FTP virtual user is a user that can upload file on behalf of system
user. For example you have a OS user “pradono” and the home directory is
/home/pradono, a virtual user “test1″ that is setup on behalf of
“pradono”, can upload file to /home/pradono/test1 and the file uploaded
will have the ownership as “pradono”.
1. Installing Pure-FTPd using yum
Let’s start by adding an additional CentOS repo
[root@prod1 ~]# cd /etc/yum.repos.d/
|
And enable kbs-CentOS-Testing by editing /etc/yum.repos.d/kbsingh-CentOS-Extras.repo
[root@prod1 /etc/yum.repos.d]# nano -w kbsingh-CentOS-Extras.repo
|
Change enabled=0 to enabled=1
[...]
[kbs-CentOS-Testing]
name=CentOS.Karan.Org-EL$releasever - Testing
gpgcheck=0
enabled=1
|
Import the repo key
Install pure-ftpd.
[root@prod1 /etc/yum.repos.d]# yum -y install pure-ftpd
|
2. Edit the Pure-FTPd config file
[root@prod1 /etc/yum.repos.d]# cd /etc/pure-ftpd/
[root@prod1 /etc/pure-ftpd]# nano -w pure-ftpd.conf
|
Make sure you have these options enabled
[...]
UnixAuthentication yes
VerboseLog yes
PureDB /etc/pure-ftpd/pureftpd.pdb
CreateHomeDir yes
|
The
CreateHomeDir option makes adding virtual users more easy by creating a
user’s home directory upon login (if it doesn’t already exist).
3. Import OS users to Pure-FTPd FTP Users (Optional)
We can either import users with system-level accounts (defined in /etc/passwd) at once or create new users manually using pure-pw useradd. To import users that already exist on your system into the virtual user database, enter these commands: The name has to be pureftpd.passwd. This creates pureftpd.passwd file. pure-pw mkdb imports pureftpd.passwd to the puredb file, in this example /etc/pure-ftpd/pureftpd.pdb.
[root@prod1 /etc/pure-ftpd]# pure-pwconvert >> pureftpd.passwd
[root@prod1 /etc/pure-ftpd]# pure-pw mkdb
|
Update: Just use UnixAuthentication yes in your pure-ftpd.conf file and you don’t need step 3 above.
4. Add a virtual user.
This adds a virtual user “test” to pureftpd.pass file
[root@prod1 /etc/pure-ftpd]# pure-pw useradd test -u doniking -g doniking -d /home/doniking/test
Password:
|
Again, this imports the updated pureftpd.passwd file into a puredb file.
[root@prod1 /etc/pure-ftpd]# pure-pw mkdb
|
5. Testing.
We haven’t restarted pure-ftpd service yet until now. Let’s restart it.
[root@prod1 /etc/pure-ftpd]# service pure-ftpd restart
Stopping pure-ftpd: [ OK ]
Starting pure-ftpd: [ OK ]
|
Test the user
[root@prod1 /etc/pure-ftpd]# ftp localhost
Connected to doniking.lan.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 00:47. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
500 This security scheme is not implemented
500 This security scheme is not implemented
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): test
331 User test OK. Password required
Password:
230-User test has group access to: 500
230 OK. Current directory is /
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
|
6. Notes.
- Every time you add a virtual user, run
[root@prod1 /etc/pure-ftpd]# pure-pw mkdb
|
to import pureftpd.passwd to pureftpd.pdb.
- If you want to enable the OS users to ftp, you don’t need to use
pure-pwconvert command as others suggest. Simply enable
in your /etc/pure-ftpd/pure-ftpd.conf config file.
No comments:
Post a Comment