# file generated by gen.sh v1.1.6 16.06.2007 16:39:48
<help name="START_SSH">
start ssh 'yes' or 'no'

Default: START_SSH='yes'
</help>
<help name="SSHD_START_METHOD">
Start method for sshd. 'st' start sshd as standalone server. 'xi' start sshd via xinetd. 'xi' requires START_XINETD='yes'.

Default: SSHD_START_METHOD='st'
</help>
<help name="SSH_PORT">
ssh port, see also FIREWALL_DENY_PORT_x

Default: SSH_PORT='22'
</help>
<help name="SSH_USE_SSH1">
use ssh1 protocol - default: no

Default: SSH_USE_SSH1='no'
</help>
<help name="SSH_USE_SSH2">
use ssh2 protocol - default: yes

Default: SSH_USE_SSH2='yes'
</help>
<help name="SSH_SVR_KEYBITS">
server keybits - default: 1536

Default: SSH_SVR_KEYBITS='1536'
</help>
<help name="SSH_LISTEN_ADDR_N">
Number of addresses sshd should listen to 0 - listen on all local addresses

Default: SSH_LISTEN_ADDR_N='0'
</help>
<help name="SSH_LISTEN_ADDR_#">
First ip address, sshd should listen to use n'th ethernet card configured in /etc/config.d/base. E.g. SSH_LISTEN_ADDR_1='2' points to<br>IP_ETH_2_IPADDR in /etc/config.d/base.
</help>
<help name="SSH_ALLOW_USER_N">
Number of user name patterns. Login is allowed only for user names that match one of the pattern. '*' and '?' can<br>be used as wildcards in the patterns. Default: 0 - login is allowed for all users.

Default: SSH_ALLOW_USER_N='0'
</help>
<help name="SSH_ALLOW_USER_#">
First user name pattern.
</help>
<help name="SSH_DENY_USER_N">
Number of user name patterns. Login is disallowed only for user names that match one of the pattern. '*' and '?' can be<br>used as wildcards in the patterns. Default: 0 - login is allowed for all users.

Default: SSH_DENY_USER_N='0'
</help>
<help name="SSH_DENY_USER_#">
First user name pattern.
</help>
<help name="SSH_ALLOW_GROUP_N">
Number of group name patterns. Login is allowed only for users whose primary group or supplementary group<br>matches one of the pattern. '*' and '?' can be used as wildcards in the patterns. Default: 0 - login is allowed for all groups

Default: SSH_ALLOW_GROUP_N='0'
</help>
<help name="SSH_ALLOW_GROUP_#">
First group name pattern.
</help>
<help name="SSH_DENY_GROUP_N">
Number of group name patterns. Login is disallowed only for users whose primary group or supplementary group<br>matches one of the pattern. '*' and '?' can be used as wildcards in the patterns. Default: 0 - login is allowed for all groups

Default: SSH_DENY_GROUP_N='0'
</help>
<help name="SSH_DENY_GROUP_#">
First group name pattern.
</help>
<help name="SSH_PERMITROOTLOGIN">
Secifies whether root can login using ssh. 'yes' User root can login. 'no' User root can't login. 'without-password' Password authentication<br>for user root is disabled. Note that other authentications (e.g. keyboard-interactive/ PAM) may still allow root to login using a<br>password. 'forced-commands-only' root login with public key authentication will be allowed, but only if the command option has been<br>specified.

Default: SSH_PERMITROOTLOGIN='yes'
</help>
<help name="SSH_PUBLIC_KEY_N">
number of public keys or keyfile to add to /root/.ssh/authorized_keys

Default: SSH_PUBLIC_KEY_N='0'
</help>
<help name="SSH_PUBLIC_KEY_#">
public key (identity.pub) generated by ssh-keygen If the first character is a slash (/) the value is interpreted as an absolut<br>pathname of a file. The content of this file is added to the file /root/.ssh/authorized_keys
</help>
<help name="SSH_MAX_STARTUPS">
maximum number of concurrent unauthenticated connections. default: 10

Default: SSH_MAX_STARTUPS='10'
</help>
<help name="SSH_ENABLE_PRIV_SEPARATION">
enable privilege separation: 'yes' or 'no'

Default: SSH_ENABLE_PRIV_SEPARATION='no'
</help>
<help name="SSH_COMPRESSION">
allow compression: 'yes' or 'no'

Default: SSH_COMPRESSION='yes'
</help>
<help name="SSH_STRICTMODES">
Use Strictmodes: 'yes' or 'no'

Default: SSH_STRICTMODES='yes'
</help>
<help name="SSH_PASSWDAUTH">
Allow password authentication 'yes' or 'no'. If password authentication is not allowed you have to use key<br>authentication. Check that key authentication works fine before you set SSH_PASSWDAUTH to 'no'.

Default: SSH_PASSWDAUTH='yes'
</help>
<help name="SSH_USEPAM">
Enable Pluggable Authentication Module interface (PAM) 'yes' or 'no'.

Default: SSH_USEPAM='no'
</help>
<help name="SSH_CH_RESPONSEAUTH">
Allow challenge response authentication 'yes' or 'no'.

Default: SSH_CH_RESPONSEAUTH='yes'
</help>
<help name="SSH_CLIENTALIVEINTERVAL">
Timeout interval in seconds for client alive message. Default: 0 - no message

Default: SSH_CLIENTALIVEINTERVAL='0'
</help>
<help name="SSH_CLIENTALIVECOUNTMAX">
Number of client alive messages until disconnection. Default: 3

Default: SSH_CLIENTALIVECOUNTMAX='3'
</help>
<help name="SSH_ENABLE_SFTP">
activate sftp: 'yes' or 'no'

Default: SSH_ENABLE_SFTP='yes'
</help>
<help name="SSH_LOGLEVEL">
Verbosity level that is used when logging messages from sshd. Values QUIET FATAL ERROR INFO VERBOSE DEBUG DEBUG1 DEBUG2 DEBUG3 are allowed.<br>Default: INFO Logging with a DEBUG level violates the privacy of users and is not recommended.

Default: SSH_LOGLEVEL='INFO'
</help>
<help name="START_FTP">
start pure-ftpd 'yes' or 'no'

Default: START_FTP='no'
</help>
<help name="FTP_START_METHOD">
Start method for pure-ftpd. 'st' start pure-ftpd as standalone server. 'xi' start pure-ftpd via xinetd.<br>'xi' requires START_XINETD='yes'.

Default: FTP_START_METHOD='st'
</help>
<help name="FTP_HARDKILL">
kill all pure-ftpd processes, when stopping the main pure-ftpd daemon 'yes' or 'no'.   'yes' all pure-ftpd processes are killed<br>  'no'  only main pure-ftpd is killed Requires FTP_START_METHOD='st'.

Default: FTP_HARDKILL='no'
</help>
<help name="FTP_PORT">
Listen for an incoming connection on port FTP_PORT.

Default: FTP_PORT='21'
</help>
<help name="FTP_NAT_MODE">
enable support for NAT 'yes' or 'no'

Default: FTP_NAT_MODE='no'
</help>
<help name="FTP_UMASKS">
Format &lt;umask for files&gt;:&lt;umask for dirs&gt;. Change the file creation mask. The default is 133:022.

Default: FTP_UMASKS=''
</help>
<help name="FTP_LIST_DOT_FILES">
List files beginning with a dot ('.') even when the client doesn't append the '-a' option to the list command.<br>This is a workaround for badly configured FTP clients.

Default: FTP_LIST_DOT_FILES='no'
</help>
<help name="FTP_DISALLOW_RENAMING">
Disallow renaming of files.

Default: FTP_DISALLOW_RENAMING='no'
</help>
<help name="FTP_DISALLOW_ANONYMOUS_UPLOAD">
Disallow upload for anonymous users.

Default: FTP_DISALLOW_ANONYMOUS_UPLOAD='no'
</help>
<help name="FTP_HANGUP_TIME">
timeout in minutes

Default: FTP_HANGUP_TIME='15'
</help>
<help name="FTP_USE_PAM">
Use PAM authentication instead of Unix authentication (the traditional /etc/passwd file). If set to 'yes' the file /etc/ftpusers<br>is verified. This file contains the list of users that aren't allowed to use the PureFTPd. Example: the lines<br>bill paul in /etc/ftpusers disallows bill and paul to log in.

Default: FTP_USE_PAM='no'
</help>
<help name="FTP_ALLOW_ROOT_ACCESS">
can root do FTP 'yes' or 'no'

Default: FTP_ALLOW_ROOT_ACCESS='no'
</help>
<help name="FTP_ONLY_USERS">
disallow anonymous FTP 'yes' or 'no'

Default: FTP_ONLY_USERS='yes'
</help>
<help name="FTP_ONLY_ANONYMOUS">
Only allow anonymous users.

Default: FTP_ONLY_ANONYMOUS='no'
</help>
<help name="FTP_DONT_CHROOT_GROUP">
group, which is not chrooted (numerical!!)

Default: FTP_DONT_CHROOT_GROUP=''
</help>
<help name="FTP_TLS">
'0'  support for SSL/TLS is disabled '1'  clients can connect either the      traditional way or through an<br>     SSL/TLS layer '2'  cleartext sessions are refused and only      SSL/TLS compatible clients are accepted

Default: FTP_TLS='0'
</help>
<help name="FTP_MAX_USER">
maximal logged-in users

Default: FTP_MAX_USER='20'
</help>
<help name="FTP_LIMIT">
Don't allow uploads if the partition is more than &lt;percentage&gt;% full. Using pure-ftpd's -k switch.

Default: FTP_LIMIT='95'
</help>
<help name="FTP_MAXCON_PER_IP">
Maximum number of connections per IP. Limit the number of simultanous connections coming from the same IP address to n.<br>Requires FTP_START_METHOD='st'.

Default: FTP_MAXCON_PER_IP=''
</help>
<help name="FTP_MAX_CPU_LOAD">
Don't allow anonymous download if the load is above &lt;cpu load&gt; . Upload is still allowed, though.

Default: FTP_MAX_CPU_LOAD=''
</help>
<help name="FTP_MAX_LOGINS">
Format &lt;max user logins&gt;:&lt;max anonymous logins&gt;. It restricts the number of concurrent sessions the same user can have.<br>A null value ('0') means 'unlimited'.

Default: FTP_MAX_LOGINS=''
</help>
<help name="FTP_FILE_QUOTA">
PureFTPd's virtual quota mechanism. Format &lt;max files&gt;:&lt;max size&gt;. &lt;max size&gt; is in Megabytes. Quotas are enabled for all users, except<br>for users of trusted groups. See FTP_DONT_CHROOT_GROUP. To create the required .ftpquota files see pure-quotacheck.

Default: FTP_FILE_QUOTA=''
</help>
<help name="FTP_USER_BANDWIDTH">
Enable bandwidth limitation for all users (Unix users, user anonymous and virtual users). Format [&lt;upload&gt;]:[&lt;download&gt;].<br>Bandwidth is specified in kilobytes/seconds. Examples: 256:64 256KB/s for up-, 64KB/s for downloads 256:   256KB/s for up-, no limit for downloads<br>:64    no limit for up-, 64 KB/s for downloads

Default: FTP_USER_BANDWIDTH=''
</help>
<help name="FTP_ANONYMOUS_BANDWIDTH">
Enable bandwidth limitation for user anonymous See FTP_USER_BANDWIDTH. Only one bandwidth limit (FTP_USER_BANDWIDTH<br>or FTP_ANONYMOUS_BANDWIDTH) can be set.

Default: FTP_ANONYMOUS_BANDWIDTH=''
</help>
<help name="FTP_ANONYMOUS_RATIO">
Enable ratios for user anonymous. Format &lt;upload ratio&gt;:&lt;download ratio&gt;. Ratio is specified in Mbyte. For example 2:5 means that an anonymousi<br>user has to upload at least 2 Mb of goodies to be able to download 5 Mb.

Default: FTP_ANONYMOUS_RATIO=''
</help>
<help name="FTP_ALL_USER_RATIO">
Enable ratios for everybody (anonymous and non-anonymous). See FTP_ANONYMOUS_RATIO.

Default: FTP_ALL_USER_RATIO=''
</help>
<help name="FTP_LOG">
Enable('yes') or disable('no') recording of all file transfers into a specific log file, in an alternative format.

Default: FTP_LOG='no'
</help>
<help name="FTP_LOG_FORMAT">
Format of alternative log file. The values 'CLF', 'Stats' 'W3C' and 'xferlog' are allowed.

Default: FTP_LOG_FORMAT='CLF'
</help>
<help name="FTP_LOG_PATH">
Log file name for alternative log file.

Default: FTP_LOG_PATH='/var/log/pure-ftpd.log'
</help>
<help name="FTP_UPLOADSCRIPT_ARGS">
Arguments for pure-uploadscript. When set, pure-ftpd will be startet with argument -o and pure-uploadscript<br>with argument $FTP_UPLOADSCRIPT_ARGS will be startet in the background. Example '-r /tmp/scanner.sh'. Requires FTP_START_METHOD='st'.

Default: FTP_UPLOADSCRIPT_ARGS=''
</help>
<help name="FTP_ADD_ARGS">
Additional arguments / switches for pure-ftpd. See pure-ftpd documentation. Please use this option only if you know<br>what you are doing.

Default: FTP_ADD_ARGS=''
</help>
<help name="FTP_SHOW_ARGS">
Show all arguments for pure-ftpd on startup. 'yes' enables this debugging option.

Default: FTP_SHOW_ARGS='no'
</help>
<help name="FTP_ENABLE_VIRTUAL_USERS">
enable virtual user 'yes' or 'no'

Default: FTP_ENABLE_VIRTUAL_USERS='no'
</help>
<help name="FTP_VIRTUAL_USERS_DELETE">
Delete virtual users that are no more listed in a FTP_VIRTUAL_USERS_#_USERNAME variable If you set FTP_VIRTUAL_USERS_DELETE to 'yes'<br>only those virtual users listed in the actual configuration file will be available. Other virtual users will be deleted, but<br>their home directories will still be there. For compatiblity to older versions this variable defaults to 'no'.<br>This means that virtual users that are no more listet in FTP_VIRTUAL_USERS_#_USERNAME variables are not deleted but this users are<br>still able to connect.

Default: FTP_VIRTUAL_USERS_DELETE='no'
</help>
<help name="FTP_VIRTUAL_USERS_N">
number of virtual users

Default: FTP_VIRTUAL_USERS_N='0'
</help>
<help name="FTP_VIRTUAL_USERS_#_USERNAME">
Username of the virtual user
</help>
<help name="FTP_VIRTUAL_USERS_#_HOME">
Home directory of the virtual user. Normally /home/vftp/&lt;username&gt;
</help>
<help name="FTP_VIRTUAL_USERS_#_PASSWD">
Password of the virtual user
</help>
<help name="START_XINETD">
start xinetd: 'yes' or 'no'

Default: START_XINETD='no'
</help>
<help name="ENABLE_TIME_SERVICE">
enable time service UPD and TCP on port 37: 'yes' or 'no' 'yes' requires START_XINETD='yes'

Default: ENABLE_TIME_SERVICE='no'
</help>
<help name="START_TELNET">
start telnetd: 'yes' or 'no' 'yes' requires START_XINETD='yes'

Default: START_TELNET='no'
</help>
<help name="START_TFTPD">
start tftpd: 'yes' or 'no' 'yes' requires START_XINETD='yes'

Default: START_TFTPD='no'
</help>
<help name="TFTPD_ADD_ARGS">
Additional arguments / switches for tftpd. See tftpd documentation. Please use this option only if you know<br>what you are doing.

Default: TFTPD_ADD_ARGS=''
</help>