# file generated by gen.sh v1.1.6 16.06.2007 16:39:48 start ssh 'yes' or 'no' Default: START_SSH='yes' Start method for sshd. 'st' start sshd as standalone server. 'xi' start sshd via xinetd. 'xi' requires START_XINETD='yes'. Default: SSHD_START_METHOD='st' ssh port, see also FIREWALL_DENY_PORT_x Default: SSH_PORT='22' use ssh1 protocol - default: no Default: SSH_USE_SSH1='no' use ssh2 protocol - default: yes Default: SSH_USE_SSH2='yes' server keybits - default: 1536 Default: SSH_SVR_KEYBITS='1536' Number of addresses sshd should listen to 0 - listen on all local addresses Default: SSH_LISTEN_ADDR_N='0' First ip address, sshd should listen to use n'th ethernet card configured in /etc/config.d/base. E.g. SSH_LISTEN_ADDR_1='2' points to
IP_ETH_2_IPADDR in /etc/config.d/base. Number of user name patterns. Login is allowed only for user names that match one of the pattern. '*' and '?' can
be used as wildcards in the patterns. Default: 0 - login is allowed for all users. Default: SSH_ALLOW_USER_N='0' First user name pattern. Number of user name patterns. Login is disallowed only for user names that match one of the pattern. '*' and '?' can be
used as wildcards in the patterns. Default: 0 - login is allowed for all users. Default: SSH_DENY_USER_N='0' First user name pattern. Number of group name patterns. Login is allowed only for users whose primary group or supplementary group
matches one of the pattern. '*' and '?' can be used as wildcards in the patterns. Default: 0 - login is allowed for all groups Default: SSH_ALLOW_GROUP_N='0' First group name pattern. Number of group name patterns. Login is disallowed only for users whose primary group or supplementary group
matches one of the pattern. '*' and '?' can be used as wildcards in the patterns. Default: 0 - login is allowed for all groups Default: SSH_DENY_GROUP_N='0' First group name pattern. Secifies whether root can login using ssh. 'yes' User root can login. 'no' User root can't login. 'without-password' Password authentication
for user root is disabled. Note that other authentications (e.g. keyboard-interactive/ PAM) may still allow root to login using a
password. 'forced-commands-only' root login with public key authentication will be allowed, but only if the command option has been
specified. Default: SSH_PERMITROOTLOGIN='yes' number of public keys or keyfile to add to /root/.ssh/authorized_keys Default: SSH_PUBLIC_KEY_N='0' public key (identity.pub) generated by ssh-keygen If the first character is a slash (/) the value is interpreted as an absolut
pathname of a file. The content of this file is added to the file /root/.ssh/authorized_keys maximum number of concurrent unauthenticated connections. default: 10 Default: SSH_MAX_STARTUPS='10' enable privilege separation: 'yes' or 'no' Default: SSH_ENABLE_PRIV_SEPARATION='no' allow compression: 'yes' or 'no' Default: SSH_COMPRESSION='yes' Use Strictmodes: 'yes' or 'no' Default: SSH_STRICTMODES='yes' Allow password authentication 'yes' or 'no'. If password authentication is not allowed you have to use key
authentication. Check that key authentication works fine before you set SSH_PASSWDAUTH to 'no'. Default: SSH_PASSWDAUTH='yes' Enable Pluggable Authentication Module interface (PAM) 'yes' or 'no'. Default: SSH_USEPAM='no' Allow challenge response authentication 'yes' or 'no'. Default: SSH_CH_RESPONSEAUTH='yes' Timeout interval in seconds for client alive message. Default: 0 - no message Default: SSH_CLIENTALIVEINTERVAL='0' Number of client alive messages until disconnection. Default: 3 Default: SSH_CLIENTALIVECOUNTMAX='3' activate sftp: 'yes' or 'no' Default: SSH_ENABLE_SFTP='yes' Verbosity level that is used when logging messages from sshd. Values QUIET FATAL ERROR INFO VERBOSE DEBUG DEBUG1 DEBUG2 DEBUG3 are allowed.
Default: INFO Logging with a DEBUG level violates the privacy of users and is not recommended. Default: SSH_LOGLEVEL='INFO' start pure-ftpd 'yes' or 'no' Default: START_FTP='no' Start method for pure-ftpd. 'st' start pure-ftpd as standalone server. 'xi' start pure-ftpd via xinetd.
'xi' requires START_XINETD='yes'. Default: FTP_START_METHOD='st' kill all pure-ftpd processes, when stopping the main pure-ftpd daemon 'yes' or 'no'. 'yes' all pure-ftpd processes are killed
'no' only main pure-ftpd is killed Requires FTP_START_METHOD='st'. Default: FTP_HARDKILL='no' Listen for an incoming connection on port FTP_PORT. Default: FTP_PORT='21' enable support for NAT 'yes' or 'no' Default: FTP_NAT_MODE='no' Format <umask for files>:<umask for dirs>. Change the file creation mask. The default is 133:022. Default: FTP_UMASKS='' List files beginning with a dot ('.') even when the client doesn't append the '-a' option to the list command.
This is a workaround for badly configured FTP clients. Default: FTP_LIST_DOT_FILES='no' Disallow renaming of files. Default: FTP_DISALLOW_RENAMING='no' Disallow upload for anonymous users. Default: FTP_DISALLOW_ANONYMOUS_UPLOAD='no' timeout in minutes Default: FTP_HANGUP_TIME='15' Use PAM authentication instead of Unix authentication (the traditional /etc/passwd file). If set to 'yes' the file /etc/ftpusers
is verified. This file contains the list of users that aren't allowed to use the PureFTPd. Example: the lines
bill paul in /etc/ftpusers disallows bill and paul to log in. Default: FTP_USE_PAM='no' can root do FTP 'yes' or 'no' Default: FTP_ALLOW_ROOT_ACCESS='no' disallow anonymous FTP 'yes' or 'no' Default: FTP_ONLY_USERS='yes' Only allow anonymous users. Default: FTP_ONLY_ANONYMOUS='no' group, which is not chrooted (numerical!!) Default: FTP_DONT_CHROOT_GROUP='' '0' support for SSL/TLS is disabled '1' clients can connect either the traditional way or through an
SSL/TLS layer '2' cleartext sessions are refused and only SSL/TLS compatible clients are accepted Default: FTP_TLS='0' maximal logged-in users Default: FTP_MAX_USER='20' Don't allow uploads if the partition is more than <percentage>% full. Using pure-ftpd's -k switch. Default: FTP_LIMIT='95' Maximum number of connections per IP. Limit the number of simultanous connections coming from the same IP address to n.
Requires FTP_START_METHOD='st'. Default: FTP_MAXCON_PER_IP='' Don't allow anonymous download if the load is above <cpu load> . Upload is still allowed, though. Default: FTP_MAX_CPU_LOAD='' Format <max user logins>:<max anonymous logins>. It restricts the number of concurrent sessions the same user can have.
A null value ('0') means 'unlimited'. Default: FTP_MAX_LOGINS='' PureFTPd's virtual quota mechanism. Format <max files>:<max size>. <max size> is in Megabytes. Quotas are enabled for all users, except
for users of trusted groups. See FTP_DONT_CHROOT_GROUP. To create the required .ftpquota files see pure-quotacheck. Default: FTP_FILE_QUOTA='' Enable bandwidth limitation for all users (Unix users, user anonymous and virtual users). Format [<upload>]:[<download>].
Bandwidth is specified in kilobytes/seconds. Examples: 256:64 256KB/s for up-, 64KB/s for downloads 256: 256KB/s for up-, no limit for downloads
:64 no limit for up-, 64 KB/s for downloads Default: FTP_USER_BANDWIDTH='' Enable bandwidth limitation for user anonymous See FTP_USER_BANDWIDTH. Only one bandwidth limit (FTP_USER_BANDWIDTH
or FTP_ANONYMOUS_BANDWIDTH) can be set. Default: FTP_ANONYMOUS_BANDWIDTH='' Enable ratios for user anonymous. Format <upload ratio>:<download ratio>. Ratio is specified in Mbyte. For example 2:5 means that an anonymousi
user has to upload at least 2 Mb of goodies to be able to download 5 Mb. Default: FTP_ANONYMOUS_RATIO='' Enable ratios for everybody (anonymous and non-anonymous). See FTP_ANONYMOUS_RATIO. Default: FTP_ALL_USER_RATIO='' Enable('yes') or disable('no') recording of all file transfers into a specific log file, in an alternative format. Default: FTP_LOG='no' Format of alternative log file. The values 'CLF', 'Stats' 'W3C' and 'xferlog' are allowed. Default: FTP_LOG_FORMAT='CLF' Log file name for alternative log file. Default: FTP_LOG_PATH='/var/log/pure-ftpd.log' Arguments for pure-uploadscript. When set, pure-ftpd will be startet with argument -o and pure-uploadscript
with argument $FTP_UPLOADSCRIPT_ARGS will be startet in the background. Example '-r /tmp/scanner.sh'. Requires FTP_START_METHOD='st'. Default: FTP_UPLOADSCRIPT_ARGS='' Additional arguments / switches for pure-ftpd. See pure-ftpd documentation. Please use this option only if you know
what you are doing. Default: FTP_ADD_ARGS='' Show all arguments for pure-ftpd on startup. 'yes' enables this debugging option. Default: FTP_SHOW_ARGS='no' enable virtual user 'yes' or 'no' Default: FTP_ENABLE_VIRTUAL_USERS='no' Delete virtual users that are no more listed in a FTP_VIRTUAL_USERS_#_USERNAME variable If you set FTP_VIRTUAL_USERS_DELETE to 'yes'
only those virtual users listed in the actual configuration file will be available. Other virtual users will be deleted, but
their home directories will still be there. For compatiblity to older versions this variable defaults to 'no'.
This means that virtual users that are no more listet in FTP_VIRTUAL_USERS_#_USERNAME variables are not deleted but this users are
still able to connect. Default: FTP_VIRTUAL_USERS_DELETE='no' number of virtual users Default: FTP_VIRTUAL_USERS_N='0' Username of the virtual user Home directory of the virtual user. Normally /home/vftp/<username> Password of the virtual user start xinetd: 'yes' or 'no' Default: START_XINETD='no' enable time service UPD and TCP on port 37: 'yes' or 'no' 'yes' requires START_XINETD='yes' Default: ENABLE_TIME_SERVICE='no' start telnetd: 'yes' or 'no' 'yes' requires START_XINETD='yes' Default: START_TELNET='no' start tftpd: 'yes' or 'no' 'yes' requires START_XINETD='yes' Default: START_TFTPD='no' Additional arguments / switches for tftpd. See tftpd documentation. Please use this option only if you know
what you are doing. Default: TFTPD_ADD_ARGS=''