Linux system Vsftpd server virtual user and passive mode configuration method

Linux users generally use the active mode when using the vsftpd server, but the vsftpd server also has a passive mode. Today, Xiaobian will share the passive mode setting method of the vsftpd server and how to configure it. The virtual user of the vsftpd server.

How to configure vsftpd server, passive mode and virtual users:

First, install

The easiest RMP package installed because there are CD-ROM, it is not necessary Compile.

yum install db4* vsftpd -y

Second, configuration

1. New system user

useradd vsftpd -s /sbin/nologin

Restrict vsftpd user login, this user will be the host of the most vsftpd service

useradd ftp -s /sbin/nologin

Here is the Vsftpd virtual host user, by default this user should Have.

Of course, these users can use another name.

2, modify the configuration of vsftpd.

anonymous_enable=NO #Set up to allow anonymous access

local_enable=YES #Set local users to access. If set to NO then all virtual users will be inaccessible.

write_enable=YES #Set to write.

local_umask=022 #Set the permission mask of the file after uploading.

anon_upload_enable=NO #Disable anonymous user uploads.

anon_mkdir_write_enable=NO #Disable anonymous users from creating directories.

dirmessage_enable=YES #Set the directory slogan function.

xferlog_enable=YES #Set to enable logging.

connect_from_port_20=NO #Disable port 20 for data connection. Here use passive mode

chown_uploads=NO #Set to prohibit uploading files to change the host.

xferlog_file=/var/log/vsftpd.log #Set the service log save path for Vsftpd

xferlog_std_format=YES #Set the log to use the standard record format.

idle_session_timeout=600 #Set the idle connection timeout

nopriv_user=vsftpd #Set the host user that supports the Vsftpd service

async_abor_enable=YES #Set support for asynchronous transfer

ascii_upload_enable=YES

ascii_download_enable=YES #Set support for ASCII mode upload and download functions

ftpd_banner=vsftpd #Set Vsftpd login slogan

chroot_list_enable=NO #Forbid users from logging out of their FTP home directory

ls_recurse_enable=NO #Forbid users from using FTP<quo;ls -R” after using FTP, occupy resources

listen=YES #Set the Vsftpd service to work in StandAlone mode

#Add configuration

pam_service_name=vsftpd #Set the authentication configuration file name of Vsftpd under PAM service

userlist_enable=YES #设置Users in userlist_file will not be allowed to use FTP

tcp_wrappers=YES #Setting support TCP Wrappers

guest_enable=YES #Set Enable Virtual User Function

guest_username= Ft p #Specify the virtual user's host user

virtual_use_local_privs=YES #Set the virtual user's permissions to match their host user

user_config_dir=/etc/vsftpd/vconf #Set virtual user personal Vsftp Configuration file storage path

3, new user

touch /etc/vsftpd/user_list

#write

testuser #username

123456 #密码

4, generate data file

db_load -T -t hash -f /etc/vsftpd/user_list /etc/vsftpd/user.db

5, modify the pam.

auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/login

account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/login

These two must be inserted after #%PAM-1.0, where sufficient indicates sufficient conditions, and if passed, the same type of validation is not required. Previous12Next page Total 2 pages