Setup Virtual Users in VSFTPD

/ Category: Tutorials / Comments: None

vsftpd
Spread the love

By default vsftpd is configured to work with system users. Setup virtual users instead of system users is a good security practice if you are hosting several web sites and you want the webmasters to have access only to their own files. In today’s article we will explain how to create vsftpd virtual users on a CentOS Cloud VPS First, make sure that vsftpd is up and running on your server. You can check this by executing the following:

# /etc/init.d/vsftpd status
vsftpd is running...

Open the existing vsftpd configuration file and add/modify the following lines:

# vim /etc/vsftpd/vsftpd.conf
guest_enable=YES
virtual_use_local_privs=YES
user_sub_token=$USER
local_root=/var/www/virtualusers/$USER
chroot_local_user=YES

Save the ‘vsftpd.conf’ file and restart the vsftpd server:

# /etc/init.d/vsftpd restart

We will use the ‘pam_userdb’ PAM module to authenticate the virtual users. This PAM module needs a file in ‘.db’ format that contains all usernames and passwords of the virtual users. In order to create the ‘.db’ file, we need to create a text file that will contain all usernames and passwords for your virtual users in the following format:

# vim /etc/vsftpd/virtusers.txt
virtuser1
password1
virtuser2
password2

Change ‘virtuser1’ and ‘password1’ with the real username and password. Save the file and hash the newly created ‘virtusers.txt’ by executing the following command:

# db_load -T -t hash -f /etc/vsftpd/virtusers.txt /etc/vsftpd/virtusers.db

Open the file ‘/etc/pam.d/vsftpd’ and add the following lines at the very top of the file

# vim /etc/pam.d/vsftpd
auth required pam_userdb.so db=/etc/vsftpd/virtusers
account required pam_userdb.so db=/etc/vsftpd/virtusers

Create the virtual user’s home directory and change the owner of the directory:

# mkdir /var/www/virtualusers/virtuser1
# chown ftp: /var/www/virtualusers/virtuser1

You will need to create a home directory for each virtual user. That’s all. Now you should able to log in to the vsftpd server using the virtual users. Of course you don’t have to do any of this if you use one of our linux cloud vps hosting services, in which case you can simply ask our expert Linux admins to setup virtual users in vsftpd for you. They are available 24×7 and will take care of your request immediately. PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

Be the first to write a comment.

Your feedback