In centos, the vfstpd package comes with it. First introduce this installation method
1. Install the package
yum install -y vsftpd
2. Create a user, because the software can use a system-level user, so it should be set to not be able to log in. Create a system account associated with a virtual account
useradd -s /sbin/nologin virftp
3. Create a file related to vi /etc/vsftpd/vsftpd_login
the write the username zchuny (odd-numbered line) and password 123456 (even-numbered line) in it
4. Modify the permission, prompt for security
chmod 600 /etc/vsftpd/vsftpd_login
5. The password file used by vsftpd is not in clear text, and the corresponding library file needs to be generated
[root@localhost ~]# db_load -T -t hash -f /etc/vsftpd/vsftpd_login /etc/vsftpd/vsftpd_login.db
6. Create relevant directories
mkdir /etc/vsftpd/vsftpd_user_conf
7. cd into the newly created directory
cd /etc/vsftpd/vsftpd_user_conf
8. Create a configuration file vim zchuny corresponding to the user
#定义虚拟用户家目录
local_root=/home/virftp/zchuny
#是否允许匿名账号登录
anonymous_enable=NO
#允许可写
write_enable=YES
local_umask=022
# 不允许匿名账号上传文件
anon_upload_enable=NO
#不允许匿名账号创建目录并可写
anon_mkdir_write_enable=NO
#超时时间,非上传或者下载状态自动断开的时间600秒
idle_session_timeout=600
#数据传输的超时时间为300秒
data_connection_timeout=300
#最大客户端连接数为10
max_clients=10
9. Create a virtual user's home directory
chown -R virftp:virftp /home/virftp
mkdir /home/virftp/zchuny
10 Create a file that you can see when you log in
touch /home/virftp/zchuny/zcy.txt
11. Define the location of the password file and add these 2 lines at the top of /etc/pam.d/vsftpd (authentication file)
auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login
account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login
12. Edit the main configuration file /etc/vsftpd/vsftpd.conf of vsftpd, change a few places, and modify it as follows
anonymous_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
Add the following at the end of the file
chroot_local_user=YES
guest_enable=YES
#guest_username这行表示虚拟用户映射到virftp这个系统用户
guest_username=virftp
#virtual这行的作用是告诉系统现在使用的是虚拟用户
virtual_use_local_privs=YES
#user这行用来定义虚拟用户的配置文件所在路径
user_config_dir=/etc/vsftpd/vsftpd_user_conf
allow_writeable_chroot=YES
13. Start the service
启动 systemctl start vsftpd
查看进程 ps aux |grep vsftpd
root 17890 0.0 0.0 53212 580 ? Ss 01:22 0:00 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
root 17892 0.0 0.0 112676 980 pts/0 S+ 01:22 0:00 grep --color=auto vsftpd
查看端口
netstat -lntp |grep vsftpd
tcp6 0 0 :::21 :::* LISTEN 17890/vsftpd
14. Test, install the lftp package for testing
yum install -y lftp
execute the test
root@localhost vsftpd_user_conf]# lftp [email protected]
口令:
lftp zchuny@127.0.0.1:~> ls
-rw-r--r-- 1 0 0 0 Apr 26 17:04 zcy.txt
lftp zchuny@127.0.0.1:/>
There may be such bad bool value in config file for: write_enable
an error message here, mostly because vi zchuny (user configuration file) or when modifying or adding content in /etc/vsftpd/vsftpd.conf, accidentally pressing a space, then this will appear mistake.