Vsftpd_ Virtual User Access
Much security relative to local user access
Account is an account within the profile and does not interact with the system
Ideas:
- Create a virtual FTP user data file
- Create FTP root and virtual map users
- Establish support for Virtual User PAM certification file
- Add a support configuration in the master configuration file
- Create a user profile
1. Create a virtual FTP user data file
[Email protected] ~]# vim/etc/vsftpd/vuser.list msl23 123~]# db_load-t-T hash-f/ETC/VSF tpd/vuser.list/etc/vsftpd/~]# file/etc/vsftpd/vuser.db 9byte- /etc/vsftpd/~]# rm-rf/etc/vsftpd/vuser.list
2. Create an FTP root directory and a virtual map account
[Email protected] ~]# useradd-d/varvirtual~]# mkdir-p/var/ftproot/ virtual /var/ftproot/msl23
3. Establish PAM certification file
[Email protected] ~]# vim/etc/pam.d/vsftpd.vu auth required pam_userdb.so db=/etc/vsftpd/ vuser account required pam_userdb.so db=/etc/vsftpd/
4. Create a user profile
[email protected] vsftpd]# mkdir vuser.dir[[email protected] vuser.dir]# vim msl23 anon_upload_enable =Yes anon_mkdir_write_enable=Yes anon_other_write_enable=Yes Local_ Root=/var/ftproot/msl23
5. Configure the master configuration file
anonymous_enable=nolocal_enable=yesguest_enable=yesguest_username=Virtual pam_service_name=vsftpd.vuallow_writeable_chroot=yesuser_config_dir=/etc/vsftpd/ Vuser.dir
Restart Service Verification:
[email protected] vuser.dir]# systemctl restart Vsftpd.service C:\Users\msl23. DESKTOP-3ki3fmn>ftp192.168.200.102connected to192.168.200.102. -(vsFTPd3.0.2) $AlwaysinchUTF8 mode. User (192.168.200.102:(None)): Msl23331Please specify the password. Password: theLogin successful.ftp>
linux[basic]-30-[vsftpd]-[Virtual user access]-[04]