ftp Server IP10.0.0.252/8
试验步骤:
1. 为了装包方便搞定yum服务 (略)
2. 安装MYSQL服务
[root@Bhanv ~]# yum install mysql-server –y
Installing: mysql-server                 ######################### [1/1]
Installed: mysql-server.i386 0:5.0.45-7.el5
Complete!
3.安装VSFTP服务所需的软件包
       [root@Bhanv ~]# yum install vsftpd   -y
       Installing: vsftpd                       ######################### [1/1]
Installed: vsftpd.i386 0:2.0.5-12.el5
Complete!
4.默认RHEL5不支持vsftpmysql连接,需要下载编译所支持的模括。
[root@Bhanv ~]# ll pam_mysql-0.7RC1.tar.gz
-rw-r--r-- 1 root root 335240 2006-01-09 pam_mysql-0.7RC1.tar.gz
[root@Bhanv ~]# yum install gcc gcc-c++ pam-devel mysql-devel –y
[root@Bhanv ~]# tar zxf pam_mysql-0.7RC1.tar.gz -C /tmp/
[root@Bhanv ~]# cd /tmp/pam_mysql-0.7RC1/
[root@Bhanv pam_mysql-0.7RC1]# ./configure
[root@Bhanv pam_mysql-0.7RC1]# make;make install
[root@Bhanv pam_mysql-0.7RC1]# ll /lib/security/pam_mysql.so
-rwxr-xr-x 1 root root 93416 04-08 13:14 /lib/security/pam_mysql.so
5.创建虚拟用户对应的系统用户
[root@Bhanv pam_mysql-0.7RC1]# useradd  -d /home/virtual -s /sbin/nologin  virtual
6.创建存储虚拟用户的数据库和表。
#mysql –u root –p
mysql>create database ftpdb
mysql>use ftpdb
mysql>create table  ftpusers(name char(20),password char(20))
mysql> insert into ftpusers(name,password) values ('pei','pei')
mysql> insert into ftpusers(name,password) values ('huan','huan')
mysql>grant select on ftpdb.ftpusers to virtual@localhost identified by 'Bhanv'
7.修改vsftp主配置文件:
[root@Bhanv /]# vi /etc/vsftpd/vsftpd.conf
pam_service_name=vsftpd.virtual
guest_enable=YES
guest_username=virtual
8.建立pam认证文件
[root@Bhanv /]# vi /etc/pam.d/vsftpd.virtual
auth required  /lib/security/pam_mysql.so  user=virtual passwd=Bhanv host=localhost  db=ftpdb table=ftpusers   usercolumn=name   passwdcolumn=password crpty=0
account required  /lib/security/pam_mysql.so  user=virtual passwd=Bhanv host=localhost db=ftpdb table=ftpusers   usercolumn=name   passwdcolumn=password crpty=0
注意:
crypt= n
crypt=0: 明文密码
crypt=1: 使用crpyt()函数(对应SQL数据里的encrypt()encrypt()随机产生salt)
crypt=2: 使用MYSQL中的password()函数加密
crypt=3:表示使用md5的散列方式
测试:
[root@Bhanv ~]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): pei
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
[root@Bhanv ~]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): huan
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>