Installing vsftpd using text file for virtual users on squeeze/wheezy

vsftpd (Very Secure FTP Daemon) is a secure, fast and stable FTP server. In this tutorial we’ll install the server and make it check in a flat text file for virtual users allowed to login.

1. Install required packages

apt-get install vsftpd libpam-pwdfile

2. Configure vsftpd (pico /etc/vsftpd.conf)

Edit these variables in the config file and leave everything else with the default value.

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
nopriv_user=vsftpd
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
local_root=/var/www/$USER
chroot_local_user=YES
hide_ids=YES
guest_username=vsftpd

Set the local_root to the parent directory where the user’s home directories are located

3. Configure PAM to check the passwd file for users (pico /etc/pam.d/vsftpd)

auth required pam_pwdfile.so pwdfile /etc/ftpd.passwd
account required pam_permit.so

Make sure you remove everything else from the file

4. Create the passwd file containing the users

htpasswd -cd /etc/ftpd.passwd user1

You can later add additional users to the file like this:

htpasswd -d /etc/ftpd.passwd user2

5. Create a local user that’s used by the virtual users to authenticate

useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd

6. Restart vsftpd

/etc/init.d/vsftpd restart

7. Create user’s home directory since vsftpd doesn’t do it automatically

mkdir /var/www/user1
chown vsftpd:nogroup /var/www/user1
chmod a-w /var/www/user1

1 comment

  1. Followed teh tutorial line by line however Vsftpd dont start, I get

    /etc/vsftpd.conf: listen disabled – service will not start

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>