实现基于MYSQL验证的vsftpd虚拟用户功能

一身转战三千里,一剑曾百万师。这篇文章主要讲述实现基于MYSQL验证的vsftpd虚拟用户功能相关的知识,希望能为你提供帮助。
1 实现基于mysql验证的vsftpd虚拟用户功能

利用 pam_mysql 模块可以实现基于MySQL的FTP虚拟用户功能
项目网站:https://sourceforge.net/projects/pam-mysql/
【实现基于MYSQL验证的vsftpd虚拟用户功能】因此项目年代久远不再更新,只支持CentOS 6,7,不支持CentOS 8
环境准备


实验在两台主机上实现
192.168.100.17centos7#FTP服务器
192.168.100.18centos8#MySQL数据库服务器

1.2 在数据库服务器上安装mysql数据库


#注意:MySQL8.0由于取消了PASSWORD()函数,不支持,所以使用mariadb数据库
[root@centos8 ~]# mysql
Server version: 8.0.26 Source distribution
mysql> select password("centos");
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near \'("centos")\' at line 1

[root@centos8 ~]#yum -y install mariadb-server
[root@centos8 ~]#systemctl enable --now mariadb.service
[root@centos8 ~]# mysql
Server version: 10.3.28-MariaDB MariaDB Server
MariaDB [(none)]> select password("centos");
+-------------------------------------------+
| password("centos")|
+-------------------------------------------+
| *128977E278358FF80A246B5046F51043A2B1FCED |
+-------------------------------------------+
1 row in set (0.002 sec)




1.3 在数据库服务上配置数据库支持vsftpd服务


#建立存储虚拟用户数据库vsftpd和表vsftp_users
[root@centos8 ~]# mysql
MariaDB [(none)]> create database vsftpd;
MariaDB [(none)]> use vsftpd;
MariaDB [vsftpd]> create table vsftp_users (id int auto_increment not null primary key, name char(50) binary not null, password char(48) binary not null);
MariaDB [vsftpd]> desc vsftp_users;
+----------+----------+------+-----+---------+----------------+
| Field| Type| Null | Key | Default | Extra|
+----------+----------+------+-----+---------+----------------+
| id| int(11)| NO| PRI | NULL| auto_increment |
| name| char(50) | NO|| NULL||
| password | char(48) | NO|| NULL||
+----------+----------+------+-----+---------+----------------+

#添加虚拟用户ftp_wang和ftp_mage,为了安全应该使用PASSWORD函数加密其密码后存储
MariaDB [vsftpd]> insert into vsftp_users (name,password) values (\'ftp_wang\',password(\'magedu\'));
MariaDB [vsftpd]> insert into vsftp_users(name,password) values(\'ftp_mage\',password(\'centos\'));
MariaDB [vsftpd]> select * from vsftp_users;
+----+----------+-------------------------------------------+
| id | name| password|
+----+----------+-------------------------------------------+
|1 | ftp_wang | *6B8CCC83799A26CD19D7AD9AEEADBCD30D8A8664 |
|2 | ftp_mage | *128977E278358FF80A246B5046F51043A2B1FCED |
+----+----------+-------------------------------------------+

#创建连接的数据库用户
MariaDB [vsftpd]> grant select on vsftpd.* to vsftpuser@\'192.168.209.%\' identified by \'magedu\';
MariaDB [vsftpd]> flush privileges;





1.4 在FTP服务器上安装vsftpd 和 pam_mysql包

1.4.1 centos7系统下编译安装pam-mysql源码



#安装相关包
[root@centos7 ~]# yum install -y vsftpd gcc gcc-c++ make mariadb-devel pam-devel
#下载pam-mysql源码进行编译
[root@centos7 ~]# wget http://prdownloads.sourceforge.net/pam-mysql/pam_mysql-0.7RC1.tar.gz
#https://github.com/NigelCunningham/pam-MySQL/archive/v0.8.1.tar.gz

[root@centos7 ~]# tar xvf pam_mysql-0.7RC1.tar.gz
[root@centos7 ~]# cd pam_mysql-0.7RC1
[root@centos7 pam_mysql-0.7RC1]# ./configure--with-pam-mods-dir=/lib64/security

[root@centos7 pam_mysql-0.7RC1]# ll /lib64/security/pam_mysql*
-rwxr-xr

    推荐阅读