The construction and deployment of Linux FTP management virtual users

Project Environment:

Xian Lingyun High-Tech Co., Ltd. because of business needs, the need to set up an FTP server. Due to the system stability and security and other aspects of the consideration. The company decided to use RHEL.4 as a server platform to install VSFTP packages on the platform. Consider system security and flow control during the installation process. Configure the VSFTP server to limit the maximum number of connections and the maximum transmission rate, so as to ensure the legality of the system resources.

Project Standard:

Can realize the FTP virtual directory upload and download to ensure the public virtual directory upload download. Set different permissions for different virtual directories.

Project implementation:

Before configuring the virtual directory, we have completed the installation of the VSFTP package. About the simple deployment of FTP "rookie learn Linux four: FTP installation and simple upload and download", in the configuration of virtual users when we first to understand the types of users have what kinds. In the VSFTPD server is supported by anonymous users, local users, virtual users three kinds of user accounts: But three kinds of accounts do apply to different occasions, anonymous users are "anonymous" or "FTP" users, anonymous can be used for everyone The local user account is the System user account in the FTP server, uses the FTP local user account to login the FTP server, the landing directory is the local user's host directory. Virtual user account is to ensure the security of the FTP server, by the VSFTPD server provided by the user account is not the system, the virtual user FTP login will be the designated directory as the FTP root directory, although local users and virtual users have similar functions, But virtual users are relatively safe and are gradually replacing local user accounts.

1.1.1.1. Create a virtual user password library file. When creating a virtual user library password, we need to be aware that the odd line in the file sets the user name of the virtual user. Even-numbered lines set the user's password. As shown in Figure 1-1, we create a user and password file named logins.tzt with a text editor (VI), which is set in Angeldevil password 123.com and user Zhangkeyuan password 123.com. In this experiment we take the user "Angeldevil" as a public account, and "Zhangkeyuan" as a private account;

1.1.1.2. Generate VSFTPD Certification files. Using the Db_load command to generate the authentication file, the value set by the "-F" command option is the virtual user's password file, or logins.txt. The command-only parameter setting requires the generated authentication filename sftpd--login.db, which is placed in "/etc/sftpd/". We'll look at the folder after the configuration is complete, as shown in Figure 1-2:

1.1.1.3. After the configuration is complete, we will set different permissions, where we just allow the administrator to read and write permissions, other users do not have the permissions, the purpose is to be more secure, the specific configuration as shown in Figure 1-3:

1.1.1.4. Set up the configuration file for the PAM required for the virtual account. In "/etc/pam.d/vsftpd.conf" to edit the configuration file, the name of the profile is Vsftpd.vu, of course, we still use text editing (VI) to edit "/etc/pam.d/vsftpd.conf", When the edit is complete, we'll look at the edited configuration file. As shown in Figure 1-4:

1.1.1.5. Create a different directory for the virtual user. We are also here to create the corresponding system user for the virtual account, as shown in Figure 1-5: