VSFTP+MARIADB for anonymous authentication of FTP

Last Update:2016-12-08 Source: Internet

Author: User

Tags crypt

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

VSFTP+MARIADB for anonymous authentication of FTP

Mysql:

172.20.1.11 as a service side of MySQL, the installation process is slightly

Create a database and authorize a remote account

MariaDB [(None)]> CREATE Database vsftpd;

MariaDB [(None)]> GRANT Select on vsftpd.* to ' ftpuser ' @ '% ' identified by ' 123456 ';

MariaDB [(None)]> flush privileges;

MariaDB [(None)]> use vsftpd;

Database changed

MariaDB [vsftpd]> CREATE TABLE users (

-ID int auto_increment NOT NULL,

, name char (a) binary NOT NULL,

Password char () binary NOT NULL,

Primary key (ID));

MariaDB [vsftpd]>

Insert into users (Name,password) VALUES (' Zhangsan ', password (' Zhangsan ')), (' Lisi ', password (' Lisi '));

VSFTPD:

172.20.1.10 vsftp server needs to be installed VSFTPD and Pam_mysql (Epel source, is Pam connection MySQL driver, Epel source needs to be configured separately)

[email protected] ~]# Yum install vsftpd pam_mysql

Establish the required files for PAM Certification

[Email protected] log]# RPM-QL pam_mysql

/lib64/security/pam_mysql.so share the path of the module, the following will be used to get

/usr/share/doc/pam_mysql-0.7

/usr/share/doc/pam_mysql-0.7/copying

/usr/share/doc/pam_mysql-0.7/credits

/usr/share/doc/pam_mysql-0.7/changelog

/usr/share/doc/pam_mysql-0.7/news

/usr/share/doc/pam_mysql-0.7/readme

[[email protected] vsftpd]# Vim/etc/pam.d/vsftpd.mysql (not available, created)

Auth required/lib64/security/pam_mysql.so user=ftpuser passwd=123456 host=172.20.1.11 db=vsftpd table=users Usercolumn=name Passwdcolumn=password crypt=2

Account required/lib64/security/pam_mysql.so user=ftpuser passwd=123456 host=172.20.1.11 db=vsftpd table=users Usercolumn=name Passwdcolumn=password crypt=2

Create a system user (virtual user needs a system user)

[Email protected] vsftpd]# useradd-s/sbin/nologin-d/var/ftproot vuser

[Email protected] vsftpd]# chmod go+rx/var/ftproot

Make sure that the following options are enabled in/etc/vsftpd/vsftpd.conf

Anonymous_enable=yes

Local_enable=yes

Write_enable=yes

Anon_upload_enable=no

Anon_mkdir_write_enable=no

Chroot_local_user=yes

Then add the following options

Guest_enable=yes

Guest_username=vuser

And make sure that the value of the Pam_service_name option is as follows

Pam_service_name=vsftpd.mysql

At this point vsftpd can be turned on normally, but when you log in with a virtual user, all permissions are the same

Assigning different permissions to different virtual users

Edit/etc/vsftpd/vsftpd.conf Add as downstream

User_config_dir=/etc/vsftpd/vusers_config

[[email protected] vsftpd]# Mkdir/etc/vsftpd/vusers_config directory does not exist, created

[Email protected] vsftpd]# Cd/etc/vsftpd/vusers_config

[[email protected] vusers_config]# Touch Zhangsan Lisi Create a file for each virtual user with content that defines its permissions

Commonly used are:

Anon_upload_enable={yes|no} Whether the upload operation is allowed

Anon_mkdir_write_enable={yes|no} Whether write operations are allowed

Anon_other_write_enable={yes|no} Whether delete operations are allowed

[email protected] vusers_config]# cat Zhangsan Lisi

Anon_upload_enable=yes

Anon_mkdir_write_enable=yes

Anon_other_write_enable=yes

Anon_upload_enable=yes

Anon_mkdir_write_enable=no

Anon_other_write_enable=no

Zhangsan User Login effect, can upload, rename and delete

650) this.width=650; "title=" clip_image001 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image001 "src=" http://s3.51cto.com/wyfs02/M02/8B/41/ Wkiol1hiuwghq3cdaabkbukhgoi298.png "" 364 "height=" 172 "/>

650) this.width=650; "title=" clip_image002 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image002 "src=" http://s3.51cto.com/wyfs02/M00/8B/41/ Wkiol1hiuwhxcbsaaaa37mmm1wo707.png "" 366 "height=" 113 "/>

Lisi User Login effect, can upload, but not to rename and delete

650) this.width=650; "title=" clip_image004 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image004 "src=" http://s3.51cto.com/wyfs02/M01/8B/41/ Wkiol1hiuwkjvv6laabgdrf2dlm428.jpg "" 368 "height=" 201 "/>

If you prohibit uploading, creating, renaming, deleting, etc.

VSFTP+MARIADB for anonymous authentication of FTP

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More