ftp虚拟用户详细配置过程

#做之前先关闭防火墙四部
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# vim /etc/selinux/config
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum -y install vsftpd        #安装vsftpd
[root@localhost ~]# systemctl start vsftpd     #启用vsftps服务

#vsftpd虚拟用户配置
[root@localhost ~]# systemctl start vsftpd
[root@localhost ~]# systemctl enable vsftpd
[root@localhost ~]# netstat -antlupe | grep vsftpd
tcp6       0      0 :::21                   :::*                    LISTEN      0          46426      2141/vsftpd         
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# vim /etc/selinux/config
[root@localhost ~]# setenforce 0
setenforce: SELinux is disabled
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls
[root@localhost yum.repos.d]# wget http://mirrors.163.com/.help/CentOS7-Base-163.repo
--2020-04-01 14:39:44--  http://mirrors.163.com/.help/CentOS7-Base-163.repo
正在解析主机 mirrors.163.com (mirrors.163.com)... 59.111.0.251
正在连接 mirrors.163.com (mirrors.163.com)|59.111.0.251|:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：1572 (1.5K) [application/octet-stream]
正在保存至: “CentOS7-Base-163.repo”

100%[==================================================================>] 1,572       --.-K/s 用时 0s      

2020-04-01 14:39:44 (95.0 MB/s) - 已保存 “CentOS7-Base-163.repo” [1572/1572])

[root@localhost yum.repos.d]# ls
CentOS7-Base-163.repo
[root@localhost ~]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@localhost ~]# sed -i 's/^enabled=.*/enabled=1/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@localhost ~]# yum clean all
[root@localhost ~]# yum -y install vsftpd
[root@localhost ~]# echo 'aaa' >> /etc/vsftpd/vu.list
[root@localhost ~]# echo '111' >> /etc/vsftpd/vu.list
[root@localhost ~]# echo 'bbb' >> /etc/vsftpd/vu.list
[root@localhost ~]# echo '222' >> /etc/vsftpd/vu.list
[root@localhost ~]# cat /etc/vsftpd/vu.list
aaa
111
bbb
222

[root@localhost ~]# yum -y install db4*
[root@localhost ~]# db_load -T -t hash -f /etc/vsftpd/vu.list /etc/vsftpd/vu.db
[root@localhost ~]# chmod 600 /etc/vsftpd/vu.*
[root@localhost ~]# ll /etc/vsftpd/vu.*
-rw------- 1 root root 12288 4月   1 14:58 /etc/vsftpd/vu.db
-rw------- 1 root root    16 4月   1 14:52 /etc/vsftpd/vu.list
[root@localhost ~]# useradd -d /var/ftproot -s /sbin/nologin vftp
[root@localhost ~]# chmod 755 /var/ftproot/
[root@localhost ~]# ll -d /var/ftproot/
drwxr-xr-x 2 vftp vftp 62 4月   1 15:02 /var/ftproot/
[root@localhost ~]# cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd.bak
[root@localhost ~]# vim /etc/pam.d/vsftpd
#%PAM-1.0
#session    optional     pam_keyinit.so    force revoke
#auth       required    pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
#auth       required    pam_shells.so
#auth       include     password-auth
#account    include     password-auth
#session    required     pam_loginuid.so
#session    include     password-auth
auth       required    pam_userdb.so db=/etc/vsftpd/vu
account    required    pam_userdb.so db=/etc/vsftpd/vu
[root@localhost ~]# echo 'guest_enable=YES' >> /etc/vsftpd/vsftpd.conf
[root@localhost ~]# echo 'guest_username=vftp' >> /etc/vsftpd/vsftpd.conf
[root@localhost ~]# echo 'user_config_dir=/etc/vsftpd/vusers_dir' >> /etc/vsftpd/vsftpd.conf
[root@localhost ~]# echo 'allow_writeable_chroot=YES' >> /etc/vsftpd/vsftpd.conf
[root@localhost ~]# mkdir /etc/vsftpd/vusers_dir
[root@localhost ~]# ll /etc/vsftpd
总用量 36
-rw------- 1 root root   125 10月 31 2018 ftpusers
-rw------- 1 root root   361 10月 31 2018 user_list
-rw------- 1 root root  5218 4月   1 15:22 vsftpd.conf
-rwxr--r-- 1 root root   338 10月 31 2018 vsftpd_conf_migrate.sh
-rw------- 1 root root 12288 4月   1 14:58 vu.db
-rw------- 1 root root    16 4月   1 14:52 vu.list
drwxr-xr-x 2 root root     6 4月   1 15:23 vusers_dir
[root@localhost ~]# echo 'anon_upload_enable=YES' >> /etc/vsftpd/vusers_dir/aaa
[root@localhost ~]# echo 'anon_mkdir_write_enable=YES' >> /etc/vsftpd/vusers_dir/aaa

客户端：
[root@whb ~]# systemctl stop firewalld
[root@whb ~]# systemctl disable firewalld
[root@whb ~]# vim /etc/selinux/config
[root@whb ~]# setenforce 0
[root@whb ~]# yum -y install lftp
[root@whb ~]# systemctl start vsftpd
[root@whb ~]# lftp -u aaa,111 192.168.86.137
lftp aaa@192.168.86.137:~> ls
-rw-r--r--             1 0                       0                       0  Apr  01  17:12  hello

来源：51CTO

作者：wx5e782fbb12ee3

链接：https://blog.51cto.com/14763231/2483994