CentOS下配置vsftpd
作者:佚名
CentOS下配置vsftpd還是比較常用的,這里所講解介紹centos vsftpd的安裝。CentOS Linux與RHEL產(chǎn)品有著嚴(yán)格的版本對(duì)應(yīng)關(guān)系。那么該如何在CentOS下配置vsftpd?本章將一一簡述,CentOS下配置vsftpd
1、通過YUM安裝必需的vsftpd, pam, pam-devel;
2、通過編譯安裝必需的pam_mysql(下面附件里);
3、修改默認(rèn)vsftpd配置文件 (/etc/vsftpd/vsftpd.conf)以及添加ftp用戶的權(quán)限配置文件(/etc/vsftpd/vconf/);
4、添加虛擬系統(tǒng)用戶,及其ftp用戶登錄認(rèn)證數(shù)據(jù)庫;
5、修改vsftpd默認(rèn)的pam配置文件 (/etc/pam.d/vsftpd);
6、添加ftp端口到防火墻,重啟vsftpd服務(wù),測試ftp虛擬用戶登錄。
1)
- [simonsun@magic ~]$ sudo yum install vsftpd pam pam-devel
目前的版本為
vsftpd - 2.0.5-12.el5, pam - 0.99.6.2-3.27.el5, pam-devel - 0.99.6.2-3.27.el5。
2)
- [simonsun@magic ~]$ wget http://prdownloads.sourceforge.net/pam-mysql/pam_mysql-0.7RC1.tar.gz
- [simonsun@magic ~]$ tar zxvf pam_mysql-0.7RC1.tar.gz
- [simonsun@magic ~]$ ls pam_mysql-0.7RC1
- acinclude.m4 config.guess configure CREDITS ltmain.sh missing pam_mysql.c pkg.m4
- aclocal.m4 config.h.in configure.in INSTALL Makefile.am mkinstalldirs pam_mysql.spec README
- ChangeLog config.sub COPYING install-sh Makefile.in NEWS pam_mysql.spec.in stamp-h.in
- [simonsun@magic ~]$ vim pam_mysql-0.7RC1/configure
#修改configure中的一個(gè)bug,將下面的一段修改,加上#include
=================================
- #include
- #include
- int
- main ()
- {
- md5_calc(0, 0, 0);
- ;
- return 0;
- }
=================================
- [simonsun@magic ~]$ cd pam_mysql-0.7RC1
- [simonsun@magic pam_mysql-0.7RC1]$ ./configure
- [simonsun@magic pam_mysql-0.7RC1]$ make
- [simonsun@magic pam_mysql-0.7RC1]$ sudo make install
- [simonsun@magic pam_mysql-0.7RC1]$ sudo cp /usr/lib/security/pam_mysql.* /lib/security/
3)
- [simonsun@magic ~]$ sudo vim /etc/vsftpd/vsftpd.conf
======================================
- anonymous_enable=NO
- local_enable=YES
- write_enable=YES
- local_umask=022
- #anon_upload_enable=YES
- #anon_mkdir_write_enable=YES
- dirmessage_enable=YES
- xferlog_enable=YES
- connect_from_port_20=YES
- #chown_uploads=YES
- #chown_username=whoever
- xferlog_file=/var/log/vsftpd.log
- xferlog_std_format=YES
- #idle_session_timeout=600
- #data_connection_timeout=120
- #nopriv_user=ftpsecure
- #async_abor_enable=YES
- #ascii_upload_enable=YES
- #ascii_download_enable=YES
- ftpd_banner=Welcome to Magic Linux FTP service.
- #deny_email_enable=YES
- # (default follows)
- #banned_email_file=/etc/vsftpd/banned_emails
- chroot_local_user=YES
- #chroot_list_enable=YES
- # (default follows)
- #chroot_list_file=/etc/vsftpd/chroot_list
- #ls_recurse_enable=YES
- listen=YES
- listen_port=21
- #listen_ipv6=YES
#下面是添加的:
- guest_enable=YES
- guest_username=vvsftpd #虛擬系統(tǒng)用戶,在步驟4)中添加該用戶到系統(tǒng)用戶中。
- user_config_dir=/etc/vsftpd/vconf/ #登錄ftp的虛擬用戶的權(quán)限配置文件。
- pam_service_name=vsftpd
- userlist_enable=YES
- tcp_wrappers=YES
======================================
- [simonsun@magic ~]$ sudo mkdir /etc/vsftpd/vconf/
- [simonsun@magic ~]$ sudo vim /etc/vsftpd/vconf/myftp
======================================
- write_enable=YES
- anon_upload_enable=YES
- anon_mkdir_write_enable=YES
- anon_world_readable_only=NO
======================================
4)
- [simonsun@magic ~]$ sudo /usr/sbin/useradd -d /home/vvsftpd -s /sbin/nologin vvsftpd
- [simonsun@magic ~]$ mysql -u root -p
#執(zhí)行如下語句,為虛擬系統(tǒng)用戶vvsftpd創(chuàng)建虛擬用戶(如myftp)登錄ftp時(shí)的認(rèn)證數(shù)據(jù)庫vsftpd
- ======================================
- create database vsftpd;
- use vsftpd;
- create table user(name char(20) binary,passwd char(20) binary);
- insert into user values ('myftp',ENCRYPT('ptfym'));
- grant select on vsftpd.user to vvsftpd@localhost identified by 'PaSsWoRd';
- flush privileges;
- ======================================
5)
- [simonsun@magic ~]$ sudo vim /etc/pam.d/vsftpd
修改成如下
- ======================================
- #%PAM-1.0
- session optional pam_keyinit.so force revoke
- auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers nerr=succeed
- #auth required pam_shells.so
- auth required /lib/security/pam_mysql.so user=vvsftpd passwd=PaSsWoRd host=localhost db=vsftpd table=user usercolumn=name passwdpasswdcolumn=passwd crypt=1
- account required /lib/security/pam_mysql.so user=vvsftpd passwd=PaSsWoRd host=localhost db=vsftpd table=user usercolumn=name passwdpasswdcolumn=passwd crypt=1
- #auth include system-auth
- #account include system-auth
- session include system-auth
- session required pam_loginuid.so
- ======================================
6)
- [simonsun@magic ~]$ sudo /sbin/iptables -I INPUT -p tcp --dport 20 -j ACCEPT
- [simonsun@magic ~]$ sudo /sbin/iptables -I INPUT -p tcp --dport 21 -j ACCEPT
- [simonsun@magic ~]$ sudo /etc/rc.d/init.d/iptables save
- [simonsun@magic ~]$ sudo /etc/rc.d/init.d/iptables restart
清除防火墻規(guī)則: [確定]
把 chains 設(shè)置為 ACCEPT 策略:filter nat [確定]
正在卸載 Iiptables 模塊: [確定]
應(yīng)用 iptables 防火墻規(guī)則: [確定]
載入額外 iptables 模塊:ip_conntrack_netbios_ns [確定]
- [simonsun@magic ~]$ sudo /etc/rc.d/init.d/vsftpd restart
關(guān)閉 vsftpd: [確定]
為 vsftpd 啟動(dòng) vsftpd: [確定]
- [simonsun@magic ~]$ ftp shellfisher.3322.org
- Connected to shellfisher.3322.org.
- 220 Welcome to Magic Linux FTP service.
- 530 Please login with USER and PASS.
- 530 Please login with USER and PASS.
- KERBEROS_V4 rejected as an authentication type
- Name (shellfisher.3322.org:simonsun): myftp
- 331 Please specify the password.
- Password:
- 230 Login successful.
- Remote system type is UNIX.
- Using binary mode to transfer files.
- ftp> ls
- 227 Entering Passive Mode (221,215,250,110,86,88)
- 150 Here comes the directory listing.
- 226 Directory send OK.
- ftp> mkdir testftp
- 257 "/testftp" created
- ftp> ls
- 227 Entering Passive Mode (221,215,250,110,43,155)
- 150 Here comes the directory listing.
- drwx------ 2 507 509 4096 Mar 24 08:32 testftp
- 226 Directory send OK.
- ftp> quit
- 221 Goodbye.
- ======================================
【編輯推薦】
- Linux下vsftp服務(wù)器配置
- vsFTPd服務(wù)器的啟動(dòng)和關(guān)閉
- 怎樣安裝vsFTPd
- Linux下配置vsftpd
- vsftpd安裝篇
- vsftpd 啟動(dòng)篇
- Linux下vsftpd的配置
- 如果SELinux拒絕vsftpd上傳文件到用戶主目錄怎么辦
- vsFTPd常用功能之限速和限制鏈接點(diǎn)
責(zé)任編輯:zhaolei
來源:
網(wǎng)絡(luò)轉(zhuǎn)載
