系統環境:192.168.1.62. centos6.4 64位系統
安裝vsftp的軟件包
yum install vsftpd
2.虛擬用戶需要一個數據庫的轉換。安裝所需要的軟件
yum install db4*
vftpuser.txt這個文件裏面寫上你的用戶名和密碼。這個文件原本是不存在的 創建即可。然後再格式轉換
db_load -T -t hash –f vftpuser.txt vftpuser.db 轉換數據格式
3.增加pam認證 安裝pam所需要的包
yum install pam*
cd /etc/pam.d/
cp vsftpd vsftpduser
編輯pam的配置文件
[root@jboss1 pam.d]# cat vsftpduser
#%PAM-1.0
auth required/lib64/security/pam_userdb.so db=/etc/vsftpd/vftpuser
account required /lib64/security/pam_userdb.so db=/etc/vsftpd/vftpuser
這個錯誤可以從/var/log/secure裏面看出來
Sep 12 15:19:30 localhost sshd[24698]: Accepted password for root from 192.168.12.125 port 58767 ssh2
Sep 12 15:19:31 localhost sshd[24698]: pam_unix(sshd:session): session opened for user root by (uid=0)
Sep 12 15:41:19 localhost vsftpd[25062]: PAM unable to dlopen(/lib/security/pam_userdb.so): /lib/security/pam_userdb.so: cannot open shared object file: No such file or directory
Sep 12 15:41:19 localhost vsftpd[25062]: PAM adding faulty module: /lib/security/pam_userdb.so
Sep 12 15:41:20 localhost vsftpd[25064]: PAM unable to dlopen(/lib/security/pam_userdb.so): /lib/security/pam_userdb.so: cannot open shared object file: No such file or directory
Sep 12 15:41:20 localhost vsftpd[25064]: PAM adding faulty module: /lib/security/pam_userdb.so
4.增加真實用戶
useradd -d /var/total virtualuser
usermod -s /sbin/nologin virtualuser
5.編輯vsftpd.conf的文件
[root@localhost pam.d]# grep -vE "#|^$" /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/xferlog
xferlog_std_format=YES
dual_log_enable=YES
vsftpd_log_file=/var/log/vsftpd.log
chroot_local_user=YES
listen=YES
pam_service_name=vsftpduser pam的配置文件
guest_enable=YES
guest_username=virtualuser
user_config_dir=/etc/vsftpd/user_conf用戶配置的文件目錄
local_root=/var/total/文件存放處
userlist_enable=YES
tcp_wrappers=YES
pasv_enable=YES
pasv_min_port=64000
pasv_max_port=65535
max_clients=30
max_per_ip=50
local_max_rate=512000
6.配置虛擬用戶的配置
cd /etc/vsftpd
mkdir user_conf
cd user_conf
touch gaohuina
local_root=/var/total/test
anon_world_readable_only=NO
anonymous_enable=NO
write_enable=NO
local_umask=022
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
idle_session_timeout=2000
data_connection_timeout=500
max_clients=30
max_per_ip=10
local_max_rate=50000
cmds_allowed=ABOR,CWD,LIST,MDTM,MKD,NLST,PASS,PASV,PORT,PWD,QUIT,RETR,RNFR,RNTO,SIZE,STOR,TYPE,USER,REST,CDUP,HELP,MODE,NOOP,REIN,STAT,STOU,STRU,SYST,FEAT
file_open_mode=0444