CentOS6.7 use MySQL under vsftpd verification
A .MySQL installation and configuration
1. Use the yum install MySQL
[root@db1 ~]# yum -y install mysql mysql-server mysql-devel
1. Use the yum install MySQL
[root@db1 ~]# yum -y install mysql mysql-server mysql-devel
2. Start MySQL service and modify the MySQL administrator password
[root@db1 ~]# service mysqld start
[root@db1 ~]# service mysqld start
[root@db1 ~]# /usr/bin/mysqladmin -u root password ‘test123’
3. Create a MySQL database and verify the vsftpd table
[root@db1 ~]# mysql -u root -p
mysql> create database vsftpd;
Query OK, 1 row affected (0.01 sec)
mysql> use vsftpd;
Database changed
// Create a three column list of users, an id for the index, name for the account name, password user password
Query OK, 1 row affected (0.01 sec)
mysql> use vsftpd;
Database changed
// Create a three column list of users, an id for the index, name for the account name, password user password
mysql> create table users ( id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, name CHAR(15) NOT NULL UNIQUE KEY,password CHAR(48) NOT NULL );
Query OK, 0 rows affected (0.00 sec)
// Add a web account, the password for the web, and stored encrypted password, the account is to wait for the next use FTP server
mysql> insert into users (name,password) values (‘web’,password(‘web’));
Query OK, 1 row affected (0.00 sec)
Query OK, 0 rows affected (0.00 sec)
// Add a web account, the password for the web, and stored encrypted password, the account is to wait for the next use FTP server
mysql> insert into users (name,password) values (‘web’,password(‘web’));
Query OK, 1 row affected (0.00 sec)
4. Create a vsftpd a MySQL database account is used to retrieve vsftpd
mysql> grant select on vsftpd.* to vsftpd@localhost identified by ‘vsftpd’;
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
// Just to make the rights with immediate effect
mysql> grant select on vsftpd.* to vsftpd@localhost identified by ‘vsftpd’;
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
// Just to make the rights with immediate effect
II. Install and configure the PAM module
1. Install dependent libraries
1. Install dependent libraries
[root@db1 ~]# yum -y install gcc gcc-c++ make pam pam-devel openssl openssl-devel
2. Download and install pam_mysql
[root@db1 software]# wget http://downloads.sourceforge.net/project/pam-mysql/pam-mysql/0.7pre3/pam_mysql-0.7pre3.tar.gz?r=http%3A%2F%2Fpam-mysql.sourceforge.net%2F&ts=1442878889&use_mirror=iweb
[root@db1 software]# cd pam_mysql-0.7pre3
[root@db1 pam_mysql-0.7pre3]# ls
acinclude.m4 ChangeLog config.h.in configure COPYING INSTALL ltmain.sh Makefile.in mkinstalldirs pam_mysql.c pam_mysql.spec.in README
aclocal.m4 config.guess config.sub configure.in CREDITS install-sh Makefile.am missing NEWS pam_mysql.spec pkg.m4 stamp-h.in
[root@db1 pam_mysql-0.7pre3]#
./configure –with-openssl
make && make install
[root@db1 pam_mysql-0.7pre3]# ls
acinclude.m4 ChangeLog config.h.in configure COPYING INSTALL ltmain.sh Makefile.in mkinstalldirs pam_mysql.c pam_mysql.spec.in README
aclocal.m4 config.guess config.sub configure.in CREDITS install-sh Makefile.am missing NEWS pam_mysql.spec pkg.m4 stamp-h.in
[root@db1 pam_mysql-0.7pre3]#
./configure –with-openssl
make && make install
pam files installed by default to the /lib directory, if the system is 64-bit system, you need to copy a document to / lib64 directory
[root@db1 pam_mysql-0.7pre3]# cp /lib/security/pam_mysql.
pam_mysql.la pam_mysql.so
[root@db1 pam_mysql-0.7pre3]# cp /lib/security/pam_mysql.* /lib64/security/
Create a certificate file
[root@db1 pam_mysql-0.7pre3]# cat /etc/pam.d/ftp.mysql
auth required /lib64/security/pam_mysql.so user=vsftpd passwd=vsftpd host=localhost db=vsftpd table=users
usercolumn=name passwdcolumn=password crypt=2
account required /lib64/security/pam_mysql.so user=vsftpd passwd=vsftpd host=localhost db=vsftpd table=users
usercolumn=name passwdcolumn=password crypt=2
[root@db1 pam_mysql-0.7pre3]#
Note: This is the second line, can not wrap Also note inside the corresponding Fill in the fields.
Special instructions crypt Options
crypt = 0: plain text password
crypt = 1: Use crpyt () function (corresponding SQL data in the encrypt (), encrypt () randomly generated salt)
crypt = 2: Use the MYSQL password () function encryption
crypt = 3: the way that the use of md5 hash
[root@db1 pam_mysql-0.7pre3]# cat /etc/pam.d/ftp.mysql
auth required /lib64/security/pam_mysql.so user=vsftpd passwd=vsftpd host=localhost db=vsftpd table=users
usercolumn=name passwdcolumn=password crypt=2
account required /lib64/security/pam_mysql.so user=vsftpd passwd=vsftpd host=localhost db=vsftpd table=users
usercolumn=name passwdcolumn=password crypt=2
[root@db1 pam_mysql-0.7pre3]#
Note: This is the second line, can not wrap Also note inside the corresponding Fill in the fields.
Special instructions crypt Options
crypt = 0: plain text password
crypt = 1: Use crpyt () function (corresponding SQL data in the encrypt (), encrypt () randomly generated salt)
crypt = 2: Use the MYSQL password () function encryption
crypt = 3: the way that the use of md5 hash
Installation and set up three vsftpd
1. Use the yum install vsftpd
[root@db1 pam_mysql-0.7pre3]# yum -y install vsftpd
1. Use the yum install vsftpd
[root@db1 pam_mysql-0.7pre3]# yum -y install vsftpd
2. Backup vsftpd configuration file
cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf_bak
cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf_bak
vi vsftpd.conf
anonymous_enable=NO
pam_service_name=ftp.mysql
pam_service_name=ftp.mysql
And add the following:
virtual_use_local_privs=YES
user_sub_token=$USER
local_root=/var/ftp/$USER
guest_enable=YES
guest_username=vsftpdguest
chroot_local_user=YES
user_config_dir=/etc/vsftpd/vsftpd_user_conf
user_sub_token=$USER
local_root=/var/ftp/$USER
guest_enable=YES
guest_username=vsftpdguest
chroot_local_user=YES
user_config_dir=/etc/vsftpd/vsftpd_user_conf
Create a vsftpdguest account
[root@db1 pam_mysql-0.7pre3]# useradd -s /sbin/nologin -d /var/ftp vsftpdguest
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
[root@db1 pam_mysql-0.7pre3]# useradd -s /sbin/nologin -d /var/ftp vsftpdguest
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
[root@db1 pam_mysql-0.7pre3]# mkdir /etc/vsftpd/vsftpd_user_conf
root@db1 pam_mysql-0.7pre3]# /etc/init.d/vsftpd restart
Shutting down vsftpd: [FAILED]
Starting vsftpd for vsftpd: [ OK ]
root@db1 pam_mysql-0.7pre3]# /etc/init.d/vsftpd restart
Shutting down vsftpd: [FAILED]
Starting vsftpd for vsftpd: [ OK ]
Recent Comments