Configure Vsftpd virtual users in CentOS6.6
# Install a software package
yum-y
install
vsftpddb4*
# Disable SELinux
vim
/etc/sysconfig/selinux
SELINUX=permissive
# Enter the command line to immediately apply the SELinux Configuration
getenforce0
# Firewall allows port 22
iptables-AINPUT-mstate--stateNEW-mtcp-ptcp--dport21-jACCEPT
# Create a virtual user login file, base behavior user, even number of behavior passwords, can only be written in this way, otherwise the system does not recognize
vim
/etc/vsftpd/logins
.txt
upload
password
download
password
adminftp
password
# Generate a password authentication File
db_load-T-t
hash
-f
/etc/vsftpd/logins
.txt
/etc/vsftpd/vsftpd_logins
.db
chmod
600
/etc/vsftpd/vsftpd_logins
.db
# Create a virtual user authentication File
vim
/etc/pam
.d
/vsftpd
.vu
authrequired
/lib64/security/pam_userdb
.sodb=
/etc/vsftpd/vsftpd_logins
accountrequired
/lib64/security/pam_userdb
.sodb=
/etc/vsftpd/vsftpd_logins
# The 64-bit system is/lib64/security/pam_userdb, and the 32-bit system is/lib/security/pam_userdb.
# Creating a virtual user
useradd
-d
/home/virtualuser
-s
/sbin/nologin
virtualuser
chmod
777
/home/virtualuser
# Grant 777 permissions or the user cannot access
# Modifying the master configuration file
vim
/etc/vsftpd/vsftpd
.conf
anonymous_enable=NO
# Of course, you can set it to YES and allow anonymous users to log on, but it is not recommended.
local_enable=YES
# It must be set to YES because the virtual user is mapped to a local user for access.
local_write=NO
# Local users are not allowed to write
guest_enable=YES
# Enable virtual users
guest_username=virtualuser
# Ing virtual users
pam_service_name=vsftpd.vu
# Ftp authentication File
user_config_dir=
/etc/vsftpd/vsftpd_user_conf
# Assign different permissions to different users
# Create a virtual user configuration folder
mkdir
/etc/vsftpd/vsftpd_user_conf
cd
/etc/vsftpd/vsftpd_user_conf
touch
uploaddownloadadminftp
The login name must be the same as the logins.txt file.
# Download users can only download:
vimdownload
local_root=
/home/virtualuser
anon_world_readable_only=NO
# The upload user can only upload configurations:
vimupload
local_root=
/home/virtualuser
download_enable=NO
write_enable=YES
anon_upload_enable=YES
# Adminftp user ownership Configuration:
vimadmin
local_root=
/home/virtualuser
download_enable=YES
write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
# Start the service, test the virtual user, and verify the effect;
servicevsftpdstart
chkconfigvsftpdon
ftp
localhost