Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how to install vsftpd and configure virtual users under CentOS6.4". In daily operation, I believe that many people have doubts about how to install vsftpd and configure virtual users under CentOS6.4. Xiaobian consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful to answer the doubts of "how to install vsftpd and configure virtual users under CentOS6.4". Next, please follow the editor to study!

One: install vsftpd

Check to see if vsftpd is installed

The code is as follows:

Rpm-qa | grep vsftpd

If not, install and set up boot

The code is as follows:

Yum-y install vsftpd

Chkconfig vsftpd on

Second: configuration based on virtual users

The so-called virtual user is not using a real account, just by mapping to a real account and setting permissions. Virtual users cannot log in to the CentOS system.

Modify the configuration file

Open / etc/vsftpd/vsftpd.conf and configure as follows

The code is as follows:

Anonymous_enable=NO / / set not to allow anonymous access

Local_enable=YES / / sets it accessible to local users. Note: if a virtual host user is used, all virtual users will not be able to access it if the project is set to NO

Chroot_list_enable=YES / / prevents users from leaving the home directory

Ascii_upload_enable=YES

Ascii_download_enable=YES / / sets upload and download functions that support ASCII mode

Pam_service_name=vsftpd / / PAM authentication file name. PAM will authenticate according to / etc/pam.d/vsftpd

The following are important configuration items for vsftpd virtual user support. These configuration items are not included in the default vsftpd.conf and need to be added manually.

The code is as follows:

Guest_enable=YES / / set to enable virtual user function

Guest_username=ftp / / specifies the host user of the virtual user. There is already a built-in ftp user in CentOS

User_config_dir=/etc/vsftpd/vuser_conf / / sets the CentOS FTP service file storage path of the virtual user's personal vsftp. Store the CentOS FTP service file of the virtual user's personality (profile name = virtual user name)

Carry out authentication

First of all, to install the Berkeley DB tool, the problem for many people who can't find db_load is that the package is not installed.

The code is as follows:

Yum install db4 db4-utils

Then, create the user password text / etc/vsftpd/vuser_passwd.txt, and note that the odd line is the user name and the even line is the password

The code is as follows:

Test

123456

Next, generate a db file for virtual user authentication

The code is as follows:

Db_load-T-t hash-f / etc/vsftpd/vuser_passwd.txt / etc/vsftpd/vuser_passwd.db

Then, edit the authentication file / etc/pam.d/vsftpd, comment out all the original statements, and add the following two sentences:

The code is as follows:

Auth required pam_userdb.so db=/etc/vsftpd/vuser_passwd

Account required pam_userdb.so db=/etc/vsftpd/vuser_passwd

Finally, create a virtual user profile

The code is as follows:

Mkdir / etc/vsftpd/vuser_conf/

The vi / etc/vsftpd/vuser_conf/test / / file name is equal to the account name in vuser_passwd.txt, otherwise the following settings are invalid

The contents are as follows

The code is as follows:

Local_root=/ftp/www / / virtual user root directory, which can be modified according to the actual situation

Write_enable=YES / / writable

Anon_umask=022 / / mask

Anon_world_readable_only=NO

Anon_upload_enable=YES

Anon_mkdir_write_enable=YES

Anon_other_write_enable=YES

Set up Selinux

The code is as follows:

Setsebool-P ftp_home_dir=1 / / set ftp can use the home directory

Sersebool-P allow_ftpd_full_access=1 / / set ftp users can have all permissions

Set FTP root permissions

The code is as follows:

Mkdir / ftp/www / / create a directory

Chmod R 755 / ftp

Chmod R 777 / ftp/www

The latest vsftpd requires no write permission to the home directory, so the ftp is 755, and the subdirectories under the home directory are set to 777 permissions.

Set up a firewall

Open / etc/sysconfig/iptables

Under "- An INPUT-m state-- state NEW-m tcp-p-dport 22-j ACCEPT", add:

The code is as follows:

-An INPUT m state-- state NEW m tcp p dport 21 j ACCEPT

Then save and close the file, and run the following command in the terminal to refresh the firewall configuration:

The code is as follows:

Service iptables restart

OK, run "service vsftpd start" and you can access your FTP server.

Configure PASV mode

Vsftpd does not enable PASV mode by default. Now FTP can only be connected through PORT mode. To enable PASV by default, you need to use the following configuration

Open / etc/vsftpd/vsftpd.conf and add at the end

The code is as follows:

Pasv_enable=YES / / enable PASV mode

Pasv_min_port=40000 / / minimum port number

Pasv_max_port=40080 / / maximum port number

Pasv_promiscuous=YES

Open ports 40000 to 40080 in the firewall configuration

The code is as follows:

-An INPUT m state-- state NEW m tcp p dport 40000ACCEPT 40080j

Restart iptabls and vsftpd

The code is as follows:

Service iptables restart

Service vsftpd restart

Now you can use PASV mode to connect to your FTP server.

At this point, the study on "how to install vsftpd and configure virtual users under CentOS6.4" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.