vsftpd虚拟用户部署

vsftpd虚拟用户部署

  • 案例提供两个用户如下,使用centos7验证可行。

    test
    *AO9ih&7
    ftp
    D@Tx4zp_

  • shell脚本运行一键安装vsftp

    #!/bin/bash
    yum -y install vsftpd ftp

    /etc/vsftpd/vsftpd.conf
    cat <<EOL >> /etc/vsftpd/vsftpd.conf
    anonymous_enable=NO
    local_enable=YES
    write_enable=YES
    local_umask=022
    dirmessage_enable=YES
    xferlog_enable=YES
    connect_from_port_20=YES
    xferlog_file=/var/log/xferlog
    xferlog_std_format=YES
    idle_session_timeout=300
    data_connection_timeout=10
    dual_log_enable=YES
    vsftpd_log_file=/var/log/vsftpd.log
    chroot_local_user=YES
    chroot_list_enable=NO
    chroot_list_file=/etc/vsftpd/chroot_list
    listen=YES
    pam_service_name=vsftpd
    userlist_enable=YES
    tcp_wrappers=YES
    anon_umask=022
    guest_enable=YES
    guest_username=virtual
    pam_service_name=vsftpd.vu
    use_localtime=YES
    user_config_dir=/etc/vsftpd/users_dir
    connect_from_port_20=YES
    write_enable=YES
    pasv_enable=YES
    pasv_min_port=10200
    pasv_max_port=10300
    pasv_promiscuous=YES
    pasv_addr_resolve=NO
    chroot_local_user=YES
    accept_timeout=5
    connect_timeout=1
    allow_writeable_chroot=YES
    EOL

    cd /etc/vsftpd/

    /etc/vsftpd/users
    cat <<EOL >>/etc/vsftpd/users
    test
    *AO9ih&7
    ftp
    D@Tx4zp_
    EOL

    db_load -T -t hash -f users users.db
    chmod 600 /etc/vsftpd/users.*
    useradd -d /home/virtual -s /sbin/nologin virtual
    chmod 755 /home/virtual

    /etc/pam.d/vsftpd.vu
    cat <<EOL >>/etc/pam.d/vsftpd.vu
    #%PAM-1.0
    auth required pam_userdb.so db=/etc/vsftpd/users
    account required pam_userdb.so db=/etc/vsftpd/users
    EOL

    mkdir users_dir

    /etc/vsftpd/users_dir/test
    cat <<EOL >>/etc/vsftpd/users_dir/test
    anon_upload_enable=YES
    anon_mkdir_write_enable=YES
    anon_other_write_enable=YES
    local_root=/home/virtual/test
    local_umask=022
    write_enable=YES
    chroot_local_user=YES
    allow_writeable_chroot=YES
    EOL

    /etc/vsftpd/users_dir/ftp
    cat <<EOL >>/etc/vsftpd/users_dir/ftp
    anon_upload_enable=YES
    anon_mkdir_write_enable=YES
    anon_other_write_enable=YES
    local_root=/home/virtual/ftp
    local_umask=022
    write_enable=YES
    chroot_local_user=YES
    allow_writeable_chroot=YES
    EOL

    mkdir -p /home/virtual/ftp /home/virtual/test
    chown -R virtual:virtual /home/virtual/ftp /home/virtual/test
    chmod -R 755 /home/virtual/ftp /home/virtual/test
    systemctl start vsftpd
    systemctl enable vsftpd

  • 验证登录

    [root@ccod2 vsftpd]# ftp 10.130.47.243
    Connected to 10.130.47.243 (10.130.47.243).
    220 (vsFTPd 3.0.2)
    Name (10.130.47.243:root): test
    331 Please specify the password.
    Password:
    230 Login successful.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    ftp> ls
    227 Entering Passive Mode (10,130,47,243,39,238).
    150 Here comes the directory listing.
    -rw-r--r-- 1 1003 1003 6752455 Jan 20 13:52 fastdfs606_install.tar.gz
    226 Directory send OK.
    ftp> put
    ftpusers user_list users users.db users_dir/ vsftpd.conf vsftpd_conf_migrate.sh
    ftp> put users
    local: users remote: users
    227 Entering Passive Mode (10,130,47,243,39,252).
    150 Ok to send data.
    226 Transfer complete.
    27 bytes sent in 5e-05 secs (540.00 Kbytes/sec)
    ftp> get fastdfs606_install.tar.gz
    local: fastdfs606_install.tar.gz remote: fastdfs606_install.tar.gz
    227 Entering Passive Mode (10,130,47,243,40,46).
    150 Opening BINARY mode data connection for fastdfs606_install.tar.gz (6752455 bytes).
    226 Transfer complete.
    6752455 bytes received in 0.0255 secs (265103.65 Kbytes/sec)
    ftp>

相关推荐
midsummer_woo1 小时前
基于spring boot的医院挂号就诊系统(源码+论文)
java·spring boot·后端
Olrookie2 小时前
若依前后端分离版学习笔记(三)——表结构介绍
笔记·后端·mysql
沸腾_罗强2 小时前
Bugs
后端
一条GO2 小时前
ORM中实现SaaS的数据与库的隔离
后端
京茶吉鹿3 小时前
"if else" 堆成山?这招让你的代码优雅起飞!
java·后端
长安不见3 小时前
从 NPE 到高内聚:Spring 构造器注入的真正价值
后端
你我约定有三3 小时前
RabbitMQ--消息丢失问题及解决
java·开发语言·分布式·后端·rabbitmq·ruby
程序视点3 小时前
望言OCR 2025终极评测:免费版VS专业版全方位对比(含免费下载)
前端·后端·github
rannn_1113 小时前
Java学习|黑马笔记|Day23】网络编程、反射、动态代理
java·笔记·后端·学习
一杯科技拿铁4 小时前
Go 的时间包:理解单调时间与挂钟时间
开发语言·后端·golang