Wednesday, May 8, 2013

FTP authentication using PAM on Linux

This article explains how to configure PAM with VSFTP for authentication. It requires a database file that contains all the users and passwords.
To create a db format file, first create a plain text file e.g. 'virtual-users' with the usernames and passwords on alternating lines: It should look like as shown below:


Once usernames and passwords are added to the file, its time to create the database. You man need to install db_load command if it is already not there. Install is using yum install db4-utils

Execute following command to convert plain file to db format.# db_load -T -t hash -f virtual-users /etc/vsftpd/virtual-users.db

Now, create a PAM file /etc/pam.d/vsftpd-virtual which users your database. Add following lines in this file.
auth required db=/etc/vsftpd/virtual-users
account required db=/etc/vsftpd/virtual-users

Once done, restart VSFTP service. service vsftpd restart

Now you don't need to create system accounts for FTP use. Just add the new user and password in the file, rebuild the database and restart the service.

No comments:

Post a Comment