安装vsftpd
#查看当前系统版本[root@localhost vsftpd]# cat /etc/redhat-release
CentOS release 6.7 (Final)
#安装yum install vsftpd -y
#开机启动chkconfig vsftpd on
基于虚拟用户和被动模式的配置[root@localhost vsftpd]# cat vsftpd.conf
anonymous_enable=NO
listen=YES
listen_port=21
ascii_upload_enable=YES
ascii_download_enable=YES
local_enable=YES
guest_enable=YES
guest_username=ftp
virtual_use_local_privs=YES
pasv_enable=YES
port_enable=NO
pasv_min_port=8022
pasv_max_port=8022
anon_world_readable_only=NO
write_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
chroot_local_user=YES
pam_service_name=vsftpd.vu
user_config_dir=/etc/vsftpd/vsftpd_user_conf
xferlog_enable=YES
xferlog_file=/var/log/vsftpd.log
开始认证
#安装Berkeley DB工具yum install db4 db4-utils -y
#创建用户密码文件,奇数行为用户名,偶数行为密码.vi /etc/vsftpd/login.txt
yujianglei
yujianglei
#生成虚拟用户认证的db文件db_load –T –t hash –f /etc/vsftpd/login.txt /etc/vsftpd/login.db
#编辑认证文件,注释原来的所有语句.添加如下内容[root@localhost vsftpd]# cat /etc/pam.d/vsftpd.vu
auth required /lib64/security/pam_userdb.so db=/etc/vsftpd/login
account required /lib64/security/pam_userdb.so db=/etc/vsftpd/login
#创建虚拟用户的配置文件mkdir /etc/vsftpd/ vsftpd_user_conf
vi /etc/vsftpd/ vsftpd_user_conf/yujianglei
local_root=/home/vsftpd_data/yujianglei
write_enable=YES
anon_umask=022
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
设置FTP根目录权限mkdir /home/vsftpd_data/yujianglei -p
chmod -R 755 /home/vsftpd_data
chmod -R 777 /home/vsftpd_data/yujianglei
Selinux和防火墙配置setenforce 0
Iptables -A INPUT –m state --state NEW –m tcp –p tcp –dport 21 -j ACCEPT
Iptables -A INPUT –m state --state NEW –m tcp –p tcp –dport 8022 -j ACCEPT