VSFTPD server at the same time support anonymous users, local Users and virtual users three user accounts, the use of virtual user accounts can provide a centralized management of the FTP root directory to facilitate the management of administrators, while the FTP login for the user name, password and system user account open, Further enhance the security of the FTP server.
1. Add or change the following configuration statements in/etc/vsftpd/vsftpd.conf:
Copy Code code as follows:
Anonymous_enable=no (Of course you can also set Yes and allow anonymous users to log in)
Local_enable=yes (yes must be set, because the virtual user is mapped to this local user to access)
Guest_enable=yes (Enable virtual user)
Guest_username=virtual (created in step 5th to map a virtual user to a local user virtual)
Pam_service_name=vsftpd.vu (created in step 2nd to specify PAM configuration file, file already exists in/etc/pam.d/)
user_config_dir=/etc/vsftpd/user_conf (Create in step 7th, 8, specify the path to store different virtual user profiles)
2, in the/etc/pam.d/to modify the file Vsftpd.vu, contrast modified content:
Copy Code code as follows:
Auth Required pam_userdb.so Db=/etc/vsftpd/vsftpd_login
Account Required Pam_userdb.so Db=/etc/vsftpd/vsftpd_login
(/etc/vsftpd/vsftpd_login in the 3rd, 4 steps to create, user account password database file)
3, the establishment of user list/tmp/logins.txt content as follows
Copy Code code as follows:
Web (account number)
(User password)
Download (account number)
(User password)
Admin (account number)
(User password)
Note: Do not have blank line, one line account line password; Odd behavior account number, even action password
4, the establishment of visitor data files (if not can be installed: Yum install db4-utils)
#db_load-T-t hash-f/tmp/logins.txt/etc/vsftpd/vsftpd_login.db
5, the establishment of local virtual users:
Copy Code code as follows:
#useradd-D/home/ftp-s/sbin/nologin virtual
6. Create a directory in/home/ftp/and change its properties and its host
Copy Code code as follows:
#chown virtual/home/ftp
#chmod 700/home/ftp
7. Create FTP User Configuration Files directory:/etc/vsftpd/user_conf
Copy Code code as follows:
#mkdir/etc/vsftpd/user_conf
8. Create a profile web, download, admin, named by user name in the/etc/vsftpd/user_conf directory
The contents of the "download" file are as follows:
Copy Code code as follows:
Local_root=/home/ftp (Of course, you are happy can also be set to other, but pay attention to virtual user permissions on this directory)
Anon_world_readable_only=no (enable download users to download, can only download; write Yes, will not be able to list files and directories)
The "admin" file reads as follows:
Copy Code code as follows:
Local_root=/home/ftp
Anon_world_readable_only=no
Write_enable=yes (Write permission)
Anon_mkdir_write_enable=yes (new directory permissions)
Anon_upload_enable=yes (upload permission)
Anon_other_write_enable=yes (delete/rename permissions)
The contents of the Web file are as follows:
Copy Code code as follows:
Local_root=/var/www
Anon_world_readable_only=no
anon_umask=022 (due to the particularity of the Web page, it is set to upload file permission is 755, this mask value can be changed according to the specific circumstances)
Write_enable=yes (Write permission)
Anon_mkdir_write_enable=yes (new directory permissions)
Anon_upload_enable=yes (upload permission)
Anon_other_write_enable=yes (delete/rename permissions)
9. Finally, restart VSFTPD
Copy Code code as follows:
#/etc/init.d/vsftpd restart