Use vftpd to set up a virtual Secure FTP Server

Article Title: Use vftpd to set up a virtual Secure FTP server. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
We all know that the password verification on the FTP server is based on the plaintext, so it is easy to sniff. The virtual FTP server introduced in this article adopts the chroot method. Although it cannot prevent password sniffing, it can protect your system from cracking passwords even if they are sniffed.
　　
In addition to the chroot function, the virtual FTP service also uses the second password database to verify the user. In this way, you do not need to create an FTP user account. Even if the password leaks, the user cannot log on to the system.
　　
We use a daemon called vftpd to assume the role of a virtual FTP server. The main security features include:
　　
-Always use chroot to process the user's home directory
　　
-Allow users to access without shell
　　
-VFTPD does not allow users to access/,/etc,/bin,/sbin,/usr/bin,/usr/sbin,/dev/,/lib,/tmp.
　　
-The path of the Home directory cannot contain symbolic connections.
　　
-Except root users with UID 0, other users are not allowed.
　　
-The user's password file is not allowed to have write permissions on the group and others.
　　
Installing vftpd is simple. The latest version is 6.5.8. After downloading it, tar xvfz..., make, and make install. :
　　
Startuplinux.com/virtualftpd.html
　　
Most of the configuration work is completed automatically. The only thing that needs to be modified is the/etc/ftppasswd file, which contains the user's real FTP account. The format of this file is basically the same as that of/etc/password. The format of each line is:
　　
Login: encryptedpassword: uid: gid: description: ftppath:/no/shell
　　
Vftpd provides a tool called addvuser, which can easily add FTP users and change the password of the current user to "ftppasswd username ".
　　
If you want to add a user with a shell account, you also need to add the user to ftppasswd, but the password should not be the same.
　　
For users who do not need ftp, you can add the account to/etc/ftpusers.
　　
Finally, add ftp login information for/etc/ftpwelcome (displayed after connection) and/etc/motd (displayed after successful login.
　　
Now you can start the process:
　　
Vftpd-D-l-U
　　
-D: Enable daemon to run in the background
　　
-L logs FTP login log records in syslog (Failure and Success records), two-l record details
　　
-U allows you to use the who command to view the currently activated ftp session
　　
-A only allows anonymous users to connect
　　
-S records logs of anonymous connections to/var/log/ftpd
　　
-P port number. The default value is 21.
　　
For example, we can write in rc. local:
　　
/Usr/local/bin/vftpd-D-U-l