歡迎您光臨本站 註冊首頁

不知道有沒有人做過PAM虛擬用戶+Vsftp+FreeBSD?

←手機掃碼閱讀     火星人 @ 2014-03-04 , reply:0

不知道有沒有人做過PAM虛擬用戶+Vsftp+FreeBSD?

不知道有沒有人做過PAM虛擬用戶+Vsftp+FreeBSD?
我看了很多資料都有一重要的一步,但都不說為什麼那麼做。
logins.txt
……
db_load -T -t hash -f logins.txt /etc/vsftpd_login.db
這個是基於linux的,並且有時候這個db_load會有版本區別。

要是在FreeBSD下怎麼辦呢?請教
《解決方案》

freebsd下因為沒有pam_userdb,跟普通的linux不太一樣,推薦一個做法,也是看了老外的一個方法

http://dryice.name/blog/freebsd/file-based-virtual-user-settings-for-vsftpd-on-freebsd/

I』ve done this before with the help of a very good blog entry. But when I tried to do the same thing today I can』t find that page. So I decide to write this down, in case I』ll need it later.

The most problem of setting up Vsftpd with file based virtual user on FreeBSD is that we don』t have pam_userdb. So we』ll use /usr/ports/security/pam_pwdfile instead.

So after installing the vsftpd and pam_pwdfile ports, do the following:

(1) in /etc/pam.d, make a file named 「vsftpd」 and put the following lines in it:

auth required /usr/local/lib/pam_pwdfile.so pwdfile /etc/vsftpd_login.db
account required /usr/lib/pam_permit.so
(2) make a password file with the apache htpasswd utility:

htpasswd -c -b /etc/vsftpd_login.db USERNAME PASSWORD
(3) make a local user with 「nologin」 as the shell and disable password login. I use 「vsftp」 for this.

(4) in /usr/local/etc/vsftpd.conf, disable anonymous access and enable local user access, and then add the following:

/usr/chroot_local_user=YES
guest_enable=YES
guest_username=vsftp
listen=YES
background=YES
pam_service_name=vsftpd
user_config_dir=/usr/local/etc/vsftpd
virtual_use_local_privs=YES

Note the value of 「guest_usrname」 is the local user name you made in step (3)

(5) make a directory /usr/local/etc/vsftpd, and write user specific configurations in a file named after the user』s login name. For example, someone with full write access will have something like this:

anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_upload_enable=YES
write_enable=YES
(6) It should be OK now, add vsftpd_enable=」YES」 into /etc/rc.conf as usual, and restart vsftpd to see if everything works fine.

[ 本帖最後由 菲平 於 2008-10-25 02:00 編輯 ]

[火星人 ] 不知道有沒有人做過PAM虛擬用戶+Vsftp+FreeBSD?已經有307次圍觀

http://coctec.com/docs/service/show-post-26774.html