Shulou(Shulou.com)06/03 Report--

1. Experimental environment

Operating system: CentOS 7

II. Installation

Turn off SELINUX:

Vim / etc/selinux/configSELINUX=disable

Temporary shutdown:

Setenforce 0

3. Install vsftpd service:

1. Install vsftp using the installation yum:

Yum-y install vsftp

two。 Back up the vsftp master configuration file:

Cp / etc/vsftpd/vsftpd.conf {, .bak}

4. Configure virtual users to access vsftp service:

1. Create a virtual user password file:

User1password1user2password2

two。 Generate a virtual user database:

Yum-y install libdb-utilsdb_load-T-t hash-f / etc/vsftpd/vir_user / etc/vsftpd/vir_user.dbchmod 700 / etc/vsftpd/vir_user.db

3. Configuration verification file:

Configure the file before modification

Cp / etc/pam.d/vsftpd {, .bak}

Comment out all the configuration lines for auth and account, and add the following two lines

Vim / etc/pam.d/vsftpdauth required pam_userdb.so db=/etc/vsftpd/vir_user account required pam_userdb.so db=/etc/vsftpd/vir_user

4. Add a system user:

Mkdir / ftprootuseradd-d / ftproot-s / sbin/nologin virftpchown-R virftp:virftp / ftproot

5. Configure the vsftp master profile:

Vim / etc/vsftpd/vsftpd.conf

# prohibit anonymous users from logging in

Anonymous_enable=NO# allows local users to log in to local_enable=YES# enable virtual account guest_enable=YES# to map virtual accounts to system accounts virftp guest_username=virftp# using virtual user authentication (PAM authentication) pam_service_name=vsftpd# sets the directory where each virtual user profile is stored (the same file as the virtual user name in this directory is his profile) when user_config_dir=/etc/vsftpd/vsftpd_viruser# enables chroot The virtual user root directory allows you to write to the allow_writeable_chroot=YES configuration virtual user's respective profiles:

Create a storage directory for 'virtual user profile'

Mkdir / etc/vsftpd/vsftpd_viruser/

Create and configure respective profiles for virtual users with the file name 'virtual user name

Vim / etc/vsftpd/vsftpd_viruser/user1# allows writing write_enable=YES# allows browsing FTP directories and downloading anon_world_readable_only=NO# allows virtual users to upload files anon_upload_enable=YES# allows virtual users to create directories anon_mkdir_write_enable=YES# allows virtual users to perform other operations (such as renaming, deleting) anon_other_write_enable=YES# uploads file masks, such as 022 Upload directory permission is 755, file permission is 644anon_umask=022# to specify virtual user's virtual directory (virtual user's home directory after login) local_root=/ftproot/admin/

Create the root directory of the virtual user, and ensure that the system user mapped by the virtual user has read and write access to this root directory.

Mkdir-p / ftproot/admin/chown-R virftp.virftp / ftproot/admin/

Cancel all the contents.

Vim / etc/vsftpd/ftpusers

5. Test configuration results:

1. Restart the vsftpd service

Systemctl restart vsftpdsystemctl enable vsftpd

two。 Turn off the firewall:

Setenforce 0systemctl stop firewalld

3. Using FileZilla tool to connect testing

VI. Description of each configuration file:

/ etc/vsftpd/vsftpd.conf: vsftpd's main configuration file / etc/vsftpd/vir_user: virtual user's account password file / etc/vsftpd/vsftpd_viruser/user1: virtual user 'user1' 's configuration file / etc/pam.d/vsftpd Profile that enables virtual user authentication

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.