VSFTPd and its pam service:

Make sure `pam_pwdfile` is installed in your system. Debian provides a `libpam-pwdfile` package for that.

# YES/NO depends on if you'r runing inetd listen=YES anonymous_enable=NO local_enable=YES guest_enable=YES pam_service_name=vsftpd user_config_dir=/etc/vsftpd/users write_enable=YES virtual_use_local_privs=YES allow_writeable_chroot=YES chroot_local_user=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES secure_chroot_dir=/var/run/vsftpd

VSFTPd will auth users using PAM called vsftpd.
Configuration for it is in /etc/pam.d/vsftpd:

auth required pam_pwdfile.so debug pwdfile=/etc/vsftpd/passwd account required pam_permit.so

This PAM itself uses /etc/vsftpd/passwd file for storing users/passwords.
It is said that `htpasswd` utility can be used to manage passwords. But it's not well known that it requires some help from openssl:

touch /etc/vsftpd/passwd && htpasswd -p -b /etc/vsftpd/passwd USERNAME $(openssl passwd -1 -noverify PASSWORD)

Do not forget to supply a per-user configuration files located in /etc/vsftpd/users:
I.e. /etc/vsftpd/users/USERNAME
local_root=/var/www guest_username=www-data