETD='yes'. Default: FTP_START_METHOD='st' </help> <help name="FTP_HARDKILL"> kill all pure-ftpd processes, when stopping the main pure-ftpd daemon 'yes' or 'no'. 'yes' all pure-ftpd processes are killed<br> 'no' only main pure-ftpd is killed Requires FTP_START_METHOD='st'. Default: FTP_HARDKILL='no' </help> <help name="FTP_PORT"> Listen for an incoming connection on port FTP_PORT. Default: FTP_PORT='21' </help> <help name="FTP_NAT_MODE"> enable support for NAT 'yes' or 'no' Default: FTP_NAT_MODE='no' </help> <help name="FTP_UMASKS"> Format <umask for files>:<umask for dirs>. Change the file creation mask. The default is 133:022. Default: FTP_UMASKS='' </help> <help name="FTP_LIST_DOT_FILES"> List files beginning with a dot ('.') even when the client doesn't append the '-a' option to the list command.<br>This is a workaround for badly configured FTP clients. Default: FTP_LIST_DOT_FILES='no' </help> <help name="FTP_DISALLOW_RENAMING"> Disallow renaming of files. Default: FTP_DISALLOW_RENAMING='no' </help> <help name="FTP_DISALLOW_ANONYMOUS_UPLOAD"> Disallow upload for anonymous users. Default: FTP_DISALLOW_ANONYMOUS_UPLOAD='no' </help> <help name="FTP_HANGUP_TIME"> timeout in minutes Default: FTP_HANGUP_TIME='15' </help> <help name="FTP_USE_PAM"> Use PAM authentication instead of Unix authentication (the traditional /etc/passwd file). If set to 'yes' the file /etc/ftpusers<br>is verified. This file contains the list of users that aren't allowed to use the PureFTPd. Example: the lines<br>bill paul in /etc/ftpusers disallows bill and paul to log in. Default: FTP_USE_PAM='no' </help> <help name="FTP_ALLOW_ROOT_ACCESS"> can root do FTP 'yes' or 'no' Default: FTP_ALLOW_ROOT_ACCESS='no' </help> <help name="FTP_ONLY_USERS"> disallow anonymous FTP 'yes' or 'no' Default: FTP_ONLY_USERS='yes' </help> <help name="FTP_ONLY_ANONYMOUS"> Only allow anonymous users. Default: FTP_ONLY_ANONYMOUS='no' </help> <help name="FTP_DONT_CHROOT_GROUP"> group, which is not chrooted (numerical!!) Default: FTP_DONT_CHROOT_GROUP='' </help> <help name="FTP_TLS"> '0' support for SSL/TLS is disabled '1' clients can connect either the traditional way or through an<br> SSL/TLS layer '2' cleartext sessions are refused and only SSL/TLS compatible clients are accepted Default: FTP_TLS='0' </help> <help name="FTP_MAX_USER"> maximal logged-in users Default: FTP_MAX_USER='20' </help> <help name="FTP_LIMIT"> Don't allow uploads if the partition is more than <percentage>% full. Using pure-ftpd's -k switch. Default: FTP_LIMIT='95' </help> <help name="FTP_MAXCON_PER_IP"> Maximum number of connections per IP. Limit the number of simultanous connections coming from the same IP address to n.<br>Requires FTP_START_METHOD='st'. Default: FTP_MAXCON_PER_IP='' </help> <help name="FTP_MAX_CPU_LOAD"> Don't allow anonymous download if the load is above <cpu load> . Upload is still allowed, though. Default: FTP_MAX_CPU_LOAD='' </help> <help name="FTP_MAX_LOGINS"> Format <max user logins>:<max anonymous logins>. It restricts the number of concurrent sessions the same user can have.<br>A null value ('0') means 'unlimited'. Default: FTP_MAX_LOGINS='' </help> <help name="FTP_FILE_QUOTA"> PureFTPd's virtual quota mechanism. Format <max files>:<max size>. <max size> is in Megabytes. Quotas are enabled for all users, except<br>for users of trusted groups. See FTP_DONT_CHROOT_GROUP. To create the required .ftpquota files see pure-quotacheck. Default: FTP_FILE_QUOTA='' </help> <help name="FTP_USER_BANDWIDTH"> Enable bandwidth limitation for all users (Unix users, user anonymous and virtual users). Format [<upload>]:[<download>].<br>Bandwidth is specified in kilobytes/seconds. Examples: 256:64 256KB/s for up-, 64KB/s for downloads 256: 256KB/s for up-, no limit for downloads<br>:64 no limit for up-, 64 KB/s for downloads Default: FTP_USER_BANDWIDTH='' </help> <help name="FTP_ANONYMOUS_BANDWIDTH"> Enable bandwidth limitation for user anonymous See FTP_USER_BANDWIDTH. Only one bandwidth limit (FTP_USER_BANDWIDTH<br>or FTP_ANONYMOUS_BANDWIDTH) can be set. Default: FTP_ANONYMOUS_BANDWIDTH='' </help> <help name="FTP_ANONYMOUS_RATIO"> Enable ratios for user anonymous. Format <upload ratio>:<download ratio>. Ratio is specified in Mbyte. For example 2:5 means that an anonymousi<br>user has to upload at least 2 Mb of goodies to be able to download 5 Mb. Default: FTP_ANONYMOUS_RATIO='' </help> <help name="FTP_ALL_USER_RATIO"> Enable ratios for everybody (anonymous and non-anonymous). See FTP_ANONYMOUS_RATIO. Default: FTP_ALL_USER_RATIO='' </help> <help name="FTP_LOG"> Enable('yes') or disable('no') recording of all file transfers into a specific log file, in an alternative format. Default: FTP_LOG='no' </help> <help name="FTP_LOG_FORMAT"> Format of alternative log file. The values 'CLF', 'Stats' 'W3C' and 'xferlog' are allowed. Default: FTP_LOG_FORMAT='CLF' </help> <help name="FTP_LOG_PATH"> Log file name for alternative log file. Default: FTP_LOG_PATH='/var/log/pure-ftpd.log' </help> <help name="FTP_UPLOADSCRIPT_ARGS"> Arguments for pure-uploadscript. When set, pure-ftpd will be startet with argument -o and pure-uploadscript<br>with argument $FTP_UPLOADSCRIPT_ARGS will be startet in the background. Example '-r /tmp/scanner.sh'. Requires FTP_START_METHOD='st'. Default: FTP_UPLOADSCRIPT_ARGS='' </help> <help name="FTP_ADD_ARGS"> Additional arguments / switches for pure-ftpd. See pure-ftpd documentation. Please use this option only if you know<br>what you are doing. Default: FTP_ADD_ARGS='' </help> <help name="FTP_SHOW_ARGS"> Show all arguments for pure-ftpd on startup. 'yes' enables this debugging option. Default: FTP_SHOW_ARGS='no' </help> <help name="FTP_ENABLE_VIRTUAL_USERS"> enable virtual user 'yes' or 'no' Default: FTP_ENABLE_VIRTUAL_USERS='no' </help> <help name="FTP_VIRTUAL_USERS_DELETE"> Delete virtual users that are no more listed in a FTP_VIRTUAL_USERS_#_USERNAME variable If you set FTP_VIRTUAL_USERS_DELETE to 'yes'<br>only those virtual users listed in the actual configuration file will be available. Other virtual users will be deleted, but<br>their home directories will still be there. For compatiblity to older versions this variable defaults to 'no'.<br>This means that virtual users that are no more listet in FTP_VIRTUAL_USERS_#_USERNAME variables are not deleted but this users are<br>still able to connect. Default: FTP_VIRTUAL_USERS_DELETE='no' </help> <help name="FTP_VIRTUAL_USERS_N"> number of virtual users Default: FTP_VIRTUAL_USERS_N='0' </help> <help name="FTP_VIRTUAL_USERS_#_USERNAME"> Username of the virtual user </help> <help name="FTP_VIRTUAL_USERS_#_HOME"> Home directory of the virtual user. Normally /home/vftp/<username> </help> <help name="FTP_VIRTUAL_USERS_#_PASSWD"> Password of the virtual user </help> <help name="START_XINETD"> start xinetd: 'yes' or 'no' Default: START_XINETD='no' </help> <help name="ENABLE_TIME_SERVICE"> enable time service UPD and TCP on port 37: 'yes' or 'no' 'yes' requires START_XINETD='yes' Default: ENABLE_TIME_SERVICE='no' </help> <help name="START_TELNET"> start telnetd: 'yes' or 'no' 'yes' requires START_XINETD='yes' Default: START_TELNET='no' </help> <help name="START_TFTPD"> start tftpd: 'yes' or 'no' 'yes' requires START_XINETD='yes' Default: START_TFTPD='no' </help> <help name="TFTPD_ADD_ARGS"> Additional arguments / switches for tftpd. See tftpd documentation. Please use this option only if you know<br>what you are doing. Default: TFTPD_ADD_ARGS='' </help>