• vsftpd基于mysql的认证方式


    安装epel源:
    cd /etc/yum.repos.d
    rpm -ivh epel-release-latest-6.noarch.rpm
     
    然后安装pam_mysql这个包:
    yum -y install pam_mysql
    [root@wadeson yum.repos.d]# ll /lib64/security/pam_mysql.so 

    -rwxr-xr-x 1 root root 42424 Aug 14 2011 /lib64/security/pam_mysql.so

    配置数据库:

    MariaDB [(none)]> create database vsftpd;
    Query OK, 1 row affected (0.00 sec)

    MariaDB [(none)]> grant select on vsftpd.* to 'vsftpd'@'localhost' identified by 'redhat';
    Query OK, 0 rows affected (0.02 sec)

    MariaDB [(none)]> grant select on vsftpd.* to 'vsftpd'@'127.0.0.1' identified by 'redhat';
    Query OK, 0 rows affected (0.01 sec)

    MariaDB [(none)]> flush privileges;
    Query OK, 0 rows affected (0.00 sec)

    然后在该数据库创建表:

    MariaDB [(none)]> use vsftpd
    Database changed
    MariaDB [vsftpd]> create table users(id int auto_increment not null,name char(20) binary not null,password char(48) binary not null,primary key(id));
    Query OK, 0 rows affected (0.05 sec)

    MariaDB [vsftpd]> insert into users(name,password) values ('admin',password('redhat'));
    Query OK, 1 row affected (0.05 sec)

    由于vsftpd和mysql服务都是在同一台主机上,所以相对来说授权的host范围小,当mysql和vsftpd不在同一台主机上时,

    pam_mysql这个包还是和vsftpd上安装,这个时候该主机还得安装mysql客户端,远程的mysql服务器应该给予vsftpd这

    台主机host访问的权限

    配置完成mysql后然后配置pam认证信息:

    [root@wadeson ~]# vim /etc/pam.d/vsftpd.mysql

    auth required /lib64/security/pam_mysql.so user=vsftpd passwd=redhat host=127.0.0.1 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2
    account required /lib64/security/pam_mysql.so user=vsftpd passwd=redhat host=127.0.0.1 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2

    然后修改vsftpd.conf配置文件的相关信息:

    整个vsftpd.conf的配置内容:

    anonymous_enable=NO
    local_enable=YES
    #write_enable=NO
    dirmessage_enable=YES
    xferlog_enable=YES
    xferlog_file=/var/log/vsftpd.log
    connect_from_port_20=YES
    xferlog_std_format=YES
    listen=YES
    listen_port=21
    userlist_enable=YES
    chroot_local_user=YES
    tcp_wrappers=YES
    guest_enable=YES
    guest_username=ftpuser            (如果设置了这个,需要在系统上创建该用户)
    pam_service_name=vsftpd.mysql
    user_config_dir=/etc/vsftpd/vsftpd_user_conf
    virtual_use_local_privs=YES
    pasv_min_port=50000
    pasv_max_port=60000
    pasv_enable=yes
    max_clients=200
    max_per_ip=4
    idle_session_timeout=600
    ftpd_banner=Welcome to opendoc FTP service.

    然后修改/etc/vsftpd/vsftpd_user_conf该目录下面虚拟账户的各自配置:(该目录如果没有需要进行创建)

    [root@wadeson vsftpd_user_conf]# cat admin
    write_enable=YES
    anonymous_enable=NO
    anon_world_readable_only=NO
    anon_upload_enable=YES
    anon_mkdir_write_enable=YES
    anon_other_write_enable=YES
    local_umask=022
    download_enable=Yes
    local_root=/var/ftproot

    然后进行访问:

    [root@wadeson vsftpd_user_conf]# ftp 127.0.0.1
    Connected to 127.0.0.1 (127.0.0.1).
    220 Welcome to opendoc FTP service.
    Name (127.0.0.1:root): admin
    331 Please specify the password.
    Password:
    230 Login successful.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    ftp> ls
    227 Entering Passive Mode (127,0,0,1,209,50).
    150 Here comes the directory listing.
    -rw-r--r-- 1 501 501 423612 Jun 23 07:06 2015_12.7z
    drwxr-xr-x 2 501 501 4096 Jul 12 07:25 test
    drwxr-xr-x 2 501 501 4096 Jul 12 12:38 test02
    226 Directory send OK.
    ftp> mkdir test03
    257 "/test03" created

  • 相关阅读:
    java实验报告(实验五)
    java实验报告(实验三)
    java读书笔记二
    总结报告
    Android实践项目汇报(总结)-修改
    Android实践项目汇报(总结)
    Android实践项目汇报(四)
    Android实践项目汇报(三)
    Android实践项目汇报(二)
    Android实践项目汇报-改(一)
  • 原文地址:https://www.cnblogs.com/jsonhc/p/7157610.html
Copyright © 2020-2023  润新知