Centos5.6 install the vsftp service and configure the virtual account ftp and centos5.6vsftp

Centos5.6 install the vsftp service and configure the virtual account ftp and centos5.6vsftp

Centos 5.6 install vsftp and configure the virtual account ftp

When the number of users increases, it is unwise to create more system users. In this case, we need to create a virtual account For vsftpd, however, the database of the vsftpd virtual account needs to be stored in the data file in Berkeley DB format, so you need to install db4-utils tools to create such database files

(1) install the vsftpd service

yum install vsftpd
service vsftpd restart
chkconfig vsftpd on

 

(2) create a virtual user database

First, you must create a plaintext file, which contains an odd number of usernames and even numbers of passwords. Use the db_load tool to convert it to a database file, which needs to be obtained by installing db4-utils software. Finally, you can modify file permissions to enhance data security.

yum -y install db4-utils
vi /etc/vsftpd/vlogin

Write the user name and password in the vlogin File

tomcat123456jerry654321

Generate a virtual database

db_load -T -t hash -f /etc/vsftpd/vlogin /etc/vsftpd/vlogin.dbchmod 600 /etc/vsftpd/{vlogin,vlogin.db}

(3) create a PAM file and set virtual Account Verification

In Linux, the account authentication mechanism is usually set through the PAM file, and then the PAM file is created to use the new data file for Logon verification, the db option in the PAM file is the database file that specifies and verifies the account and password.

vi /etc/pam.d/vsftpd.pamauth required /lib64/security/pam_userdb.so db=/etc/vsftpd/vloginaccount required /lib64/security/pam_userdb.so db=/etc/vsftpd/vlogin

(4) set a shared directory for a virtual account

Because all virtual accounts need to be mapped to a real system account, the system needs to add a system account and set the Home Directory

useradd -s /sbin/nologin -d /home/ftp virtual

(5) modify the main configuration file

Vi/etc/vsftpd. conf
Anonymous_enable = NO # disable anonymous logon. By default, local_enable = YES # Start the local account ftpwrite_enable = YES # Allow write operation anon_upload_enable = YES # Allow anonymous users to upload data, anon_mkdir_write_enable = NO # prohibit anonymous users from creating directories anon_other_write_enable = NO # prohibit anonymous users from performing other write operations guest_enable = YES # enable, the non-Anonymous user is used to log on to the specified account guest_username specified to guest_username = virtual # Set the Guest account, that is, the account listen_port = 21pasv_enable = YES # Start the passive mode connection pasv_min_port = 30000pasv_max_port = 30999
User_config_dir =/etc/vsftpd_user_confpam_service_name = vsftpd. pam # specify the pam File
User_sub_token = $ USER

(5) set an independent shared path for each user

By using the user_config_dir option in the main configuration file, you can set an account-based configuration directory under which several files with the same account name can be created, set independent configuration options for this account in the file, including permission and sharing path settings. This article only uses tomcat as the column. If you still need permissions and speed limit, set the concurrency and other options. You can refer to the setting options of the anonymous account to add them to the independent configuration file of the account.

mkdir /etc/vsftpd_user_confmkdir -p /home/ftp/tomcatvi /etc/vsftpd_user_conf/tomcatlocal_root=/home/ftp/$USER

(6) write port 21 to the firewall

Vi/etc/sysconfig/iptables

-A input-m state -- state NEW-m tcp-p tcp -- dport 21-j ACCEPT # Add this line

(7) restart the service

service iptables restartservice vsftpd restart

FAQs

530 Login incorrect

Pam Verification Failed. It may be because of the 64-bit operating system you are using, while the library file calling in the pam file uses/lib/security/pam_userdb.so. The user name or password entered is incorrect, or the pam file name set by pam_service_name in the main configuration file of vsftpd is inconsistent with the pam File Created in/etc/pam. d.

2. 500 oops: cannot change directory:/home/ftp/$ USER

setsebool -P ftp_home_dir 1

3. An error occurred while uploading the file.

 

chmod 777 /home/ftp/tomcat

 

Note: interns perform O & M. This is to be written in the future without looking for articles. If it is not perfect or incorrect, please point it out !!!!!!!!!!