vsftpd + mysql + virtual users

時間 2019-11-07

標籤 vsftpd mysql virtual users 欄目 FTP 简体版

原文原文鏈接

There was nothing Sutra on Monday, decided to write this article, how to raise the working ftp server vsftpd with users in the mysql database with encrypted passwords.OS: FreeBSD-STABLE 6/3 essence of the mechanism: vsftpd deals with pam, pam and communicate with mysql.php

# Cd / usr / ports / FTP / vsftpd /  # make install clean

I put no support for SSL. They put further module pam_mysql.somysql

# Cd / usr / ports / Security / pam-mysql  # make install clean

After installation, makes the linksql

# Ln-sf / usr / local / lib / pam_mysql.so / usr / lib / pam_mysql.so

Put mysql.session

# / Usr/ports/databases/mysql41-server  # make install clean

In / etc / rc.conf add:dom

mysql_enable = "YES" mysql_limits = "NO" mysql_dbdir = "/ var / db / mysql"

Run mysqltcp

# / Usr / local / etc / rc.d / mysql-server start

Create a database where to store user names and passwords from users. The owner of the base vsftpd, password ftpdpasside

# Mysql-u root

CREATE DATABASE vsftpd; GRANT SELECT , INSERT, UPDATE, DELETE , CREATE , \ DROP ON vsftpd .* TO 'vsftpd' @ 'localhost' IDENTIFIED BY 'ftpdpass'; GRANT SELECT , INSERT, UPDATE, DELETE , CREATE , \ DROP ON vsftpd .* TO 'vsftpd' @ 'localhost.localdomain' IDENTIFIED BY 'ftpdpass'; FLUSH PRIVILEGES;

Create the table:ui

USE vsftpd; CREATE TABLE `accounts` ( `ID` INT NOT NULL AUTO_INCREMENT PRIMARY KEY, `Username` VARCHAR ( 30 ) NOT NULL, `Pass` VARCHAR ( 50 ) NOT NULL, UNIQUE ( `Username` ) ) ENGINE = MYISAM; quit ;

Next, the team # adduser create a user with similar data / etc / passwdthis

vsftpd: *: 1003 : 1003 : User &: / home / vsftpd: / usr / sbin / nologin

Now ftp server configuration: / usr / local / etc / vsftpd.confspa

anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 anon_upload_enable=NO anon_mkdir_write_enable=NO dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_file=/var/log/vsftpd.log nopriv_user=vsftpd  chroot_local_user=YES secure_chroot_dir=/usr/local/share/vsftpd/empty listen=YES pasv_min_port=50000 pasv_max_port=50100  pam_service_name=vsftpd guest_enable=YES guest_username=vsftpd local_root=/home/vsftpd/$USER user_sub_token=$USER virtual_use_local_privs=YES user_config_dir=/usr/local/etc/vsftpd_user_conf

Next, create a directory (if honestly I do not understand why he, but it seems sonecessary)

# mkdir /usr/local/etc/vsftpd_user_conf

Create a configuration file vsftpd, pam that would be operated with the FPT server)

# ee /etc/pam.d/vsftpd

auth required pam_mysql.so user=vsftpd passwd=ftpdpass \host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2 account required pam_mysql.so user=vsftpd passwd=ftpdpass \host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2

In the file / etc / pam.d / vsftpd, make sure that would have been only two lines (the first starts with auth required, second account required), without hyphenation

Add a test user with a login and password secret testuser :

#mysql -u root USE vsftpd; INSERT INTO accounts (username, pass) VALUES('testuser', PASSWORD('secret'));quit;

And a little more user rights to directories:

mkdir /home/vsftpd/testuserchown vsftpd:nogroup /home/vsftpd/testuser

Create a FTP server zagruzochnik:

# ee /usr/local/etc/rc.d/vsftpd.sh

#!/bin/sh  echo 'vsftpd starting...' /usr/local/libexec/vsftpd &

Run:

#/usr/local/etc/rc.d/vsftpd.sh

Or you can reboot ...

PS:As I always use a firewall pf, add in / etc / pf.conf rules for ftp server:

pass in on $ext_if inet proto tcp from any port 1024:65535 to \ ваш.ip.адрес port 21 flags S/SA keep state pass in on $ext_if inet proto tcp from any port 1024:65535 to \ ваш.ip.адрес port 50000:50100 flags S/SA keep state

lines

pasv_min_port=50000 pasv_max_port=50100

in / usr / local / etc / vsftpd.conf mean that the ports are opened with 50,000 to 50,100for passive mode FTP server and can only be a maximum 100 concurrent session.

pss: User can start with a regular and phpmyadmin

Very useful: Read the original article - it was written for linupsa Dibivan :

pass in on $ext_if inet proto tcp from any port 1024:65535 to \ ваш.ip.адрес port 21 flags S/SA keep state pass in on $ext_if inet proto tcp from any port 1024:65535 to \ ваш.ip.адрес port 50000:50100 flags S/SA keep state

lines

pasv_min_port=50000 pasv_max_port=50100

in / usr / local / etc / vsftpd.conf mean that the ports are opened with 50,000 to 50,100for passive mode FTP server and can only be a maximum 100 concurrent session.

pss: User can start with a regular and phpmyadmin

Very useful: Read the original article - it was written for linupsa Dibivan

http://www.howtoforge.com/vsftpd_mysql_debian_etch