By default vsftpd is configured to work with system users. Setup virtual users instead of system users is a good security practice if you are hosting several web sites and you want the webmasters to have access only to their own files. In today’s article we will explain how to create vsftpd virtual users on a CentOS Cloud VPS First, make sure that vsftpd is up and running on your server. You can check this by executing the following:
# /etc/init.d/vsftpd status vsftpd is running...
Open the existing vsftpd configuration file and add/modify the following lines:
# vim /etc/vsftpd/vsftpd.conf guest_enable=YES virtual_use_local_privs=YES user_sub_token=$USER local_root=/var/www/virtualusers/$USER chroot_local_user=YES
Save the ‘vsftpd.conf’ file and restart the vsftpd server:
# /etc/init.d/vsftpd restart
We will use the ‘pam_userdb’ PAM module to authenticate the virtual users. This PAM module needs a file in ‘.db’ format that contains all usernames and passwords of the virtual users. In order to create the ‘.db’ file, we need to create a text file that will contain all usernames and passwords for your virtual users in the following format:
# vim /etc/vsftpd/virtusers.txt virtuser1 password1 virtuser2 password2
Change ‘virtuser1’ and ‘password1’ with the real username and password. Save the file and hash the newly created ‘virtusers.txt’ by executing the following command:
# db_load -T -t hash -f /etc/vsftpd/virtusers.txt /etc/vsftpd/virtusers.db
Open the file ‘/etc/pam.d/vsftpd’ and add the following lines at the very top of the file
# vim /etc/pam.d/vsftpd auth required pam_userdb.so db=/etc/vsftpd/virtusers account required pam_userdb.so db=/etc/vsftpd/virtusers
Create the virtual user’s home directory and change the owner of the directory:
# mkdir /var/www/virtualusers/virtuser1 # chown ftp: /var/www/virtualusers/virtuser1
You will need to create a home directory for each virtual user. That’s all. Now you should able to log in to the vsftpd server using the virtual users.
Our intention with this post was to make setting up virtual users in vsftpd a breeze for you. Now, we’re passing the baton to you:
Do you feel there’s something critical we missed, or is there a step that you’re still unclear about?
What other detailed instructional tutorials would you appreciate seeing on our blog?
Your feedback is valuable to us, so please leave a comment below.