Vsftpd-virtual user 1

Vsftpd virtual user:

Preparation:
Ensure that vsftpd and db4-utils are installed
Rqm-Qa | grep vsftpd
Rpm-Qa | grep db4-utils

Local data file mode:
Step 1) Create the virtual users database.

CD/etc/vsftpd/
Touch logins.txt
Echo 'Tom '> logins.txt
Echo '000000'> logins.txt
Echo 'Lucy '> logins.txt
Echo '000000'> logins.txt

Db_load-T-t hash-F logins.txt/etc/vsftpd/login. DB

Chmod 600/etc/vsftpd/login. DB

Step 2) create a pam file which uses your new database.

CP/usr/share/doc/vsftpd-2.0.5/example/virtual_users/vsftpd. PAM/etc/PAM. d/vsftpd

Step 3) set up the location of the files for the virtual users.
Useradd-D/home/ftpsite virtual
Ls-LD/home/ftpsite
(Which shoshould give ):
Drwx ------ 3 Virtual virtual 4096 Jul 30/home/ftpsite

CP/etc/hosts/home/ftpsite
Chown Virtual. Virtual/home/ftpsite/hosts

Step 4) Create Your vsftpd. conf config file.

See the example in this directory. Let's go through it line by line:
Anonymous_enable = No
Local_enable = Yes

This disables anonymous FTP for security, and enables non-Anonymous FTP (which
Is what virtual users use ).

Write_enable = No
Anon_upload_enable = No
Anon_mkdir_write_enable = No
Anon_other_write_enable = No

These ensure that for security purposes, no write commands are allowed.

Chroot_local_user = Yes

This makes sure that the virtual user is restricted to the virtual FTP Area
/Home/ftpsite we set up abve.

Guest_enable = Yes
Guest_username = Virtual

The guest_enable is very important-it activates virtual users! And
Guest_username says that all virtual users are mapped to the real user
"Virtual" that we set up above. This will also determine where on
Filesystem the virtual users end up-the home directory of the user
"Virtual",/home/ftpsite.

Listen = Yes
Listen_port= 10021

This puts vsftpd in "standalone" Mode-I. e. Not running from an inetd. This
Means you just run the vsftpd executable and it will start up. This also
Makes vsftpd listen for FTP requests on the non-standard port of 10021 (ftp
Is usually 21 ).

Pasv_min_port = 30000
Pasvanderbilt max_port = 30999

These put a port range on Passive FTP incoming requests-very useful if
You are running ing a firewall.

Copy the example vsftpd. conf file to/etc/vsftpd:

CP vsftpd. CONF/etc/vsftpd/

Step 5) Start up vsftpd.

Step 6) test.

Launch another shell SESSION (or background vsftpd with CTRL-Z and then "BG ").
Here is an example of an FTP session:

FTP localhost 10021
Connected to localhost (127.0.0.1 ).
220 ready, dude (vsftpd 1.1.0: Beat me, break me)
Name (localhost: Chris): Tom
331 please specify the password.
Password:
230 login successful. Have fun.
Remote system type is UNIX.
Using binary mode to transfer files.
Ftp> pwd
257 usd "/"
Ftp> ls
227 entering passive mode (117,135, 0)
150 here comes the directory listing.
226 transfer done (but failed to open directory ).
Ftp> size hosts
213 147
Ftp>

Note:
Setting items that affect virtual users' upload, downlaod, rename, and delete:

Write_enable = yes # Write Permission
Anon_world_readable_only = No # open download permission
Anon_upload_enable = yes # Open upload permission
Anon_mkdir_write_enable = yes # enable markwang to create a directory
Anon_other_write_enable = yes # enable markwang to delete and rename

When virtual_use_local_privs = Yes, the virtual user and the local user have the same permissions;
When virtual_use_local_privs = No, the virtual user and anonymous user have the same permissions. The default value is no.

When virtual_use_local_privs = yes and write_enable = Yes, the virtual user has the write permission (upload, download, delete, and rename ).

When virtual_use_local_privs = No, write_enable = Yes, anon_world_readable_only = Yes,
When anon_upload_enable = Yes, a virtual user cannot browse directories, but can only upload files without other permissions.

When virtual_use_local_privs = No, write_enable = Yes, anon_world_readable_only = No,
When anon_upload_enable = NO, a virtual user can only download files and has no other permissions.

When virtual_use_local_privs = No, write_enable = Yes, anon_world_readable_only = No,
When anon_upload_enable = Yes, a virtual user can only upload and download files without other permissions.

When virtual_use_local_privs = No, write_enable = Yes, anon_world_readable_only = No,
When anon_mkdir_write_enable = Yes, a virtual user can only download files and create folders without other permissions.

When virtual_use_local_privs = No, write_enable = Yes, anon_world_readable_only = No,
When anon_other_write_enable = Yes, a virtual user can only download, delete, and rename files, and has no other permissions.

Common configurations for anonymous users: