Shulou(Shulou.com)06/01 Report--

vsftpd supported user types

Anonymous user-ftp: a system user automatically mapped on the server side

2. Local users--ordinary users: users added by useradd

3. Virtual user-A system user automatically mapped by the server. Multiple virtual users are mapped to a system user at the same time.

--But different virtual users can have different access rights, their permissions simulate anonymous users, their login methods simulate local users,

--By default, it can only be downloaded, not uploaded.

--does not exist in the system account data, safe, such as stored in mysql database

Set up MySQL virtual users

1. Install the software package

yum install gcc*

yum install mysql-server

yum install mysql-devel

yum install mysql

tar -xvf pam_mysql-0.7RC1.tar.gz

cd pam_mysql-0.7RC1

./ configure --with-mysql=/usr --with-openssl

make

make install

Copy pam_mysql module:

# cp /lib/security/pam_mysql.so /lib64/security/

Start MySQL database and add data

# /etc/init.d/mysqld restart

# mysql

mysql> create database vsftpd; --------Create a database

Query OK, 1 row affected (0.00 sec)

mysql> use vsftpd; =-------------use library

Database changed

mysql> create table users( ---------Create a table according to conditions

-> id INT AUTO_INCREMENT NOT NULL,

-> name CHAR(20) BINARY NOT NULL,

-> password CHAR(48) BINARY NOT NULL,

-> PRIMARY key(id))

-> ;

Query OK, 0 rows affected (0.03 sec)

mysql> DESC users; -----View this table

+----------+----------+------+-----+---------+----------------+

| Field | Type | Null | Key | Default | Extra |

+----------+----------+------+-----+---------+----------------+

| id | int(11) | NO | PRI | NULL | auto_increment |

| name | char(20) | NO | | NULL | |

| password | char(48) | NO | | NULL | |

+----------+----------+------+-----+---------+----------------+

3 rows in set (0.00 sec)

mysql> GRANT SELECT ON vsftpd.* TO vsftpd@localhost IDENTIFIED BY 'vsftpd'; ----Authorization

Query OK, 0 rows affected (0.01 sec)

mysql> GRANT SELECT ON vsftpd.* TO vsftpd@127.0.0.1 IDENTIFIED BY 'vsftpd'; ----AUTHORIZATION

mysql> FLUSH PRIVILEGES; ----Refresh database

mysql> INSERT INTO users (name,password) VALUE ('tom ',' redhat'),('jim ',' redhat'); ----Insert data into a table

Query OK, 2 rows affected (0.00 sec)

Records: 2 Duplicates: 0 Warnings: 0

mysql> select * from users; --------View added data in table

+----+------+----------+

| id | name | password |

+----+------+----------+

| 1 | tom | redhat |

| 2 | jim | redhat |

+----+------+----------+

2 rows in set (0.00 sec)

mysql> quit ---quit

# mysql -uvsftpd -p ----use vsftpd user login MySQL database password is vsftpd

Enter password:

mysql> SHOW DATABASES;

+--------------------+

| Database |

+--------------------+

| information_schema |

| test |

| vsftpd |

+--------------------+

3 rows in set (0.00 sec)

mysql> use vsftpd ----use this database

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

mysql> SHOW TABLES; ----View this table

+------------------+

| Tables_in_vsftpd |

+------------------+

| users |

+------------------+

1 row in set (0.00 sec)

mysql> select * from users; ----View data from this table

+----+------+----------+

| id | name | password |

+----+------+----------+

| 1 | tom | redhat |

| 2 | jim | redhat |

+----+------+----------+

2 rows in set (0.00 sec)

4. Documents required to establish pam certification

# vim /etc/pam.d/vsftpd.mysql

auth required /lib64/security/pam_mysql.so user=vsftpd passwd=vsftpd host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=0 sqllog=yes logtable=logs logmsgculumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1

account required /lib64/security/pam_mysql.so user=vsftpd passwd=vsftpd host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=0 sqllog=yes logtable=logs logmsgculumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1

pam_mysql. so//library files for linux to connect to mysql

user=vsftpd //User used to access Mysql.

passwd=vsftpd //corresponds to the user password.

host=localhost //stands for mysql locally.

db=vsftpd //Specifies the database on mysql.

table=users //Specifies the table where users are stored on mysql.

usercolumn=name //Specifies the column in which the user name is stored.

passwdcolumn=passwd //Specifies the column in which passwords are stored.

crypt=0

crypt=0 //crypt=0: plaintext password

//crypt=1: Use crpyt() function (corresponding to encrypt() in SQL data, encrypt() randomly generates salt)

//crypt=2: Encrypted using password() function in MYSQL

//crypt=3: indicates hashing using md5

5. Modify vsftpd configuration file

# useradd -s /sbin/nologin -d /var/ftproot vuser ---------Add a mapped virtual user, this is the virtual user's home directory

[root@xizjh security]# chmod go+rx /var/ftproot/

[root@xizjh security]# ls -ld /var/ftproot/

drwxr-xr-x. 2 vuser vuser 4096 Jan 4 21:45 /var/ftproot/

vim /etc/vsftpd/vsftpd.conf

guest_enable=YES

guest_username=vuser

pam_service_name=vsftpd.mysql

# /etc/init.d/vsftpd restart

Shutting down vsftpd: [ OK ]

Starting vsftpd for vsftpd:

At this point, the virtual user has been successfully established

Virtual users set permissions individually

# vim /etc/vsftpd/vsftpd.conf

user_config_dir=/etc/vsftpd/vusers

create a new directory

mkdir /etc/vsftpd/vusers

new file

cd /etc/vsftpd/vusers

touch tom jim

Specific permissions can be modified in the files of these virtual user names

Restart service effective

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.