1. Preparatory work
Yum Install pam*
Yum Install db4*
First install the PAM (for user authentication) and DB4 (the db file used to generate the user name password for the virtual user).
2, Installation vsftpd
Yum Install vsftpd
Set VSFTPD boot:
Chkconfig vsftpd on
Viewing startup items through Chkconfig--list
3. Configure vsftpd.conf
Anonymous_enable=no
Local_enable=yes
Write_enable=yes
local_umask=022
Xferlog_enable=yes
Xferlog_file=/etc/vsftpd/vsftpd.log
Xferlog_std_format=yes
Connect_from_port_20=yes
idle_session_timeout=600
Listen=yes
Pam_service_name=vsftpd
Userlist_enable=yes
Tcp_wrappers=yes
Guest_enable=yes
Guest_username=ftp
User_config_dir=/etc/vsftpd/virtualuser_conf
* Important Parameter Description:
Anonymous_enable=no does not allow anonymous access
Local_enable=yes Local Users can access, if set to No, FTP this system local users are not able to access, and all of the FTP client is certainly not able to upload and download.
Write_enable=yes #可写 (can be uploaded)
Xferlog_enable=yes
Xferlog_file=/etc/vsftpd/vsftpd.log
Xferlog_std_format=yes
These 3 items because of setting the log log, remember to create a new Vsftpd.log file under/etc/vsftpd/.
Guest_enable=yes #启用虚拟用户
Guest_username=ftp #虚拟用户借用的系统本地用户名
User_config_dir=/etc/vsftpd/virtualuser_conf #虚拟用户的配置文件路径, so don't forget to create a new virtualuser_conf folder in the/etc/vsftpd/directory
4. Configure Virtual users
For example, I want to add a user named Zhang, the FTP client uses the user name (after password settings) for uploading and downloading, a new file named Zhang in/etc/vsftpd/virtualuser_conf: Touch Zhang. The contents of the file are:
Local_root=/var/www/html
Write_enable=yes
anon_umask=022
Anon_world_readable_only=no
Anon_upload_enable=yes
Anon_mkdir_write_enable=yes
Anon_other_write_enable=yes
* Parameter Description:
Local_root=/home/ftpuser #该虚拟用户上传下载的根目录
Write_enable=yes #可写 (can be uploaded)
anon_umask=022 #掩码
Next, create a new text document that records the user name password for all client users (virtual users) in the/etc/vsftpd/directory:
Touch Virtualuser_passwd.txt
The contents are as follows:
Zhang
Passwd1
Zhang1
Passwd2
The odd line is the username, the even line is the password, two virtual users are built here, but the zhang1 user does not give the settings.
Next, generate a DB file for virtual user authentication
Db_load-t-T Hash-f/etc/vsftpd/virtualuser_passwd.txt/etc/vsftpd/virtualuser_passwd.db
Note: Every time you add a username and password to virtualuser_passwd.txt, db_load-t-t hash-f is executed/etc/vsftpd/virtualuser_passwd.txt/etc/vsftpd/ Virtualuser_passwd.db regenerates the DB file for virtual user authentication, but it is not in effect.
Then, edit the authentication file/etc/pam.d/vsftpd, all comments out the original statement
Add the following two sentences
Auth Required pam_userdb.so db=/etc/vsftpd/virtualuser_passwd
Account Required Pam_userdb.so DB=/ETC/VSFTPD/VIRTUALUSER_PASSWD
5. Set directory permissions on the server
Because this set of upload download root directory for/var/www/html, so the permissions of this folder is very important, start new when it is Root:root, belongs to the root user, belongs to the root group, and later changed to Root:ftp, that is changed to the FTP group, Because the client uploads the download with the help of the FTP user on the server, the FTP user belongs to the FTP group. This can be accessed to download, but there is a problem with the download, a variety of permissions, and finally changed the directory directly to ftp:ftp all the problems are not, and the FTP user to the directory has rwx (readable writable executable) permissions:
Chown-r Root:ftp/home/ftpuser
chmod 077/home/ftpuser
6. Testing
This article is from the "System operation and maintenance website Development" blog, please be sure to keep this source http://cgc888.blog.51cto.com/3989433/1688153
Install FTP under CentOS and configure the virtual user access mode