os: rhel7.2
# yum -y install vsftpd
# vi /etc/vsftpd/vusers.list # 建立虚拟用户口令库文件
ceshi01 # 用户名 ceshi01pwd # 密码 ceshi02 ceshi02pwd |
# db_load -T -thash -f vusers.list /etc/vsftpd/vsftpd_login.db # 生成认证文件
# chmod 600 /etc/vsftpd/vsftpd_login.db # 赋予权限
# vi /etc/pam.d/vsftpd # 建立 PAM 配置文件
#%PAM-1.0 #session optional pam_keyinit.so force revoke #auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed #auth required pam_shells.so #auth include password-auth #account include password-auth #session required pam_loginuid.so #session include password-auth auth required pam_userdb.so db=/etc/vsftpd/vsftpd_login account required pam_userdb.so db=/etc/vsftpd/vsftpd_login |
# useradd -d /home/ftp -s /sbin/nologin virtual # 建立虚拟用户
# chmod 777/home/ftp # 设置权限
# mkdir /etc/vsftpd/vsftpd_user_conf # 建立ftp用户配置目录
# mkdir -p /data/ceshi01 # 建立ftp用户共享目录
# mkdir -p /data/ceshi02
# chown virtual.virtual -R /data # 赋予权限
# vi /etc/vsftpd/vsftpd_user_conf/ceshi01 # ftp用户属性配置
local_root=/data/ceshi01 write_enable=YES virtual_use_local_privs=YES |
# vi /etc/vsftpd/vsftpd_user_conf/ceshi02
local_root=/data/ceshi02 write_enable=YES virtual_use_local_privs=YES |
# vi /etc/vsftpd/chroot_list # 设置 不可切换到非根目录用户
ceshi01 ceshi02 |
# vi /etc/vsftpd/vsftpd.conf # 修改vsftpd配置文件
anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_std_format=YES chroot_list_enable=YES chroot_list_file=/etc/vsftpd/chroot_list listen=NO listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES guest_enable=YES guest_username=virtual user_config_dir=/etc/vsftpd/vsftpd_user_conf allow_writeable_chroot=YES |
# systemctl enable vsftpd && systemctl restart vsftpd # 重启生效
# 最后登录测试,并切换目录,上传下载删除等
# ftp 192.168.1.151
Connected to192.168.1.151 (192.168.1.151).
220 (vsFTPd 3.0.2)
Name(192.168.1.151:root): ceshi01
331 Please specifythe password.
Password:
230 Loginsuccessful.
Remote system typeis UNIX.
Using binary mode totransfer files.
ftp> ls
227 Entering PassiveMode (192,168,1,151,118,74).
150 Here comes thedirectory listing.
-rw-r--r-- 1 0 0 6 Oct 13 05:46 22
226 Directory sendOK.
ftp> pwd
257 "/"
ftp>