• Centos6搭建vsftpd

    CentOS 6.5下安装Vsftp,虚拟用户
    一.安装:
    1.安装Vsftpd服务相关部件:
    [root@localhost ~]# yum install vsftpd*
    Loaded plugins: fastestmirror, refresh-packagekit, security
    Determining fastest mirrors
    base | 3.7 kB 00:00
    base/primary_db | 4.6 MB 00:08
    extras | 3.4 kB 00:00
    extras/primary_db | 37 kB 00:00
    updates | 3.4 kB 00:00
    updates/primary_db | 5.2 MB 00:09
    Setting up Install Process
    Resolving Dependencies
    --> Running transaction check
    ---> Package vsftpd.x86_64 0:2.2.2-14.el6_7.1 will be installed
    --> Finished Dependency Resolution

    Dependencies Resolved

    ==============================================================================
    Package Arch Version Repository Siz
    ==============================================================================
    Installing:
    vsftpd x86_64 2.2.2-14.el6_7.1 updates 152

    Transaction Summary
    ==============================================================================
    Install 1 Package(s)

    Total download size: 152 k
    Installed size: 332 k
    Is this ok [y/N]: y
    Downloading Packages:
    vsftpd-2.2.2-14.el6_7.1.x86_64.rpm | 152 kB 00:00
    Running rpm_check_debug
    Running Transaction Test
    Transaction Test Succeeded
    Running Transaction
    Installing : vsftpd-2.2.2-14.el6_7.1.x86_64 1/
    Verifying : vsftpd-2.2.2-14.el6_7.1.x86_64 1/

    Installed:
    vsftpd.x86_64 0:2.2.2-14.el6_7.1
    2.确认安装PAM服务相关部件:
    [root@localhost ~]# yum install pam*
    Loaded plugins: fastestmirror, refresh-packagekit, security
    Loading mirror speeds from cached hostfile
    Setting up Install Process
    Package pam_krb5-2.3.11-9.el6.x86_64 already installed and latest version
    Resolving Dependencies
    --> Running transaction check
    ---> Package pam.x86_64 0:1.1.1-17.el6 will be updated
    ---> Package pam.x86_64 0:1.1.1-20.el6_7.1 will be an update
    ---> Package pam-devel.x86_64 0:1.1.1-20.el6_7.1 will be installed
    ---> Package pam_ldap.x86_64 0:185-11.el6 will be installed
    ---> Package pam_passwdqc.x86_64 0:1.0.5-6.el6 will be updated
    ---> Package pam_passwdqc.x86_64 0:1.0.5-8.el6 will be an update
    ---> Package pam_pkcs11.x86_64 0:0.6.2-14.el6 will be installed
    --> Processing Dependency: libpcsclite.so.1()(64bit) for package: pam_pkcs11-0.6.2-14.el6.x86_64
    ---> Package pam_ssh_agent_auth.x86_64 0:0.9.3-114.el6_7 will be installed
    --> Running transaction check
    ---> Package pcsc-lite-libs.x86_64 0:1.5.2-15.el6 will be installed
    --> Finished Dependency Resolution

    Dependencies Resolved

    ==============================================================================
    Package Arch Version Repository Size
    ==============================================================================
    3.安装DB4部件包:
    这里要特别安装一个db4的包,用来支持文件数据库。
    [root@localhost ~]# yum install db4*
    Loaded plugins: fastestmirror, refresh-packagekit, security
    Loading mirror speeds from cached hostfile
    Setting up Install Process
    Resolving Dependencies
    --> Running transaction check
    ---> Package db4.x86_64 0:4.7.25-18.el6_4 will be updated
    ---> Package db4.x86_64 0:4.7.25-20.el6_7 will be an update
    ---> Package db4-cxx.x86_64 0:4.7.25-18.el6_4 will be updated
    ---> Package db4-cxx.x86_64 0:4.7.25-20.el6_7 will be an update
    ---> Package db4-devel.x86_64 0:4.7.25-18.el6_4 will be updated
    ---> Package db4-devel.x86_64 0:4.7.25-20.el6_7 will be an update
    ---> Package db4-devel-static.x86_64 0:4.7.25-20.el6_7 will be installed
    ---> Package db4-java.x86_64 0:4.7.25-20.el6_7 will be installed
    ---> Package db4-tcl.x86_64 0:4.7.25-20.el6_7 will be installed
    ---> Package db4-utils.x86_64 0:4.7.25-18.el6_4 will be updated
    ---> Package db4-utils.x86_64 0:4.7.25-20.el6_7 will be an update
    --> Finished Dependency Resolution

    Dependencies Resolved

    ==============================================================================
    Package Arch Version Repository Size
    ==============================================================================
    Installing:
    db4-devel-static x86_64 4.7.25-20.el6_7 updates 2.5 M
    db4-java x86_64 4.7.25-20.el6_7 updates 1.7 M
    db4-tcl x86_64 4.7.25-20.el6_7 updates 620 k
    Updating:
    db4 x86_64 4.7.25-20.el6_7 updates 563 k
    db4-cxx x86_64 4.7.25-20.el6_7 updates 588 k
    db4-devel x86_64 4.7.25-20.el6_7 updates 6.6 M
    db4-utils x86_64 4.7.25-20.el6_7 updates 130 k

    二:基于虚拟用户的配置
    所谓虚拟用户就是没有使用真实的帐户,只是通过映射到真实帐户和设置权限的目的。虚拟用户不能登录CentOS系统。

    修改配置文件
    打开/etc/vsftpd/vsftpd.conf,做如下配置
    root@localhost ~]# vi /etc/vsftpd/vsftpd.conf

    修改:

    anonymous_enable=NO //设定不允许匿名访问
    local_enable=YES //设定本地用户可以访问。注:如使用虚拟宿主用户,在该项目设定为NO的情况下所有虚拟用户将无法访问
    chroot_list_enable=YES //使用户不能离开主目录
    ascii_upload_enable=YES
    ascii_download_enable=YES //设定支持ASCII模式的上传和下载功能
    pam_service_name=vsftpd //PAM认证文件名。PAM将根据/etc/pam.d/vsftpd进行认证

    添加:
    guest_enable=YES //设定启用虚拟用户功能
    guest_username=ftp //指定虚拟用户的宿主用户,CentOS中已经有内置的ftp用户了
    user_config_dir=/etc/vsftpd/vuser_conf //设定虚拟用户个人vsftp的CentOS FTP服务文件存放路径。存放虚拟用户个性的CentOS FTP服务文件(配置文件名=虚拟用户名


    创建文件:
    [root@localhost ~]# touch /etc/vsftpd/chroot_list

    然后,创建用户密码文本/etc/vsftpd/vuser_passwd.txt ,注意奇行是用户名,偶行是密码
    [root@localhost ~]# vi /etc/vsftpd/vuser_passwd.txt

    test
    123456

    接着,生成虚拟用户认证的db文件
    [root@localhost ~]# db_load -T -t hash -f /etc/vsftpd/vuser_passwd.txt /etc/vsftpd/vuser_passwd.db

    随后,编辑认证文件/etc/pam.d/vsftpd,全部删掉掉原来语句,再增加以下两句:

    [root@localhost ~]# vi /etc/pam.d/vsftpd

    auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vuser_passwd
    account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vuser_passwd

    最后,创建虚拟用户配置文件
    [root@localhost ~]# mkdir /etc/vsftpd/vuser_conf/
    [root@localhost ~]# vi /etc/vsftpd/vuser_conf/test

    local_root=/ftp/test //虚拟用户根目录,根据实际情况修改
    write_enable=YES //可写
    anon_umask=022 //掩码
    anon_world_readable_only=NO
    anon_upload_enable=YES
    anon_mkdir_write_enable=YES
    anon_other_write_enable=YES

    设置FTP根目录权限

    [root@localhost ~]# mkdir -p /ftp/test/

    [root@localhost ~]# chmod -R 777 /ftp/

    [root@localhost ~]# service vsftpd start
    为 vsftpd 启动 vsftpd: [确定]


    如果配置都正确的话,还是不行,可以尝试重启一下机器

    [root@localhost ~]# vi /etc/sysconfig/iptables

    -A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT

    [root@localhost ~]# vi /etc/vsftpd/vsftpd.conf

    pasv_enable=YES //开启PASV模式
    pasv_min_port=40000 //最小端口号
    pasv_max_port=40080 //最大端口号
    pasv_promiscuous=YES

    [root@localhost ~]# vi /etc/sysconfig/iptables

    -A INPUT -p tcp --dport 40000:40080 -j ACCEPT

    [root@localhost ~]# service iptables restart

    注意:如果有新添加的用户必须执行这条命令:

    db_load -T -t hash -f /etc/vsftpd/vuser_passwd.txt /etc/vsftpd/vuser_passwd.db
  • 相关阅读:
    Centos开启FTP及用户配置
    mysql update from 子查询
    sql server 查询表某个字段不重复数据
    ASP.NET 获取来源网站的网址,获取上一网页的网址,获取来源网页的URL,获取上一网页的URL
    Warning: Invalid argument supplied for foreach()
    不支持关键字: “userid”。
    apache301重定向设置
    service httpd restart失败解决方法(小记)
    JavaWeb(一)
    jquery中filter的用法
  • 原文地址:https://www.cnblogs.com/good-sou/p/10095480.html
Copyright © 2020-2023  润新知