SmbFTPD

Introduction

Document

Download

SmbFTPD Handbook

Chapter 4 Virtual User

Table of Contents

4.1 MySQL Virtual User

4.2 PostgreSQL Virtual User

4.3 Text File Virtual User

4.1 MySQL Virtual User

If you would like to use MySQL to do virtual user authentication, please add these in smbftpd.conf:

VirtualUserMapping	ftp
VirtualUserAuthMethod	mysql
VirtualUserAuthConfig	/usr/local/etc/smbftpd/smbftpd_mysql.conf

Then edit the  /usr/local/etc/smbftpd/smbftpd_mysql.conf to set the MySQL server IP, database, username, and password.

Then create a table name user_table in the MySQL database:

CREATE TABLE user_table(
	name varchar(64),
	password varchar(256),
	group_name varchar(64),
	home varchar(256)
);

Then you can insert user into the table to start using MySQL virtual user.

Please note the password can store the following password encoding: "plaintext" and "crypt". The plaintext means non-encrypted password. Just store the password as it is with performing any encryption. The "crypt" means to use the crypt() function in PHP or C to encrypt the password. The crypt function can encrypt password into MD5, SHA256, SHA512, etc.

Here is an example using PHP to generate SHA512 encrypted password:

$salt = "$6$".time().rand()."smbftpd";
$encrypted_pass = crypt($user_input_password, $salt);

User inputed the plain text password $user_input_password, we encrypt it into $encrypted_pass. You can then insert the $encrypted_pass into database password field.

4.2 PostgreSQL Virtual User

If you would like to use PostgreSQL to do virtual user authentication, please add these in smbftpd.conf:

VirtualUserMapping	ftp
VirtualUserAuthMethod	pgsql
VirtualUserAuthConfig	/usr/local/etc/smbftpd/smbftpd_pgsql.conf

Then edit the  /usr/local/etc/smbftpd/smbftpd_pgsql.conf to set the PostgreSQL server IP, database, username, and password.

Then create a table name user_table in the PostgreSQL database:

CREATE TABLE user_table(
	name varchar(64),
	password varchar(256),
	group_name varchar(64),
	home varchar(256)
);

Then you can insert user into the table to start using PostgreSQL virtual user.

Please note the password can store the following password encoding: "plaintext" and "crypt". The plaintext means non-encrypted password. Just store the password as it is with performing any encryption. The "crypt" means to use the crypt() function in PHP or C to encrypt the password. The crypt function can encrypt password into MD5, SHA256, SHA512, etc.

Here is an example using PHP to generate SHA512 encrypted password:

$salt = "$6$".time().rand()."smbftpd";
$encrypted_pass = crypt($user_input_password, $salt);

User inputed the plain text password $user_input_password, we encrypt it into $encrypted_pass. You can then insert the $encrypted_pass into database password field.

4.3 Text File Virtual User

If you would like to use text file to store the virtual user data, please add the following lines in the smbftpd.conf:

VirtualUserMapping	ftp
VirtualUserAuthMethod	text
VirtualUserAuthConfig	/usr/local/etc/smbftpd/smbftpd_user.conf

Then user the command "smbftpd-user" to add user:

# ./smbftpd-user -h

Usage: ./smbftpd-user -[aedt] user [-t type]

options:
	-s file 	Set the path of smbftpd.conf
	-a user 	Add a smbftpd virtual user into text file
	-e user 	Edit a smbftpd virtual user into text file
	-d user 	Delete a smbftpd virtual user into text file
	-g user 	Get the status of user.
			The user can be real user or mysql/pgsql/text virtual
			user. We will print the available share and permission
			of the user.
	-h		Print this help message

You can use -a option to add user. For example:

# ./smbftpd-user -a alex
Group name: users
Home: /noexist
Enter password: 
Enter password again: 
User [alex] is add.

After adding the user, you can see the user appears in /usr/local/etc/smbftpd/smbftpd_user.conf. To delete user, you can just edit the file and remove the line or use smbftpd-user -d user to delete the user.

The smbftpd-user allow you to see user's permission of other authentication method. For example, you can see the permission of real user, too:

# ./smbftpd-user -g alex

Authentication Method: text

Login : alex
Real user : ftp
Home : /noexist
Anonymous : No
Download bandwidth : 100 KB/s
Upload bandwidth : 2000 KB/s
Mode : smb
Available shares :
	[public]
		Path : /volume1/home/alex
		Writeable : Yes
		Browseable : Yes
		List files : No
		Download : Yes
		Modify data : No
	[music]
		Path : /volume1/synosrc
		Writeable : No
		Browseable : Yes
		List files : Yes
		Download : Yes
		Modify data : Yes