VSFTPD MySQL-based authentication method

Epel's Yum source has Php-xcache installed Epel Source: Cd/etc/yum.repos.dwget http://mirrors.neusoft.edu.cn/epel/ EPEL-RELEASE-LATEST-6.NOARCH.RPMRPM-IVH epel-release-latest-6.noarch.rpm then install Pam_mysql this package: yum-y Install Pam_mysql[Email protected] yum.repos.d]# ll/lib64/security/pam_mysql.so

-rwxr-xr-x 1 root root 42424 /lib64/security/pam_mysql.so

Configuration database:

MariaDB [(None)]> CREATE Database vsftpd;
Query OK, 1 row Affected (0.00 sec)

MariaDB [(None)]> Grant Select on vsftpd.* to ' vsftpd ' @ ' localhost ' identified by ' Redhat ';
Query OK, 0 rows affected (0.02 sec)

MariaDB [(None)]> Grant Select on vsftpd.* to ' vsftpd ' @ ' 127.0.0.1 ' identified by ' Redhat ';
Query OK, 0 rows affected (0.01 sec)

MariaDB [(None)]> flush privileges;
Query OK, 0 rows Affected (0.00 sec)

Then create the table in the database:

MariaDB [(None)]> use VSFTPD
Database changed
MariaDB [vsftpd]> CREATE table users (ID int auto_increment not null,name char (a) binary not Null,password char ($) bin ary not null,primary key (ID));
Query OK, 0 rows affected (0.05 sec)

MariaDB [vsftpd]> INSERT into users (Name,password) VALUES (' admin ', password (' Redhat '));
Query OK, 1 row affected (0.05 sec)

Since both the VSFTPD and MySQL services are on the same host, the relatively authoritative host range is small, and when MySQL and vsftpd are not on the same host,

Pam_mysql This package or vsftpd installed, this time the host also has to install the MySQL client, the remote MySQL server should be given vsftpd this

Access to host hosts

Configure the PAM authentication information after completing MySQL:

[Email protected] ~]# Vim/etc/pam.d/vsftpd.mysql

Auth required/lib64/security/pam_mysql.so user=vsftpd passwd=redhat host=127.0.0.1 db=vsftpd table=users usercolumn= Name Passwdcolumn=password crypt=2
Account required/lib64/security/pam_mysql.so user=vsftpd passwd=redhat host=127.0.0.1 db=vsftpd table=users Usercolumn=name Passwdcolumn=password crypt=2

Then modify the information about the vsftpd.conf configuration file:

Configuration content for the entire vsftpd.conf:

Anonymous_enable=no
Local_enable=yes
#write_enable =no
Dirmessage_enable=yes
Xferlog_enable=yes
Xferlog_file=/var/log/vsftpd.log
Connect_from_port_20=yes
Xferlog_std_format=yes
Listen=yes
Listen_port=21
Userlist_enable=yes
Chroot_local_user=yes
Tcp_wrappers=yes
Est_enable=yes
Guest_username=ftpuser
Pam_service_name=vsftpd.mysql
User_config_dir=/etc/vsftpd/vsftpd_user_conf
Virtual_use_local_privs=yes
pasv_min_port=50000
pasv_max_port=60000
Pasv_enable=yes
max_clients=200
Max_per_ip=4
idle_session_timeout=600
Ftpd_banner=welcome to OpenDoc FTP service.

Then modify the respective configuration of the virtual account under the/etc/vsftpd/vsftpd_user_conf directory:

[[email protected] vsftpd_user_conf]# Cat admin
Write_enable=yes
Anonymous_enable=no
Anon_world_readable_only=no
Anon_upload_enable=yes
Anon_mkdir_write_enable=yes
Anon_other_write_enable=yes
local_umask=022
Download_enable=yes
Local_root=/var/ftproot

Then go to:

[[Email protected] vsftpd_user_conf]# FTP 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1).
Welcome to OpenDoc FTP service.
Name (127.0.0.1:root): admin
331 Specify the password.
Password:
Successful Login.
Remote system type is UNIX.
Using binary mode to transfer files.
Ftp> ls
227 Entering Passive Mode (127,0,0,1,209,50).
Here comes the directory listing.
-rw-r--r--1 501 501 423612 June 07:06 2015_12.7z
Drwxr-xr-x 2 501 501 4096 Jul 07:25 test
Drwxr-xr-x 2 501 501 4096 Jul 12:38 test02
226 Directory send OK.
ftp> mkdir test03
257 "/test03" created

VSFTPD MySQL-based authentication method