啥也没写
分类: LINUX
2009-08-14 13:04:42
VsftpA quick and easy way to setup a chroot Vsftpd with non-system users.
Here you’ll can:
1. Configure vsftpd to use ftp virtual users.
2. Administer your ftp virtual users through some bash scripts.
# Installation.
yum -y install vsftpd db4-untils
# Configuration.
#——————————————————————–
# Server.
#——————————————————————–
Just after install vsftpd package, run one of the following scripts to configure your ftp server
# Do a basic ftp virtual user configuration without TLS. Here USER and PASS go readable over the wire.
vsftpd_virtual_config.sh
# Do a basic ftp virtual user configuration with TLS. Here USER and PASS go unreadable over the wire.
vsftpd_virtual_config_withTLS.sh
If you are offering ftp service across Internet you probably want to try the vsftpd_virtual_config_withTLS.sh script. Don’t you ?
#——————————————————————–
# Users
#——————————————————————–
Once your vsftpd is configured you can use the following scripts to administer the ftp virtual users:
# Add a new ftp virtual user ( requires vsftpd_virtualuser_config.tpl ).
vsftpd_virtualuser_add.sh
# Update ftp virtual user information.
vsftpd_virtualuser_update.sh
# Remove ftp virtual user (CAUTION!: and all its related data).
vsftpd_virtualuser_remove.sh
# Retrieve ftp virtual user information.
vsftpd_virtualuser_info.sh
Additionally, you can prevent an ftp virtual user from login to the vsftpd by denying its account. You can do this when you create a new ftp virtual user or when you update an existent one.
#——————————————————————–
# Firewall.
#——————————————————————–
# In order for this configuration to work, you’ll need to open, in the server side, the ftp command port:
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 21 -j ACCEPT
# And if you can’t transfer data with default configuration rules, then the ftp data transfer range of ports should be opened, in the server side, too:
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 64000:65535 -j ACCEPT
脚本地址:
