vsftpd虚拟用户部署

vsftpd虚拟用户部署

  • 案例提供两个用户如下,使用centos7验证可行。

    test
    *AO9ih&7
    ftp
    D@Tx4zp_

  • shell脚本运行一键安装vsftp

    #!/bin/bash
    yum -y install vsftpd ftp

    /etc/vsftpd/vsftpd.conf
    cat <> /etc/vsftpd/vsftpd.conf
    anonymous_enable=NO
    local_enable=YES
    write_enable=YES
    local_umask=022
    dirmessage_enable=YES
    xferlog_enable=YES
    connect_from_port_20=YES
    xferlog_file=/var/log/xferlog
    xferlog_std_format=YES
    idle_session_timeout=300
    data_connection_timeout=10
    dual_log_enable=YES
    vsftpd_log_file=/var/log/vsftpd.log
    chroot_local_user=YES
    chroot_list_enable=NO
    chroot_list_file=/etc/vsftpd/chroot_list
    listen=YES
    pam_service_name=vsftpd
    userlist_enable=YES
    tcp_wrappers=YES
    anon_umask=022
    guest_enable=YES
    guest_username=virtual
    pam_service_name=vsftpd.vu
    use_localtime=YES
    user_config_dir=/etc/vsftpd/users_dir
    connect_from_port_20=YES
    write_enable=YES
    pasv_enable=YES
    pasv_min_port=10200
    pasv_max_port=10300
    pasv_promiscuous=YES
    pasv_addr_resolve=NO
    chroot_local_user=YES
    accept_timeout=5
    connect_timeout=1
    allow_writeable_chroot=YES
    EOL

    cd /etc/vsftpd/

    /etc/vsftpd/users
    cat <>/etc/vsftpd/users
    test
    *AO9ih&7
    ftp
    D@Tx4zp_
    EOL

    db_load -T -t hash -f users users.db
    chmod 600 /etc/vsftpd/users.*
    useradd -d /home/virtual -s /sbin/nologin virtual
    chmod 755 /home/virtual

    /etc/pam.d/vsftpd.vu
    cat <>/etc/pam.d/vsftpd.vu
    #%PAM-1.0
    auth required pam_userdb.so db=/etc/vsftpd/users
    account required pam_userdb.so db=/etc/vsftpd/users
    EOL

    mkdir users_dir

    /etc/vsftpd/users_dir/test
    cat <>/etc/vsftpd/users_dir/test
    anon_upload_enable=YES
    anon_mkdir_write_enable=YES
    anon_other_write_enable=YES
    local_root=/home/virtual/test
    local_umask=022
    write_enable=YES
    chroot_local_user=YES
    allow_writeable_chroot=YES
    EOL

    /etc/vsftpd/users_dir/ftp
    cat <>/etc/vsftpd/users_dir/ftp
    anon_upload_enable=YES
    anon_mkdir_write_enable=YES
    anon_other_write_enable=YES
    local_root=/home/virtual/ftp
    local_umask=022
    write_enable=YES
    chroot_local_user=YES
    allow_writeable_chroot=YES
    EOL

    mkdir -p /home/virtual/ftp /home/virtual/test
    chown -R virtual:virtual /home/virtual/ftp /home/virtual/test
    chmod -R 755 /home/virtual/ftp /home/virtual/test
    systemctl start vsftpd
    systemctl enable vsftpd

  • 验证登录

    [root@ccod2 vsftpd]# ftp 10.130.47.243
    Connected to 10.130.47.243 (10.130.47.243).
    220 (vsFTPd 3.0.2)
    Name (10.130.47.243:root): test
    331 Please specify the password.
    Password:
    230 Login successful.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    ftp> ls
    227 Entering Passive Mode (10,130,47,243,39,238).
    150 Here comes the directory listing.
    -rw-r--r-- 1 1003 1003 6752455 Jan 20 13:52 fastdfs606_install.tar.gz
    226 Directory send OK.
    ftp> put
    ftpusers user_list users users.db users_dir/ vsftpd.conf vsftpd_conf_migrate.sh
    ftp> put users
    local: users remote: users
    227 Entering Passive Mode (10,130,47,243,39,252).
    150 Ok to send data.
    226 Transfer complete.
    27 bytes sent in 5e-05 secs (540.00 Kbytes/sec)
    ftp> get fastdfs606_install.tar.gz
    local: fastdfs606_install.tar.gz remote: fastdfs606_install.tar.gz
    227 Entering Passive Mode (10,130,47,243,40,46).
    150 Opening BINARY mode data connection for fastdfs606_install.tar.gz (6752455 bytes).
    226 Transfer complete.
    6752455 bytes received in 0.0255 secs (265103.65 Kbytes/sec)
    ftp>

相关推荐
江畔柳前堤4 小时前
GO01-Go 语言与主流编程语言深度对比
开发语言·人工智能·后端·微服务·云原生·golang·go
世界哪有真情4 小时前
拿人类意识卡 AI?等于用 bug 验收正式产品
前端·人工智能·后端
Csvn7 小时前
Day 3:LIKE 与模式匹配 — 让查询学会"模糊搜索"
后端·sql
Hazenix8 小时前
Go 指南:一篇文章速通 Golang
开发语言·后端·golang
灯澜忆梦8 小时前
GO_复合类型---指针
开发语言·后端·golang
IT_陈寒8 小时前
SpringBoot自动装配坑了我一天,原来问题出在这
前端·人工智能·后端
星栈9 小时前
深度复盘:比 EventLoop 更隐蔽!Node 微任务堆积引发的线上接口雪崩事故
后端·node.js
名字还没想好☜9 小时前
Go slice 的 append 陷阱:共享底层数组导致的数据串改
开发语言·后端·golang·go·slice
诸神缄默不语9 小时前
FastAPI后端配置CORS中间件支持浏览器跨域访问
后端·fastapi
Fanta丶9 小时前
14.Activiti7 网关 排他网关ExclusiveGateway、并行网关ParallelGateway
后端