Setup VSFTPD Server with Virtual Users On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

Well, in this article we let us setup vsftpd server with virtual users. ie. the users who don't have local account in the FTP server itself can login to FTP server.

I assume that you already have installed and configured FTP server. If didn't, visit to the above mentioned link to setup FTP server.

Install Berkeley Database(db4)

In this method, we use Berkeley database(db4(version4) to store virtual user names with their passwords. First install db4-utils package if it not installed:

# yum install db4-utils db4 -y
				

Create database file for virtual users

First create a plain text file and enter the virtual user names and their passwords one by one. Then create the db file from the plain text file.

For instance, i create a plain text file called virtual_users.txt in /home directory with username senthil and password centos:

# vi /home/virtual_users.txt
				

Add username and password one by one.

senthil

centos
				

Save and exit the file. Run the following command to create database file:

# db_load -T -t hash -f /home/virtual_users.txt /etc/vsftpd/virtual_users.db
				

Here virtual.db is the actual database file for virtual users.

Create a PAM file

Now create a PAM file to use the database virtual_users.db which we created from the plain text file. Create a file /etc/pam.d/vsftpd_virtual,

# vi /etc/pam.d/vsftpd_virtual
				

Add the following lines:

#%PAM-1.0

auth required pam_userdb.so db=/etc/vsftpd/virtual_users

account required pam_userdb.so db=/etc/vsftpd/virtual_users

session required pam_loginuid.so

Setup VSFTPD Server with Virtual Users On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

Save and exit the file.

vsftpd configuration

Edit file /etc/vsftpd/vsftpd.conf,

# vi /etc/vsftpd/vsftpd.conf
				

Make sure that you have added or edited the following lines as shown below:

# Allow anonymous FTP? (Beware - allowed by default if you comment this out).

anonymous_enable=NO

 

# Uncomment this to allow local users to log in.

local_enable=YES

 

## Enable virtual users

guest_enable=YES

 

## Virtual users will use the same permissions as anonymous

virtual_use_local_privs=YES

 

#

# Uncomment this to enable any form of FTP write command.

write_enable=YES

 

## PAM file name

pam_service_name=vsftpd_virtual

 

## Home Directory for virtual users

user_sub_token=$USER

local_root=/ftp/virtual/$USER

 

# You may specify an explicit list of local users to chroot() to their home

# directory. If chroot_local_user is YES, then this list becomes a list of

# users to NOT chroot().

chroot_local_user=YES

 

## Hide ids from user

hide_ids=YES
				

Save and exit the file.

Now create home directories for virtual users:

# mkdir -p /ftp/virtual/senthil

# chown -R ftp:ftp /ftp/virtual/senthil/
				

Start or restart vsftpd service:

# service vsftpd restart

Now try to login to FTP server using virtual user senthil with password centos:

# ftp 192.168.1.101

Connected to 192.168.1.101 (192.168.1.101).

220 Welcome to UNIXMEN FTP service.

Name (192.168.1.101:root): senthil

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> 
				

Now you will able to login to FTP server with user senthil since i didn't create any user calledsenthil.

Verify the log files using the following command:

# tail -f /var/log/secure
				

Sample output:

Dec 24 18:32:04 server vsftpd[3557]: pam_userdb(vsftpd_virtual:auth): user 'senthil' granted access
				

Login via your browser

Open web browser and navigate to ftp://ip-address/ and enter the virtual username and password.

Setup VSFTPD Server with Virtual Users On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3Setup VSFTPD Server with Virtual Users On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3That's it. Now you will able to connect to FTP server.

京ICP备11047313号-19 彩虹岛电子书