Vsftpd+PAM的安装配置
[table=98%][tr][td]这篇文章是从网上看到的,步骤比较清楚、详细 对大家应该有帮助Vsftpd+PAM安装配置
[/td][/tr][tr][td][font=times new roman, times, serif] 前言:本教程主要针对有一定linux操作经验的用户,但相对来说也可以适用于初级用户,但绝对不适用于“未装过linux操作系统性的用户”。本文收集于网上的资料,只做了简单的整理!大家应该看得懂![/font] [font=times new roman, times, serif][b]一、软件的安装[/b][/font]
[font=times new roman, times, serif]#[color=#ff0000]rpm –qa | grep vsftpd[/color]
//此命令用于检查linux系统有没有装过vsftpd[/font]
[font=times new roman, times, serif]#[color=#ff0000]mount /mnt/cdrom[/color]
//挂载你的第二张linux安装盘[/font]
[font=times new roman, times, serif]#[color=#ff0000]cd /mnt/cdrom/RedHat/RPMS[/color]
//进入rpm 安装包的光盘目录[/font]
[font=times new roman, times, serif]#[color=#ff0000]rpm –ivh vsftpd-1.1.3-.i386.rpm[/color]
//使用rpm –ivh 命令安装vsftpd-1.1.3-.i386.rpm[/font]
[font=times new roman, times, serif]#[color=#ff0000]cd;eject[/color]
//弹出光驱>相当windows中光驱的弹出[/font]
[font=times new roman, times, serif][b]二、启动Vsftpd[/b][/font]
[font=times new roman, times, serif]#[color=#ff0000]service vsftpd start[/color] //启动Vsftpd[/font]
[font=times new roman, times, serif]#[color=#ff0000]pstree | grep vsftpd[/color] //检查Vsftpd是否启动[/font]
[font=times new roman, times, serif] | -vsftpd //出现这一行,就表明Vsftpd已经启动[/font]
[font=times new roman, times, serif][b]三、配置虚拟用户的Vsftpd服务器[/b][/font]
[font=times new roman, times, serif]#[color=#ff0000]cat<< ! >logins.txt[/color][/font]
[font=times new roman, times, serif]#>[color=#ff0000]up[/color] //第一个用户[/font]
[font=times new roman, times, serif]#>[color=#ff0000]up[/color] //第一个用户的密码[/font]
[font=times new roman, times, serif]#>[color=#ff0000]down[/color] //第二个用户[/font]
[font=times new roman, times, serif]#>[color=#ff0000]down[/color] //第二个用户的密码[/font]
[font=times new roman, times, serif]#>[color=#ff0000]del[/color] //第三个用户[/font]
[/td][/tr][/table][font=times new roman, times, serif]#>[color=#ff0000]del[/color] //第三个用户的密码[/font]
[font=times new roman, times, serif]#>[color=#ff0000]![/color] //退出并保存[/font]
[font=times new roman, times, serif]//以上为新建的虚拟用户和密码,当然我只是在举例子,你们可以随便用其它用户名和密码,我这里只是让你容易明白一点![/font]
[font=times new roman, times, serif]#[/font]
[font=times new roman, times, serif]#[color=#ff0000]db_load -T -t hash -f logins.txt /etc/vsftpd/vsftpd_login.db[/color] [/font]
[font=times new roman, times, serif]//使用db_load命令生成口令库文件[/font]
[font=times new roman, times, serif]#[color=#ff0000]chmod 600 /etc/vsftpd/vsftpd_login.db[/color] //把口令库文件权限改成600[/font]
[font=times new roman, times, serif]#[color=#ff0000]vi /etc/pam.d/vsftp.vu[/color] //新建生成虚拟用户所需的PAM配置文件[/font]
[font=times new roman, times, serif]//并在其中写入如下内容,先按一下“I”键进入写入状态[/font]
[font=times new roman, times, serif] auth required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login[/font]
[font=times new roman, times, serif] account required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login[/font]
[font=times new roman, times, serif]//写完后,按“Shift+:”键,然后键入“wq”保存vsftp.vu[/font]
[font=times new roman, times, serif]#[color=#ff0000]useradd –d /mnt/download virtual[/color] //新建虚拟用户所要访问的目录[/font]
[font=times new roman, times, serif]#[color=#ff0000]chmod 700 /mnt/download/[/color] //并设置这个目录只有virtual用户可以访问[/font]
[font=times new roman, times, serif]//以上的“download”为你FTP的主目录,如果你对linux不熟就按我这样做吧[/font]
[font=times new roman, times, serif]#[color=#ff0000]cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak[/color] //这里备份vsftpd的配置文件[/font]
[font=times new roman, times, serif]#[color=#ff0000]rm /etc/vsftpd/vsftpd.conf [color=#000000]//删除默认配置[/color] [/color] [/font]
[font=times new roman, times, serif]#[color=#ff0000]vi /etc/vsftpd/vsftpd.conf[/color] [/font]
[font=times new roman, times, serif]//开始编辑Vsftpd的配置文件,并加入下面的配置,然后保存[/font]
[font=times new roman, times, serif]========================================================[/font]
[font=times new roman, times, serif][color=#0000ff]anonymous_enable=NO[/color][/font]
[font=times new roman, times, serif][color=#0000ff]local_enable=YES[/color][/font]
[font=times new roman, times, serif][color=#0000ff]write_enable=NO[/color][/font]
[font=times new roman, times, serif][color=#0000ff]local_umask=022[/color][/font]
[font=times new roman, times, serif][color=#0000ff]anon_upload_enable=YES[/color][/font]
[font=times new roman, times, serif][color=#0000ff]anon_mkdir_write_enable=NO[/color][/font]
[font=times new roman, times, serif][color=#0000ff]dirmessage_enable=YES[/color][/font]
[font=times new roman, times, serif][color=#0000ff]xferlog_enable=YES[/color][/font]
[font=times new roman, times, serif][color=#0000ff]connect_from_port_20=YES[/color][/font]
[font=times new roman, times, serif][color=#0000ff]xferlog_std_format=YES[/color][/font]
[font=times new roman, times, serif][color=#0000ff]ftpd_banner=Welcome to My FTP service.[/color][/font]
[font=times new roman, times, serif][color=#0000ff]chroot_list_file=/etc/vsftpd/chroot_list[/color][/font]
[font=times new roman, times, serif][color=#0000ff]anon_other_write_enable=NO[/color][/font]
[font=times new roman, times, serif][color=#0000ff]one_process_model=NO[/color][/font]
[font=times new roman, times, serif][color=#0000ff]chroot_local_user=YES[/color][/font]
[font=times new roman, times, serif][color=#0000ff]guest_enable=YES[/color][/font]
[font=times new roman, times, serif][color=#0000ff]guest_username=virtual[/color][/font]
[font=times new roman, times, serif][color=#0000ff]user_config_dir=/etc/vsftpd/vsftpd_user_conf[/color][/font]
[font=times new roman, times, serif][color=#0000ff]pam_service_name=vsftp.vu[/color][/font]
[font=times new roman, times, serif][color=#0000ff]userlist_enable=YES[/color][/font]
[font=times new roman, times, serif][color=#0000ff]listen=YES[/color][/font]
[font=times new roman, times, serif][color=#0000ff]tcp_wrappers=YES[/color][/font]
[font=times new roman, times, serif]========================================================[/font]
[font=times new roman, times, serif]#[/font]
[font=times new roman, times, serif]#[color=#ff0000]service vsftpd restart[/color] [/font] [font=times new roman, times, serif]//重新启动Vsftpd服务器[/font]
[font=times new roman, times, serif]#[color=#ff0000]mkdir /etc/vsftpd/vsftpd_user_conf[/color] //创建虚拟用户文件存放的目录[/font]
[font=times new roman, times, serif]//下面分别创建 up、down、del这三个FTP用户的配置文件[/font]
[font=times new roman, times, serif]#[color=#ff0000]echo “anon_world_readable_only=NO”>/etc/vsftpd/vsftpd_user_conf/up[/color][/font]
[font=times new roman, times, serif]#[color=#ff0000]echo “anon_world_readable_only=NO”>/etc/vsftpd/vsftpd_user_conf/down[/color][/font]
[font=times new roman, times, serif]#[color=#ff0000]echo “anon_world_readable_only=NO”>/etc/vsftpd/vsftpd_user_conf/del[/color][/font]
[font=times new roman, times, serif]//这里要说一下,现在这三个用户只有读取的权限,如果你想让他们有其它更多的[/font][font=times new roman, times, serif]权限,如“删除、下载、上传”等,你需要通过编辑这三个文件,并加入以下配置才能有这些权限[/font]
[font=times new roman, times, serif]anon_world_readable_only=NO //读取[/font]
[font=times new roman, times, serif]write_enable=YES[/font]
[font=times new roman, times, serif]anon_upload_enable=YES //上传[/font]
[font=times new roman, times, serif]anon_other_write_enable=YES //删除[/font]
[font=times new roman, times, serif]anon_mkdir_write_enable=YES //创建目录[/font]
[font=times new roman, times, serif]#[/font]
[font=times new roman, times, serif]#[color=#ff0000]service vsftpd restart[/color][/font]
[font=times new roman, times, serif]//Vsftpd到这里已经建成了,你可以通过up、down、del这三个帐户进行测试,当然你可以在当初建立帐户时,多建几个,这个随便你建多少的![/font]
[font=times new roman, times, serif]//到这里又有人要问了,现在这几个用户的目录是局限于/mnt/download目录下,[/font][font=times new roman, times, serif]不可以移到别的目录上,有于以后linux服务器的各项服务的扩展,需要进入任意一个[/font][font=times new roman, times, serif]目录时,我们就要接着做下面的补充配置了:[/font]
[font=times new roman, times, serif]#[/font]
[font=times new roman, times, serif]#[color=#ff0000]cat<<! >/etc/vsftpd/chroot_list[/color][/font]
[font=times new roman, times, serif]#> [color=#ff0000]up[/color][/font]
[font=times new roman, times, serif]#> [color=#ff0000]![/color][/font]
[font=times new roman, times, serif]//如果我们想把up用户锁定在/mnt/up 这个目录下面,需要以下配置[/font]
[font=times new roman, times, serif]#[color=#ff0000]mkdir /mnt/up#chmod 0777 /mnt/up[/color][/font]
[font=times new roman, times, serif]#[color=#ff0000]vi /etc/vsftpd/vsftpd_user_conf/up[/color] //[/font][font=times new roman, times, serif]修改这个用户,加入local_root=/mnt/up [/font] [font=times new roman, times, serif]//那么up这个用户的主目录就锁定在/mnt这个目录下,目录的位置随便你们自定![/font]
[font=times new roman, times, serif]#[color=#ff0000]service vsftpd restart[/color] //重启一下,全部完成[/font]
页:
[1]
