In this tutorial we’ll install the Debian Linux 9 (squeeze), Apache 2 with mpm-itk (to run each web as a isolated user),...
Installing vsftpd using text file for virtual usersÁstþór IP
This tutorial is for older Debian versions and may not work for current versions. Please refer to the links below to find a newer tutorial.
vsftpd is a secure, fast and stable FTP server. In this tutorial we’ll install the server and make it check in a flat text file for virtual users allowed to login.
1. Install required packages
apt-get install vsftpd libpam-pwdfile
2. Configure vsftpd (pico /etc/vsftpd.conf)
Edit these variables in the config file and leave everything else with the default value.
Set the local_root to the parent directory where the user’s home directories are located
3. Configure PAM to check the passwd file for users (pico /etc/pam.d/vsftpd)
auth required pam_pwdfile.so pwdfile /etc/ftpd.passwd
account required pam_permit.so
Make sure you remove everything else from the file
4. Create the passwd file containing the users
htpasswd -c /etc/ftpd.passwd user1
You can later add additional users to the file like this:
htpasswd /etc/ftpd.passwd user2
5. Create a local user that’s used by the virtual users to authenticate
useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd
6. Restart vsftpd
7. Create user’s home directory since vsftpd doesn’t do it automatically
chown vsftpd:nogroup /var/www/user1
Thanks – this description worked for me when others failed (e.g.:
Amazing tutorial! Very simple, clear, and best of all, ACCURATE.
I have been trying different tutorials for hours now, and all of them were missing critical steps, such as setting up a local user, or setting permissions for the var/www/user1 folder.
I didn’t think it would be so hard to remember all the steps and put them in a tutorial…. But apparently it is very difficult!
Thank you, thank you, and thank you! You are one in a million!
If you use Ubuntu Server 12.04 LTS you need to use the -d in htpasswd since newer versions seems to use MD5 instead of Crypt that was default before.
Example to create a new ftpd.passwd file:
htpasswd -cd /etc/ftpd.passwd user1
Example of adding a new user to an existing ftpd.passwd file:
htpasswd -d /etc/ftpd.passwd user2
The newest vsftpd from Ubuntu has a “security” update that fundamentally breaks most use cases for ftp.
It disallows writeable access to the chroot_dir
Claes: that comment about htpasswd defaulting to md5? thank you so much. you just helped me solve a totally unrelated issue! woohoo!
More interesting information from the pam_pwdfile developer here: http://cpbotha.net/software/pam_pwdfile/
First, thanks for the ‘how-to’ – Excellent and clear to follow. I couldn’t get the “security” update to work by changing vsftpd.conf. But I was able to get it to work by adding a sub-folder to the root folder in step 7 with these changes. Make user1 unwriteable, make uploads writable. Minor nuisance, but it works.
chown -R vsftpd:nogroup /var/www/user1
chmod a-w /var/www/user1