Vsftp+mysql Virtual User Configuration

Source: Internet
Author: User
Tags crypt openssl

  
 
  1. VSFTP+MySQL虚拟用户配置
  2. 1、 安装vsftp软件
  3. download vsftp (latest version) software: wget ftp :// vsftpd beasts org / users / cevans / vsftpd - 2.1 0.tar gz
  4. 如果要开始ssl功能的话,安装vsftp之前要先安装openssl-0.9.8g.tar.gz包
  5. [[email protected] ftp]# tar xzvf openssl-0.9.8g.tar.gz
  6. [[email protected] ftp]# cd openssl-0.9.8g
  7. [[email protected] openssl-0.9.8g]# ./config
  8. [[email protected] openssl-0.9.8g]# make && make install
  9. 安装vsftp:
  10. [[email protected] ftp]# tar xzvf vsftpd-2.1.0.tar.gz
  11. [[email protected] ftp]# cd vsftpd-2.1.0
  12. [[email protected] vsftpd-2.1.0]# vi builddefs.h
  13. #ifndef VSF_BUILDDEFS_H
  14. #define VSF_BUILDDEFS_H
  15. #undef VSF_BUILD_TCPWRAPPERS
  16. #define VSF_BUILD_PAM
  17. #undef VSF_BUILD_SSL
  18. #endif /* VSF_BUILDDEFS_H */
  19. 把undef都更改成define,支持tcp_wrappers,支持PAM认证方式,支持SSL
  20. 不知道为什么用2.10.0版本的时候make的时候老是出现:
  21. ssl.o(.text+0x760): In function `ssl_cert_digest‘:
  22. : undefined reference to `EVP_sha256‘
  23. collect2: ld returned 1 exit status
  24. make: *** [vsftpd] Error 1
  25. 所以换成2.0.3版本!
  26. [[email protected] vsftpd-2.0.3]# make
  27. [[email protected] vsftpd-2.0.3]# ls -l vsftpd
  28. -rwxr-xr-x 1 root root 85932 Mar 23 14:53 vsftpd //可执行程序安装成功
  29. 创建必要的帐号,目录:
  30. # useradd nobody //可能你的系统已经存在此帐号,那就不用建立
  31. # mkdir /usr/share/empty //可能你的系统已经存在此目录,那就不用建立
  32. # mkdir /var/ftp //可能你的系统已经存在此目录,那就不用建立
  33. # useradd -d /var/ftp ftp //可能你的系统已经存在此帐号,那就不用建立
  34. # chown root:root /var/ftp
  35. # chmod og-w /var/ftp
  36. 请记住,如果你不想让用户在本地登陆,那么你需要把他的登陆SHELL设置成/sbin/nologin,比如以上的nobody和ftp我就设置成/sbin/nologin
  37. 安装vsftp配置文件,可执行程序,man等:
  38. # install -m 755 vsftpd /usr/local/sbin/vsftpd
  39. # install -m 644 vsftpd.8 /usr/share/man/man8
  40. # install -m 644 vsftpd.conf.5 /usr/share/man/man5
  41. # install -m 644 vsftpd.conf /etc/vsftpd.conf
  42. 这样vsftp的安装就完成了
  43. 2、 安装mysql数据库,并进行相关的设置
  44. Mysql的安装就不说了,这里只说明对mysql数据库的相关操作:
  45. (1) 建立一个库并设置相应权限
  46. [[email protected] vsftpd-2.0.3]# mysql –uroot
  47. mysql>create database ftpd;
  48. mysql>use ftpd;
  49. mysql>create table user(name char(20) binary,passwd char(20) binary);
  50. mysql>insert into user (name,passwd) values (‘zhang1‘,‘123456‘);
  51. mysql>insert into user (name,passwd) values (‘zhang2‘,‘654321‘);
  52. mysql>grant select on ftpd.user to [email protected] identified by ‘123456‘;
  53. mysql>flush privileges; 刷新权限设置
  54. mysql>quit
  55. (2) 测试ftpd对数据库的权限是否OK!
  56. 3、 下载、安装、编译pam-mysql
  57. http://nchc.dl.sourceforge.net/sourceforge/pam-mysql/pam_mysql-0.5.tar.gz
  58. [[email protected] ftp]# tar xzvf pam_mysql-0.5.tar.gz
  59. [[email protected] ftp]# cd pam_mysql
  60. [[email protected] pam_mysql]# cp pam_mysql.so /lib/security/
  61. 4、 建立PAM认证信息
  62. vi /etc/pam.d/ftp ,内容如下
  63. auth required /lib/security/pam_mysql.so user=ftpd passwd=123456 host=localhost db=ftpd table=user usercolumn=name passwdcolumn=passwd crypt=0
  64. account required /lib/security/pam_mysql.so user=ftpd passwd=123456 host=localhost db=ftpd table=user usercolumn=name passwdcolumn=passwd crypt=0
  65. 注意:
  66. crypt= n
  67. crypt=0: 明文密码
  68. crypt=1: 使用crpyt()函数(对应SQL数据里的encrypt(),encrypt()随机产生salt)
  69. crypt=2: 使用MYSQL中的password()函数加密
  70. crypt=3:表示使用md5的散列方式
  71. 5、 建立本地虚拟用户:
  72. useradd -d /home/ftpd -s /sbin/nologin ftpd
  73. 6、 修改配置文件:
  74. anonymous_enable=NO
  75. local_enable=YES
  76. write_enable=YES
  77. local_umask=022
  78. anon_upload_enable=YES
  79. anon_mkdir_write_enable=YES
  80. anon_other_write_enable=YES
  81. chroot_local_user=YES
  82. guest_enable=YES
  83. guest_username=ftpd
  84. listen=YES
  85. listen_port=21
  86. pasv_enable=YES
  87. pasv_min_port=30000
  88. pasv_max_port=30999
  89. anon_world_readable_only=NO
  90. virtual_use_local_privs=YES
  91. 7、 启动vsftpd
  92. /usr/local/sbin/vsftpd /etc/vsftpd.conf & //后台运行!
  93. 8、 Test
  94. [[email protected] vsftpd-2.0.3]# ftp 127.0.0.1
  95. Connected to 127.0.0.1.
  96. 220 (vsFTPd 2.0.3)
  97. 530 Please login with USER and PASS.
  98. 530 Please login with USER and PASS.
  99. KERBEROS_V4 rejected as an authentication type
  100. Name (127.0.0.1:root): zhang1
  101. 331 Please specify the password.
  102. Password:
  103. 230 Login successful. \\已经登录成功了!
  104. Remote system type is UNIX.
  105. Using binary mode to transfer files.
  106. ftp> quit
  107. 221 Goodbye.



From for notes (Wiz)

Vsftp+mysql Virtual User Configuration

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.