I’ve done this before with the help of a very good blog entry. But when I tried to do the same thing today I can’t find that page. So I decide to write this down, in case I’ll need it later.
The most problem of setting up Vsftpd with file based virtual user on FreeBSD is that we don’t have pam_userdb. So we’ll use /usr/ports/security/pam_pwdfile instead.
So after installing the vsftpd and pam_pwdfile ports, do the following:
(1) in /etc/pam.d, make a file named “vsftpd” and put the following lines in it:
account required /usr/lib/pam_permit.so
(2) make a password file with the apache htpasswd utility:
(3) make a local user with “nologin” as the shell and disable password login. I use “vsftp” for this.
(4) in /usr/local/etc/vsftpd.conf, disable anonymous access and enable local user access, and then add the following:
guest_enable=YES
guest_username=vsftp
listen=YES
background=YES
pam_service_name=vsftpd
user_config_dir=/usr/local/etc/vsftpd
virtual_use_local_privs=YES
Note the value of “guest_usrname” is the local user name you made in step (3)
(5) make a directory /usr/local/etc/vsftpd, and write user specific configurations in a file named after the user’s login name. For example, someone with full write access will have something like this:
anon_other_write_enable=YES
anon_upload_enable=YES
write_enable=YES
(6) It should be OK now, add vsftpd_enable=”YES” into /etc/rc.conf as usual, and restart vsftpd to see if everything works fine.
Tags: freebsd, apache, config, file based, ftp, pam, ports, security, virtual user, vsftpd
Comments 27
Hi.
I’ve tried to implement vsftpd using your recipe but I cannot log in with a valid user. The /var/log/messages file lists:
vsftpd: in openpam_load_module(): no /usr/local/lib/pam_pwdfile.so found
The point is that I can list /usr/local/lib/pam_pwdfile.so
Any idea?
Thanks
Posted 10 Dec 2009 at 10:40 pm ¶@Jose: I’ve got the same error. Seems to be a known issue in FreeBSD 8.0-RELEASE at the moment. This is very annoying concerning the fact that the pam_userdb.so module is not available in FreeBSD, either (which is how I do virtual users in Linux).
@dryice: Nice tut, anyway. Thx.
Posted 11 Mar 2010 at 7:58 am ¶Update: Problem solved!
1. uninstall broken pam_pwdfile:
pkg_delete pam_pwdfile-0.99
2. Install pam_pwdfile from the ports:
cd /usr/ports/security/pam_pwdfile
make install clean
3. Enjoy!
(4. optionally also install vsftpd from the ports, since it is also a newer release)
Posted 11 Mar 2010 at 8:30 am ¶Thanks for the post. I will give a try. Because it is quite hard to find information about it. I have been searching a lot and finally I found you page. I hope that I don’t problem with it.
Posted 03 Nov 2010 at 11:47 pm ¶I recommend is to have several good watch …..
Posted 03 May 2011 at 2:08 pm ¶They not only work fine and affordable …..
Franck Muller Watches
Hublot
Very nice post… Thanks for sharing this code. I would like to see more unique update from you.
Posted 10 Jun 2011 at 2:40 pm ¶wow… Very useful information.. Your blog is very helpful for updating my knowledge. I will look forward for your future updates.
Posted 10 Jun 2011 at 2:42 pm ¶This is really interesting information.Topic is is explained very well here.Thanks for your post.
Posted 10 Jun 2011 at 2:45 pm ¶great information thanks for sharing this podt
Posted 01 Aug 2011 at 3:41 pm ¶Thanks for sharing such a wonderful post..Loved reading each and every word!!
Posted 05 Aug 2011 at 6:01 pm ¶that was nice to read,, thanks for sharing.. love to read that..
Posted 19 Aug 2011 at 8:21 pm ¶This is very good article. Thanks for explaining about the topic in nice way. You have shared very nice information here.
Posted 23 Aug 2011 at 11:47 am ¶I completely agree over your point and simply loved the topic that you choose. It is very straight and to the point, your thoughts and views are getting conveyed.
Posted 26 Aug 2011 at 2:35 pm ¶Great piece of information shared. Keep Posting..!!!
Posted 05 Sep 2011 at 3:01 pm ¶Hey,
Posted 20 Sep 2011 at 11:27 pm ¶Excellent initiative!I like your blog posting… This is good posting information..
Hi….,
Posted 21 Sep 2011 at 6:05 pm ¶You did a great work here. Thanks for sharing blog. Keep it up….
Interesting Post, Vengeful Gladiator’s Leather Gloves equipped can interrupt Shade using their Deadly Throw ability.
Posted 24 Sep 2011 at 7:37 pm ¶Good post. I study something tougher on totally different blogs everyday. It should at all times be stimulating to learn content material from other writers and follow a bit something from their store
Posted 26 Sep 2011 at 1:45 am ¶Hey,
Posted 28 Sep 2011 at 11:32 pm ¶Great post thanks and wonderful informative site.Thanks for sharing this interesting information and thank you very much………
Thanks for sharing this great article! I feel strongly about it and love learning more on this topic. It is extremely helpful for me. I hope you post again soon
Posted 29 Sep 2011 at 6:50 pm ¶Good post. I study something tougher on totally different blogs everyday. It should at all times be stimulating to learn content material from other writers and follow a bit something from their store
Posted 30 Sep 2011 at 2:57 pm ¶Excellent stuff written and shred by author..This post is very informative.Thanks!!
Posted 01 Oct 2011 at 2:15 pm ¶Thanks. I was needign this from a ong time. Your code had solevd my problem now.
Posted 04 Oct 2011 at 1:17 am ¶Hey,
Posted 15 Oct 2011 at 11:14 pm ¶These are amazing themes found here… Very interesting. Thanks a lot for the share.and very beautiful….
I wonder how you got so good. This is really a fascinating blog, lots of stuff that I can get into. One thing I just want to say is that your Blog is so perfect!
Posted 19 Oct 2011 at 2:47 pm ¶Great theme..I visit this blog regularly and every time i found something unique data..Amazing blog provided.Thanks!!
Posted 25 Oct 2011 at 12:48 pm ¶Wonderful theme..I think you given a most impressive articles..Thanks for sharing such a great blog.
Posted 13 Jan 2012 at 2:23 pm ¶Post a Comment
You could use <code type="name"> to get your code colorized