This article explains how to configure PAM with VSFTP for authentication. It requires a database file that contains all the users and passwords.
To create a db format file, first create a plain text file e.g. 'virtual-users' with the usernames and passwords on alternating lines: It should look like as shown below:
user1
password1
user2
password3
Once usernames and passwords are added to the file, its time to create the database. You man need to install db_load command if it is already not there. Install is using yum install db4-utils
Execute following command to convert plain file to db format.# db_load -T -t hash -f virtual-users /etc/vsftpd/virtual-users.db
Now, create a PAM file /etc/pam.d/vsftpd-virtual which users your database. Add following lines in this file.
auth required pam_userdb.so db=/etc/vsftpd/virtual-users
account required pam_userdb.so db=/etc/vsftpd/virtual-users
Once done, restart VSFTP service. service vsftpd restart
Now you don't need to create system accounts for FTP use. Just add the new user and password in the file, rebuild the database and restart the service.
To create a db format file, first create a plain text file e.g. 'virtual-users' with the usernames and passwords on alternating lines: It should look like as shown below:
user1
password1
user2
password3
Once usernames and passwords are added to the file, its time to create the database. You man need to install db_load command if it is already not there. Install is using yum install db4-utils
Execute following command to convert plain file to db format.# db_load -T -t hash -f virtual-users /etc/vsftpd/virtual-users.db
Now, create a PAM file /etc/pam.d/vsftpd-virtual which users your database. Add following lines in this file.
auth required pam_userdb.so db=/etc/vsftpd/virtual-users
account required pam_userdb.so db=/etc/vsftpd/virtual-users
Once done, restart VSFTP service. service vsftpd restart
Now you don't need to create system accounts for FTP use. Just add the new user and password in the file, rebuild the database and restart the service.
No comments:
Post a Comment