Install FTP under CentOS and configure the virtual user access mode

1. Preparatory work

Yum Install pam*

Yum Install db4*

First install the PAM (for user authentication) and DB4 (the db file used to generate the user name password for the virtual user).

2, Installation vsftpd

Yum Install vsftpd

Set VSFTPD boot:

Chkconfig vsftpd on

Viewing startup items through Chkconfig--list

3. Configure vsftpd.conf

Anonymous_enable=no

Local_enable=yes

Write_enable=yes

local_umask=022

Xferlog_enable=yes

Xferlog_file=/etc/vsftpd/vsftpd.log

Xferlog_std_format=yes

Connect_from_port_20=yes

idle_session_timeout=600

Listen=yes

Pam_service_name=vsftpd

Userlist_enable=yes

Tcp_wrappers=yes

Guest_enable=yes

Guest_username=ftp

User_config_dir=/etc/vsftpd/virtualuser_conf

* Important Parameter Description:

Anonymous_enable=no does not allow anonymous access

Local_enable=yes Local Users can access, if set to No, FTP this system local users are not able to access, and all of the FTP client is certainly not able to upload and download.

Write_enable=yes #可写 (can be uploaded)

Xferlog_enable=yes

Xferlog_file=/etc/vsftpd/vsftpd.log

Xferlog_std_format=yes

These 3 items because of setting the log log, remember to create a new Vsftpd.log file under/etc/vsftpd/.

Guest_enable=yes #启用虚拟用户

Guest_username=ftp #虚拟用户借用的系统本地用户名

User_config_dir=/etc/vsftpd/virtualuser_conf #虚拟用户的配置文件路径, so don't forget to create a new virtualuser_conf folder in the/etc/vsftpd/directory

4. Configure Virtual users

For example, I want to add a user named Zhang, the FTP client uses the user name (after password settings) for uploading and downloading, a new file named Zhang in/etc/vsftpd/virtualuser_conf: Touch Zhang. The contents of the file are:

Local_root=/var/www/html

Write_enable=yes

anon_umask=022

Anon_world_readable_only=no

Anon_upload_enable=yes

Anon_mkdir_write_enable=yes

Anon_other_write_enable=yes

* Parameter Description:

Local_root=/home/ftpuser #该虚拟用户上传下载的根目录

Write_enable=yes #可写 (can be uploaded)

anon_umask=022 #掩码

Next, create a new text document that records the user name password for all client users (virtual users) in the/etc/vsftpd/directory:

Touch Virtualuser_passwd.txt

The contents are as follows:

Zhang

Passwd1

Zhang1

Passwd2

The odd line is the username, the even line is the password, two virtual users are built here, but the zhang1 user does not give the settings.

Next, generate a DB file for virtual user authentication

Db_load-t-T Hash-f/etc/vsftpd/virtualuser_passwd.txt/etc/vsftpd/virtualuser_passwd.db

Note: Every time you add a username and password to virtualuser_passwd.txt, db_load-t-t hash-f is executed/etc/vsftpd/virtualuser_passwd.txt/etc/vsftpd/ Virtualuser_passwd.db regenerates the DB file for virtual user authentication, but it is not in effect.

Then, edit the authentication file/etc/pam.d/vsftpd, all comments out the original statement

Add the following two sentences

Auth Required pam_userdb.so db=/etc/vsftpd/virtualuser_passwd

Account Required Pam_userdb.so DB=/ETC/VSFTPD/VIRTUALUSER_PASSWD

5. Set directory permissions on the server

Because this set of upload download root directory for/var/www/html, so the permissions of this folder is very important, start new when it is Root:root, belongs to the root user, belongs to the root group, and later changed to Root:ftp, that is changed to the FTP group, Because the client uploads the download with the help of the FTP user on the server, the FTP user belongs to the FTP group. This can be accessed to download, but there is a problem with the download, a variety of permissions, and finally changed the directory directly to ftp:ftp all the problems are not, and the FTP user to the directory has rwx (readable writable executable) permissions:

Chown-r Root:ftp/home/ftpuser

chmod 077/home/ftpuser

6. Testing

This article is from the "System operation and maintenance website Development" blog, please be sure to keep this source http://cgc888.blog.51cto.com/3989433/1688153

Install FTP under CentOS and configure the virtual user access mode