Тут показані розбіжності між вибраною ревізією та поточною версією сторінки.
Наступна ревізія | Попередня ревізія | ||
vsftpd [2013/09/20 13:50] wombat створено |
vsftpd [2015/12/17 14:02] (поточний) wombat Clean Formatting |
||
---|---|---|---|
Рядок 1: | Рядок 1: | ||
- | # db_load -T -t hash -f virtual-users.txt /etc/vsftpd/virtual-users.db | + | # db_load -T -t hash -f virtual-users.txt /etc/vsftpd/virtual-users.db |
2. Virtual users and authentication | 2. Virtual users and authentication | ||
Рядок 6: | Рядок 6: | ||
We are going to use pam_userdb to authenticate the virtual users. This needs a username / password file in `db’ format – a common database format. We need `db_load’ program. For CentOS, Fedora, you may install the package `db4-utils’: | We are going to use pam_userdb to authenticate the virtual users. This needs a username / password file in `db’ format – a common database format. We need `db_load’ program. For CentOS, Fedora, you may install the package `db4-utils’: | ||
- | # yum install db4-utils | + | # yum install db4-utils |
For Ubuntu, | For Ubuntu, | ||
- | # apt-get install db4.2-util | + | # apt-get install db4.2-util |
To create a `db’ format file, first create a plain text file `virtual-users.txt’ with the usernames and passwords on alternating lines: | To create a `db’ format file, first create a plain text file `virtual-users.txt’ with the usernames and passwords on alternating lines: | ||
- | mary | + | mary |
- | 123456 | + | 123456 |
- | jack | + | jack |
- | 654321 | + | 654321 |
Then execute the following command to create the actual database: | Then execute the following command to create the actual database: | ||
- | # db_load -T -t hash -f virtual-users.txt /etc/vsftpd/virtual-users.db | + | # db_load -T -t hash -f virtual-users.txt /etc/vsftpd/virtual-users.db |
Now, create a PAM file /etc/pam.d/vsftpd-virtual which uses your database: | Now, create a PAM file /etc/pam.d/vsftpd-virtual which uses your database: | ||
- | auth required pam_userdb.so db=/etc/vsftpd/virtual-users | + | auth required pam_userdb.so db=/etc/vsftpd/virtual-users |
- | account required pam_userdb.so db=/etc/vsftpd/virtual-users | + | account required pam_userdb.so db=/etc/vsftpd/virtual-users |
3. Configuration of VSFTPD | 3. Configuration of VSFTPD | ||
Рядок 32: | Рядок 32: | ||
Create a configuration file /etc/vsftpd/vsftpd-virtual.conf, | Create a configuration file /etc/vsftpd/vsftpd-virtual.conf, | ||
+ | <file "conf" "/etc/vsftpd/vsftpd-virtual.conf"> | ||
# disables anonymous FTP | # disables anonymous FTP | ||
anonymous_enable=NO | anonymous_enable=NO | ||
Рядок 64: | Рядок 65: | ||
# the umask for file creation | # the umask for file creation | ||
local_umask=022 | local_umask=022 | ||
+ | </file> | ||
4. Creation of home directories | 4. Creation of home directories | ||
Рядок 69: | Рядок 71: | ||
Create each user’s home directory in /var/www/virtual, and change the owner of the directory to the user `ftp’: | Create each user’s home directory in /var/www/virtual, and change the owner of the directory to the user `ftp’: | ||
- | # mkdir /var/www/virtual/mary | + | # mkdir /var/www/virtual/mary |
- | # chown ftp:ftp /var/www/virtual/mary | + | # chown ftp:ftp /var/www/virtual/mary |
5. Startup of VSFTPD and test | 5. Startup of VSFTPD and test | ||
Now we can start VSFTPD by the command: | Now we can start VSFTPD by the command: | ||
- | # /usr/sbin/vsftpd /etc/vsftpd/vsftpd-virtual.conf | + | # /usr/sbin/vsftpd /etc/vsftpd/vsftpd-virtual.conf |
and test the FTP access of a virtual user: | and test the FTP access of a virtual user: | ||
- | # lftp -u mary -p 60021 192.168.1.101 | + | # lftp -u mary -p 60021 192.168.1.101 |
[[https://security.appspot.com/vsftpd.html | Home page]] | [[https://security.appspot.com/vsftpd.html | Home page]] |