# db_load -T -t hash -f virtual-users.txt /etc/vsftpd/virtual-users.db 2. Virtual users and authentication We are going to use pam_userdb to authenticate the virtual users. This needs a username / password file in `db’ format – a common database format. We need `db_load’ program. For CentOS, Fedora, you may install the package `db4-utils’: # yum install db4-utils For Ubuntu, # apt-get install db4.2-util To create a `db’ format file, first create a plain text file `virtual-users.txt’ with the usernames and passwords on alternating lines: mary 123456 jack 654321 Then execute the following command to create the actual database: # db_load -T -t hash -f virtual-users.txt /etc/vsftpd/virtual-users.db Now, create a PAM file /etc/pam.d/vsftpd-virtual which uses your database: auth required pam_userdb.so db=/etc/vsftpd/virtual-users account required pam_userdb.so db=/etc/vsftpd/virtual-users 3. Configuration of VSFTPD Create a configuration file /etc/vsftpd/vsftpd-virtual.conf, # disables anonymous FTP anonymous_enable=NO # enables non-anonymous FTP local_enable=YES # activates virtual users guest_enable=YES # virtual users to use local privs, not anon privs virtual_use_local_privs=YES # enables uploads and new directories write_enable=YES # the PAM file used by authentication of virtual uses pam_service_name=vsftpd-virtual # in conjunction with 'local_root', # specifies a home directory for each virtual user user_sub_token=$USER local_root=/var/www/virtual/$USER # the virtual user is restricted to the virtual FTP area chroot_local_user=YES # hides the FTP server user IDs and just display "ftp" in directory listings hide_ids=YES # runs vsftpd in standalone mode listen=YES # listens on this port for incoming FTP connections listen_port=60021 # the minimum port to allocate for PASV style data connections pasv_min_port=62222 # the maximum port to allocate for PASV style data connections pasv_max_port=63333 # controls whether PORT style data connections use port 20 (ftp-data) connect_from_port_20=YES # the umask for file creation local_umask=022 4. Creation of home directories Create each user’s home directory in /var/www/virtual, and change the owner of the directory to the user `ftp’: # mkdir /var/www/virtual/mary # chown ftp:ftp /var/www/virtual/mary 5. Startup of VSFTPD and test Now we can start VSFTPD by the command: # /usr/sbin/vsftpd /etc/vsftpd/vsftpd-virtual.conf and test the FTP access of a virtual user: # lftp -u mary -p 60021 192.168.1.101 [[https://security.appspot.com/vsftpd.html | Home page]]