Recently contacted by a project, the customer needs to build an FTP server. The specific requirements are: The system uses Red Hat 6.4 64-bit operating system, create 20 FTP users, these users have their own independent working directory, and upload, download, delete and other permissions, create an FTP administrative user, this user has to manage the above 20 FTP user directory permissions.
Take a closer look. It is difficult to implement the above requirement by using local user to set permissions control of genus group and file directory, so the thought of using FTP virtual user, and FTP virtual user security is high, can not log into the system, can only access the FTP server.
The following begins to build an FTP server in your own virtual machine environment based on customer requirements.
Lab Environment:
Operating system: Red Hat 5.8 64 for;
Installation software: Vsftpd,db4-utils
Create a virtual user Password vault file
Enter the/ETC/VSFTPD directory, create the Vuser_list file, add the required virtual user and password, add the format is a line of user name, immediately followed by a line of password, the file does not have blank lines, such as,
VI vuser_listadminadminhuaxia123456chinapay123456baofu123456albb123456
2. Production of virtual user password Authentication file
Use the Db_load command to generate a password authentication file, which needs to be placed in the/etc/vsftpd/directory, note that the Db4-utils software is installed to use the Db_load command,
Db_load-t-T Hash-f vuser_list/etc/vsftpd/vsftpd_login.db
Change the permissions of the authentication file vsftpd_login.db,
chmod 600/etc/vsftpd/vsftpd_login.db
3. Change the PAM configuration file for vsftpd to use the generated virtual user authentication file when validating the client
After you edit the/etc/pam.d/vsftpd file, annotate all the content, add:
Auth required pam_userdb.so Db=/etc/vsftpd/vsftpd_loginaccount required pam_userdb.so Db=/etc/vsftpd/vsftpd_login
4. Add a system user Virtuser to login for all virtual users
All FTP virtual users correspond to this virtual user, the virtual user uses the Virtuser user to log on the FTP server,
useradd-d/var/ftp/virtuser-s/sbin/nologin Virtuser
5. Set VSFTPD Master profile vsftpd.conf
Make a backup of the vsftpd.conf configuration file before modifying it.
Modify or add content in the vsftpd.conf configuration file
VI vsftpd.conf anonymous_enable=no Disable anonymous user login local_enable=yespam_service_name=vsftpd configuration vsftpd The PAM module used for Vsftpduser_ config_dir=/etc/vsftpd/vsftpd_user_conf Setting the home directory of the virtual account profile
6. Create a virtual user's profile and working directory
1> Create a configuration file for a virtual user
Only the configuration files for the created virtual user can use the FTP virtual user.
Create the vsftpd_user_conf directory under the/etc/vsftpd/directory,
mkdir vsftpd_user_conf
In the vsftpd_user_conf directory, create a user file with the same name as the virtual User Password library file vuser_list,
Touch Admintouch Huaxiatouch Chinapaytouch Baofutouch ALBB
Edit the virtual user profile separately, add the configuration information, manage the user's home directory in the/var/ftp/virtuser/directory, the other virtual user's home directory is placed in the/var/ftp/virtuser/admin directory, The purpose of implementing Admin user to manage other virtual users,
GUEST_ENABLE=YESLOCAL_ROOT=/VAR/FTP/VIRTUSER/ADMIN specifies the path of the virtual user under the system user, restricts the virtual user's home directory, the virtual user The home directory after logging in. Guest_username=virtuseranon_world_readable_only=no Browse ftp directory and download anon_upload_enable=yes allow upload a Non_mkdir_write_enable=yes Creating and deleting directories Anon_other_write_enable=yes renaming and deleting files
2> Create a working directory for a virtual user
Mkdir-p/var/ftp/virtuser/admin mkdir-p/VAR/FTP/VIRTUSER/ADMIN/ALBB mkdir-p/var/ftp/virtuser /admin/baofu mkdir-p/var/ftp/virtuser/admin/chinapay mkdir-p/var/ftp/virtuser/admin/huaxia Chow N-r virtuser:virtuser/var/ftp/virtuser/
7. Restart the VSFTPD service so that all configuration file settings take effect
Service VSFTPD Restart
8. Test whether the requirements are met
1>.admin User Login
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/59/80/wKiom1TUcBmytScfAAEpmr8vu90058.jpg "title=" $ Bgjb@0j_5eh$e (YL3@60ZW.png "alt=" Wkiom1tucbmytscfaaepmr8vu90058.jpg "/>
You can see the directory of other virtual users,
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/59/80/wKiom1TUcGSSv9Z5AAGQIs3ZC0Q952.jpg "title=" N2 ' R ' @ k@)) u8~ggh9um[kii.png "alt=" Wkiom1tucgssv9z5aagqis3zc0q952.jpg "/>
2> other Virtual user logins
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/59/80/wKiom1TUclGjRRj9AAEtQpcfagg874.jpg "title=" O} 6rq62vth33nzrq6cd{ap4.png "alt=" Wkiom1tuclgjrrj9aaetqpcfagg874.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/59/80/wKiom1TUcsHRJzhOAAM1be-ZP0M378.jpg "title=" i6_ 8z9m@7@) X56YTUXOX@5Y.png "alt=" Wkiom1tucshrjzhoaam1be-zp0m378.jpg "/>
This article is from the "Xiaozhizh" blog, make sure to keep this source http://xiaozhizhi.blog.51cto.com/9698292/1612406
Using a Linux FTP virtual user to build an FTP server
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
