Vsftpd auth with mysql

User Score

Editor Score

Contributed by: Syed Asim Abbas

Category: Installation

Distribution: Red Hat

License: Linux Forums Article License

Posted: 29 April, 2010

Tools »

Bookmark

Comment

I wrote this document for vsftpd authentication with mysql

[root@fileserver ~]# cat /etc/redhat-release
CentOS release 5 (Final)

[root@fileserver ~]# rpm -qa |grep mysql
libdbi-dbd-mysql-0.8.1a-1.2.2
mysql-5.0.22-2.1
mysql-bench-5.0.22-2.1
mysql-devel-5.0.22-2.1
mod_auth_mysql-3.0.0-3.1
mysql-server-5.0.22-2.1
mysql-connector-odbc-3.51.12-2.2
php-mysql-5.1.6-5.el5

[root@fileserver ~]# rpm -qa |grep vsftpd
vsftpd-2.0.5-10.el5

wget http://rpm.pbone.net/index.php3/stat/26/dist/54/size/339076/name/pam_mysql-0.7-0.4.rc1.fc8.src.rpm

[root@fileserver ~]# rpmbuild --rebuild /tmp/pam_mysql-0.7-0.4.rc1.fc8.src.rpm
Installing /tmp/pam_mysql-0.7-0.4.rc1.fc8.src.rpm

[root@fileserver ~]# rpm -ivh /usr/src/redhat/RPMS/i386/pam_mysql-0.7-0.4.rc1.i386.rpm
Preparing...                ########################################### [100%]
1:pam_mysql              ########################################### [100%]

[root@fileserver ~]# mysql
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 2 to server version: 5.0.22

Type 'help;' or 'h' for help. Type 'c' to clear the buffer.

mysql>
mysql> grant all on *.* to root@localhost Identified by "password";
mysql> create database userdb;
Query OK, 1 row affected (0.02 sec)

mysql> use userdb;
Database changed
mysql> CREATE TABLE users (username varchar (20) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (username));
Query OK, 0 rows affected (0.00 sec)

mysql> INSERT INTO users (username, password) VALUES ('test3', ENCRYPT('test3'));

Now edit vsftpd.conf

[root@fileserver ~]# vi /etc/vsftpd/vsftpd.conf

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
nopriv_user=vsftpd
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
local_root=/var/$USER
chroot_local_user=YES
hide_ids=YES
guest_username=vsftpd
listen=YES
pam_service_name=vsftpd
userlist_enable=YES

Now edit /etc/pam.d/vsftpd

auth required pam_mysql.so user=root passwd=password host=localhost db=userdb table=users
usercolumn=username passwdcolumn=password crypt=1
account required pam_mysql.so user=root passwd=password host=localhost db=userdb table=users
usercolumn=username passwdcolumn=password crypt=1

Note
----
0 = No encryption. Passwords in database in plaintext. NOT recommended!
1 = Use crypt
2 = Use MySQL PASSWORD() function

remove everything else from the file

[root@fileserver ~]# useradd --home /home/vsftpd -m --shell /bin/false vsftpd
[root@fileserver ~]# /etc/init.d/vsftpd restart
Shutting down vsftpd:                                      [FAILED]
Starting vsftpd for vsftpd:                                [ OK ]

[root@fileserver ~]# mkdir /var/test3
[root@fileserver ~]# chown vsftpd:vsftpd /var/test3/

[root@fileserver ~]# ftp localhost
Connected to fileserver.isb.ots.com.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): test3
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
ftp>
ftp> ls
227 Entering Passive Mode (127,0,0,1,143,249)
150 Here comes the directory listing.
226 Directory send OK.
ftp> 221 Goodbye.

Comments about this article

Comment title: * please do not put your response text here