Create a MySQL-based FTP virtual user

Lab environment: Two hosts required

1. One MARIADB server

2. An FTP server

First, MARIADB server

1. Install MARIADB Package

Yum Install Mariadb-devel

2. Run the security script

Mysql_secure_installation
3. Create a Database

Mysql-uroot-p

>create database vsftpd;

>use vsftpd

>create table Ftpusers (name char (+), pass char (50)); (CREATE TABLE)

>insert ftpusers values (' FTP1 ', password (' CentOS ')), (' FTP2 ', password (' magedu ')); (Add table content)

>grant Select on Vsftpd.ftpusers to ' ftp ' @ ' 172.17.166.166 ' identified by ' CentOS '; (for [email protected] authorization)

Second, the FTP server

1. Install the package group and the required package

Yum Groupinstall "Development tools"

Yum Install Mysql-devel Pam-devel

2. Compile and install Pam_mysql-0.7rc1.tar.gz

Tar xvf pam_mysql-0.7rc1.tar.gz

CD PAM_MYSQL-0.7RC1

./configure--with-pam-mods-dir=/lib64/security--with-pam=/usr

Make && make install

3. Create user

Useradd-d/app/ftpdir-r-M ftpuser (Create a system user so that all user access is directed to Ftpuser)

4. Write the module configuration file

Vim/etc/pam.d/vsftpd.mysql

Auth Required pam_mysql.so user=ftp passwd=centos host=172.17.177.177 db=vsftpd table=ftpusers usercolumn=name Passwdcolumn=pass crypt=2

Account Required pam_mysql.so user=ftp passwd=centos host=172.17.177.177 db=vsftpd table=ftpusers usercolumn=name Passwdcolumn=pass crypt=2
These options are:

Auth means certification

account password is verified for normal use

required that certification is going through

The pam_mysql.so module is the default relative path, and the absolute path can be written relative to the/lib64/security/path, followed by the parameters passed to the module

user=vsftpd for users who log in to MySQL

passwd=magedu Password to log in to MySQL

Host=mysqlserver the host name or IP address of the MySQL server

db=vsftpd specifying the database name of the connection MSYQL

table=users specifying table names in the connected database

usercolumn=name field as user name

Passwdcolumn=password as User name field password

crypt=2 Password encryption method for MySQL password () function encryption

5. Change the FTP configuration file

Vim/etc/vsftpd/vsftpd.conf

Pam_service_name=vsftpd.mysql modification

And then add the following line

Guest_enable=yes (turn on the specified user option)

Guest_username=ftpuser (Specify user)

user_config_dir=/etc/vsftpd/conf.d/(Specify directory to make each virtual user's permissions different)

6. Create a Directory

mkdir/etc/vsftpd/conf.d/

cd/etc/vsftpd/conf.d/

Vim/etc/vsftpd/conf.d/ftp1

Anon_upload_enable=yes (allow FTP1 to upload files)

Vim/etc/vsftpd/conf.d/ftp2

LOCAL_ROOT=/APP/FTPDIR2 (the root file for the specified FTP2 is/APP/FTPDIR2)

7. Set permissions

Cd/app

chmod 555/app/ftpdir/(root directory cannot have write permission)

Mkdir/app/ftpdir/upload

Chown Ftpuser/app/ftpdir/upload

Mkdir/app/ftpdir2

chmod 555/app/ftpdir2

Third, the test is successful

Login Test with FTP1

650) this.width=650; "src=" https://s2.51cto.com/oss/201710/28/736dbfe54a41881947ecdaec0a918e29.jpg "title=" 1.jpg " alt= "736dbfe54a41881947ecdaec0a918e29.jpg"/> When you see this status, prove that the FTP1 test was successful

Login Test with FTP2

650) this.width=650; "src=" https://s1.51cto.com/oss/201710/28/acb22997ee58577bf1ded638925c3e80.jpg "title=" 2.jpg " alt= "Acb22997ee58577bf1ded638925c3e80.jpg"/>

When you see this state, it's no problem to prove FTP2. Well, congratulations, you've successfully built a MySQL-based ftp!!!!.

Create a MySQL-based FTP virtual user