Користувальницькькі налаштування

Налаштування сайту


vsftpd

Розбіжності

Тут показані розбіжності між вибраною ревізією та поточною версією сторінки.

Посилання на цей список змін

vsftpd [2013/09/20 10:50]
wombat створено
vsftpd [2015/12/17 12:02] (поточний)
wombat Clean Formatting
Рядок 1: Рядок 1:
  
 +  # db_load -T -t hash -f virtual-users.txt /​etc/​vsftpd/​virtual-users.db
 +
 +2. Virtual users and authentication
 +
 +We are going to use pam_userdb to authenticate the virtual users. This needs a username / password file in `db’ format – a common database format. We need `db_load’ program. For CentOS, Fedora, you may install the package `db4-utils’:​
 +
 +  # yum install db4-utils
 +
 +For Ubuntu,
 +
 +  # apt-get install db4.2-util
 +
 +To create a `db’ format file, first create a plain text file `virtual-users.txt’ with the usernames and passwords on alternating lines:
 +
 +  mary
 +  123456
 +  jack
 +  654321
 +
 +Then execute the following command to create the actual database:
 +
 +  # db_load -T -t hash -f virtual-users.txt /​etc/​vsftpd/​virtual-users.db
 +
 +Now, create a PAM file /​etc/​pam.d/​vsftpd-virtual which uses your database:
 +
 +  auth required pam_userdb.so db=/​etc/​vsftpd/​virtual-users
 +  account required pam_userdb.so db=/​etc/​vsftpd/​virtual-users
 +
 +3. Configuration of VSFTPD
 +
 +Create a configuration file /​etc/​vsftpd/​vsftpd-virtual.conf,​
 +
 +<file "​conf"​ "/​etc/​vsftpd/​vsftpd-virtual.conf">​
 +# disables anonymous FTP
 +anonymous_enable=NO
 +# enables non-anonymous FTP
 +local_enable=YES
 +# activates virtual users
 +guest_enable=YES
 +# virtual users to use local privs, not anon privs
 +virtual_use_local_privs=YES
 +# enables uploads and new directories
 +write_enable=YES
 +# the PAM file used by authentication of virtual uses
 +pam_service_name=vsftpd-virtual
 +# in conjunction with '​local_root',​
 +# specifies a home directory for each virtual user
 +user_sub_token=$USER
 +local_root=/​var/​www/​virtual/​$USER
 +# the virtual user is restricted to the virtual FTP area
 +chroot_local_user=YES
 +# hides the FTP server user IDs and just display "​ftp"​ in directory listings
 +hide_ids=YES
 +# runs vsftpd in standalone mode
 +listen=YES
 +# listens on this port for incoming FTP connections
 +listen_port=60021
 +# the minimum port to allocate for PASV style data connections
 +pasv_min_port=62222
 +# the maximum port to allocate for PASV style data connections
 +pasv_max_port=63333
 +# controls whether PORT style data connections use port 20 (ftp-data)
 +connect_from_port_20=YES
 +# the umask for file creation
 +local_umask=022
 +</​file>​
 +
 +4. Creation of home directories
 +
 +Create each user’s home directory in /​var/​www/​virtual,​ and change the owner of the directory to the user `ftp’:
 +
 +  # mkdir /​var/​www/​virtual/​mary
 +  # chown ftp:ftp /​var/​www/​virtual/​mary
 +
 +5. Startup of VSFTPD and test
 +Now we can start VSFTPD by the command:
 +
 +  # /​usr/​sbin/​vsftpd /​etc/​vsftpd/​vsftpd-virtual.conf
 +
 +and test the FTP access of a virtual user:
 +
 +  # lftp -u mary -p 60021 192.168.1.101
 +
 +[[https://​security.appspot.com/​vsftpd.html | Home page]]
vsftpd.txt · В останнє змінено: 2015/12/17 12:02 by wombat