Results 1 to 9 of 9

Thread: VSFTPD and virtual users

  1. #1
    Join Date
    Mar 2009
    Location
    Netherlands
    Posts
    53

    Question VSFTPD and virtual users

    Hello

    I would like to set up a FTP server using vsftpd

    The documentation states examples of how to setup virtual users authenticated with pam

    However, in Leap 42.2, there is no pam_userdb.so module installed which is used in the example.
    Other websites also state/use the pam_userdb.so module.

    Does anyone have a tutorial or explanation/link? how to set up vsftpd with virtual users in Leap 42.2

    Or is it possible to install the pam_userdb.so module?
    But to get it from where; how to install?
    I tried the with Yast and looked on the opensuse site for pam packages - but it is not there.
    Kind regards,
    Zebulon

  2. #2
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    25,133

    Smile Re: VSFTPD and virtual users

    Quote Originally Posted by Zebulon888 View Post
    I tried the with Yast ...
    I assume YaST > Software > Software Manager and then the Search.

    Did you check the RMP "Provides" box when searching. Because it seems that you are looking for a file and thus needs the package that provides it. And that package may have another name.
    Henk van Velden

  3. #3
    Join Date
    Mar 2009
    Location
    Netherlands
    Posts
    53

    Question Re: VSFTPD and virtual users

    Quote Originally Posted by hcvv View Post
    I assume YaST > Software > Software Manager and then the Search.

    Did you check the RMP "Provides" box when searching. Because it seems that you are looking for a file and thus needs the package that provides it. And that package may have another name.
    Hello Henk

    Yes - I have tried that. There is no such pam module. Also not in RPM Provides or File List

    Actually the vsftpd example documentation coming with Leap does not contain useful information in respect to virtual users.
    Kind regards,
    Zebulon

  4. #4
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    25,133

    Default Re: VSFTPD and virtual users

    OK, that is a miss then.
    I asked because on my 31.1 system pam_userdb.so is part of the pam package.

    So, either this is depricated or this is organised in a different way. Beyond my expertise.
    Henk van Velden

  5. #5
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,273
    Blog Entries
    2

    Default Re: VSFTPD and virtual users

    Pls describe your objective more clearly (eg You wish to set up vsftpd with its own ftp users, not the same as system Users)
    and
    Which documentation you're using. If you are using something online, provide the URL. If it's part of the offline documentation installed on your machine, provide the path and file name.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  6. #6

    Default AW: VSFTPD and virtual users

    https://bugzilla.opensuse.org/show_bug.cgi?id=929711

    But yes, pam_userdb was broken by design and insecure.
    Indeed, just run "strings" over the respective DB and you will get the usernames/passwords in the clear, not good.

    So I did face the same problem and decided to find something better which is still easy to use and not overkill for a handful of users (so SQL data base backends are right out).

    I would recommend using "pam_pwdfile" as backend

    http://howto.gumph.org/content/setup...ies-in-vsftpd/

    There is a package in OBS called "pam_pwdfile"

    https://software.opensuse.org/packag...rm=pam_pwdfile

    which works well on my 42.1 here.

    AK

    P.S.

    I would also use "mkpasswd" for creating hashed password entries as it will offer you SHA256/SHA512 instead of crappy DES/MD5 provided by "htpasswd" or "openssl passwd".

  7. #7
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,273
    Blog Entries
    2

    Default Re: VSFTPD and virtual users

    Agree with @Akoellh above as a good "small business" setup for relatively few Users.

    The currently available options are probably outlined in the vsftpd Arch Wiki
    https://wiki.archlinux.org/index.php..._virtual_users

    I also skimmed various published blogs how to set up using pam_mysql for those who have more Users and might need the performance of a relational database and IMO I see that as a likely viable option, too. Although blogs are generally for other distros, once you have the required packages installed on openSUSE, it looks like setting up vsftpd and mysql hasn't changed in over 6 years (posts going back as far as 2010 are likely still useful). I'd imagine if someone didn't want to set up mariadb/mysql, sqlite should be a viable substitute as always (I found only one post describing that).

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  8. #8
    Join Date
    Mar 2009
    Location
    Netherlands
    Posts
    53

    Default Re: VSFTPD and virtual users

    Thank you all who did reply!

    I do not want to have system users indeed, because the logins might frequently change or user(s) be added or removed again.

    I wasn't aware of the ArchLinux tutorial and I will give it a try and report back.

    B.t.w.: I saw some sites citing the pam_mysql as well, but also this module is not available in Leap 42.2.
    Kind regards,
    Zebulon

  9. #9
    Join Date
    Mar 2009
    Location
    Netherlands
    Posts
    53

    Thumbs up Re: VSFTPD and virtual users

    Ok

    The ArchLinux guide was clear enough to make it work.

    Thanks!
    Kind regards,
    Zebulon

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •