ʹÓÃvsftp¼ÜÉèftp·þÎñÆ÷

±¾ÎÄÔ­Ö·Á´½Ó£ºhttp://www.syitren.com/bbs/thread-1376-1-1.html
תÔØÇë×¢Ã÷£¡

VSFTPDÊÇÒ»ÖÖÔÚUNIX/LinuxÖзdz£°²È«ÇÒ¿ìËÙµÄFTP·þÎñÆ÷£¬Ä¿Ç°ÒѾ­±»Ðí¶à´óÐÍÕ¾µãËù²ÉÓá£VSFTPDÖ§

³Ö½«Óû§ÃûºÍ¿ÚÁî±£´æÔÚÊý¾Ý¿âÎļþ»òÊý¾Ý¿â·þÎñÆ÷ÖС£VSFTPD³ÆÕâÖÖÐÎʽµÄÓû§ÎªÐéÄâÓû§¡£Ïà¶ÔÓÚ

FTPµÄ±¾µØ£¨ÏµÍ³£©Óû§À´Ëµ£¬ÐéÄâÓû§Ö»ÊÇFTP·þÎñÆ÷µÄרÓÐÓû§£¬ÐéÄâÓû§Ö»ÄÜ·ÃÎÊFTP·þÎñÆ÷ËùÌṩ

µÄ×ÊÔ´£¬Õâ´ó´óÔöǿϵͳ±¾ÉíµÄ°²È«ÐÔ¡£Ïà¶ÔÓÚÄäÃûÓû§¶øÑÔ£¬ÐéÄâÓû§ÐèÒªÓû§ÃûºÍÃÜÂë²ÅÄÜ»ñÈ¡FTP

·þÎñÆ÷ÖеÄÎļþ£¬Ôö¼ÓÁ˶ÔÓû§ºÍÏÂÔصĿɹÜÀíÐÔ¡£¶ÔÓÚÐèÒªÌṩÏÂÔØ·þÎñ£¬µ«ÓÖ²»Ï£ÍûËùÓÐÈ˶¼¿ÉÒÔÄä

ÃûÏÂÔØ£»¼ÈÐèÒª¶ÔÏÂÔØÓû§½øÐйÜÀí£¬ÓÖ¿¼Âǵ½Ö÷»ú°²È«ºÍ¹ÜÀí·½±ãµÄFTPÕ¾µãÀ´Ëµ£¬ÐéÄâÓû§ÊÇÒ»ÖÖ¼«

ºÃµÄ½â¾ö·½°¸¡£±¾ÎĽéÉÜÔÚcentosÉÏÈçºÎ½«VSFTPDµÄÐéÄâÓû§ÃûºÍÃÜÂë±£´æÔÚMySQLÊý¾Ý¿â·þÎñÆ÷ÖС£

1£©°²×°vsftp

# tar -zxvf vsftpd-2.0.6.tar.gz

# cd vsftpd-2.0.6

°²×°²½Öè¿ÉÒÔ²ÎÕÕĿ¼ÏÂINSTALLÎļþ

# mkdir /usr/share/empty/

# mkdir /var/ftp/

# useradd -d /var/ftp ftp

# chown root.root /var/ftp

# chmod og-w /var/ftp

#make;make install

#cp vsftpd /usr/local/sbin/vsftpd

#mkdir /usr/local/man

#cp vsftpd.conf.5 /usr/local/man/man5

#cp vsftpd.8 /usr/local/man/man8

# cp RedHat/vsftpd.pam /etc/pam.d/ftp

#cp vsftpd.conf /etc

#vi /etc/vsftpd.conf

ÔÚ×îºóÌí¼ÓÒ»ÐÐ

listen=YES

Æô¶¯vsftp·þÎñ

#/usr/local/sbin/vsftpd &

È»ºóÓÃanonymous»òÕßftpÓû§²âÊÔһϣ¬ÃÜÂ붼Ϊ¿Õ

ÔÊÐí±¾µØÓû§µÇ½£º

#vi /etc/vsftpd.conf

local_enable=YES

pam_service_name=ftp

È»ºóн¨Ò»¸öÓû§£¬ÖØÆôһϷþÎñµÇ½²âÊÔÒ»ÏÂ

#killall -HUP vsftpd //ÖØÆôvsftpd·þÎñ

½ûïÀÓû§µÄÖ÷Ŀ¼£º

#touch /etc/vsftpd.chroot_list

a¡¢ÏÞÖÆËùÓÐÓû§²»ÄÜÇл»Ä¿Â¼

chroot_local_user=YES

b¡¢ÉèÖÃÖ¸¶¨µÄÓû§²»ÄÜÇл»Ä¿Â¼

chroot_local_user=NO

chroot_list_enable=YES

chroot_list_file=/etc/vsftpd.chroot_list

È»ºó°ÑÐèÒª½ûïÀÖ÷Ŀ¼µÄÓû§ÊäÈëµ½/etc/vsftpd.chroot_listÎļþÖоͿÉÒÔÁË






ÓÃDB¿â´æ´¢Óû§Ãû¼°ÃÜÂë

a)½¨Á¢ÐéÄâÓû§¿ÚÁî¿âÎļþ,¿ÚÁî¿âÎļþÖÐÆæÊýÐÐÉèÖÃÓû§Ãû£¬Å¼ÊýÐÐÉèÖÿÚÁî

# cat logins.txt

aaa

123456

bbb

123456

b)Éú³ÉvsftpdµÄÈÏÖ¤Îļþ

# db_load -T -t hash -f logins.txt /etc/ vsftpd_login.db

# chmod 600 /etc/ vsftpd_login.db

c) ½¨Á¢ÐéÄâÓû§ËùÐèµÄPAMÅäÖÃÎļþ

# cat /etc/pam.d/ftp (°ÑÔ­À´µÄ¶¼×¢Ê͵ô)

auth required /lib/security/pam_userdb.so db=/etc/vsftpd_login

account required /lib/security/pam_userdb.so db=/etc/vsftpd_login

d)½¨Á¢ÐéÄâÓû§¼°Òª·ÃÎʵÄĿ¼²¢ÉèÖÃÏàÓ¦µÄȨÏÞ

# useradd -d /home/ftpsite virtual

# chmod 700 /home/ftpsite/

e)ÔÚÅäÖÃÎļþ/etc/vsftpd/vsftpd.confÖÐÌí¼ÓÐéÄâÓû§µÄÅäÖÃÄÚÈÝ

guest_enable=YES

guest_username=virtual

pam_service_name=ftp //ÕâÐÐÇ°ÃæÒѾ­¼Ó¹ýÁË

È»ºóÖØÆôÒ»ÏÂvsftp·þÎñ£¬Ê¹ÓÃaaaºÍbbbÓû§²âÊÔÒ»ÏÂ

¶ÔÐéÄâÓû§ÉèÖò»Í¬µÄȨÏÞ

#vi /etc/vsftpd/vsftpd.conf

Ìí¼ÓÓû§ÅäÖÃÎļþĿ¼ÉèÖÃ,Ôö¼ÓÒ»ÐÐ

user_config_dir=/etc/vsftpd_user_conf

È»ºó½¨Á¢ÐéÄâÓû§µÄÅäÖÃÎļþĿ¼

# mkdir /etc/vsftpd_user_conf

ΪÐéÄâÓû§½¨Á¢µ¥¶ÀµÄÅäÖÃÎļþ£¬Óû§ÅäÖÃÎļþÃû³ÆÓëÓû§ÃûÏàͬ

/etc/vsftpd_user_conf/aaa

/etc/vsftpd_user_conf/bbbb

ÿ¸öFTPÐéÄâÓû§¶¼¿ÉÒÔ¶ÀÁ¢ÉèÖÃÆäȨÏ޺Ͳ»Í¬µÄ¼ÒĿ¼

#cat /etc/vsftpd_user_conf/aaa

anon_world_readable_only=NO

anon_upload_enable=YES

anon_mkdir_write_enable=YES

anon_other_write_enable=YES

local_root=/var/aaa


ʹÓÃmysql´æ´¢ÐéÄâÓû§

a)°²×°mysql

# tar -zxvf mysql-5.0.67.tar.gz

#cd mysql-5.0.67

# ./configure --prefix=/usr/local/mysql

#make;make install

# cp support-files/my-medium.cnf /etc/my.cnf

#useradd mysql

#chown -R root.root /usr/local/mysql/

³õʼ»¯Êý¾Ý¿â

# /usr/local/mysql/bin/mysql_install_db

#chown -R root.root /usr/local/mysql/

# chown -R mysql.mysql /usr/local/mysql/mysql/var

# /usr/local/mysql/bin/mysqld_safe --user=mysql &

b)°²×°pam_mysql

ÒòΪmysqlÊDZàÒë°²×°µÄ£¬ËùÒÔÔÚÕâ²½¿ÉÄÜ»á³ö´í£¬×öÏÂÁеÄÁ´½Ó¾Í¿ÉÒÔ

#ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql

#ln -s /usr/local/mysql/include/mysql /usr/include/mysql

#tar -zxvf pam_mysql-0.6.2.tar.gz

#cd pam_mysql-0.6.2

#./configure --with-mysql=/usr/local/mysql -with-openssl

#make;make install

#cp /usr/lib/security/pam_mysql.so /lib/security/

c)ÉèÖÃÊý¾Ý¿â

mysql>create database vftp;

mysql>use vftp;

mysql>create table users(name char(16) binary,passwd char(16) binary);

mysql>insert into users (name,passwd) values ('test1','123456');

mysql>insert into users (name,passwd) values ('test2','123456');

mysql>quit

d)½¨Á¢pamÈÏÖ¤ËùÐèÎļþ

#vi /etc/pam.d/ftp

Ìí¼ÓÈçÏÂÁ½ÐÐ

auth required /lib/security/pam_mysql.so user=root passwd=123456 host=localhost db=vftp

table=users usercolumn=name passwdcolumn=passwd crypt=0

account required /lib/security/pam_mysql.so user=root passwd=123456 host=localhost db=vftp

table=users usercolumn=name passwdcolumn=passwd crypt=0

×¢Ò⣺

#crypt=0: Ã÷ÎÄÃÜÂë

#crypt=1: ʹÓÃcrpyt()º¯Êý(¶ÔÓ¦SQLÊý¾ÝÀïµÄencrypt()£¬encrypt()Ëæ»ú²úÉúsalt)

#crypt=2: ʹÓÃMYSQLÖеÄpassword()º¯Êý¼ÓÃÜ

#crypt=3£º±íʾʹÓÃmd5µÄÉ¢Áз½Ê½#ÉÏÃæÊÇÁ½¾äÅäÖ㬵ÚÒ»¾äÊÇÒÔauth¿ªÊ¼µÄ£¬µÚ¶þ¾äÒÔaccount¿ªÊ¼µÄ

¡£

e)ÐéÄâÓû§µÄÅäÖÃ

vsftpd.confµÄÅäÖúÍÓÃDB¿â´æ´¢Óû§Ãû¼°ÃÜÂëÏàͬ