VSFTPd and its pam service:
Make sure `pam_pwdfile` is installed in your system. Debian provides a `libpam-pwdfile` package for that./etc/vsftpd.conf
# YES/NO depends on if you'r runing inetd
listen=YES
anonymous_enable=NO
local_enable=YES
guest_enable=YES
pam_service_name=vsftpd
user_config_dir=/etc/vsftpd/users
write_enable=YES
virtual_use_local_privs=YES
allow_writeable_chroot=YES
chroot_local_user=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
secure_chroot_dir=/var/run/vsftpd
VSFTPd will auth users using PAM called vsftpd.
Configuration for it is in /etc/pam.d/vsftpd:
auth required pam_pwdfile.so debug pwdfile=/etc/vsftpd/passwd
account required pam_permit.so
This PAM itself uses /etc/vsftpd/passwd file for storing users/passwords.
It is said that `htpasswd` utility can be used to manage passwords. But it's not well known that it requires some help from openssl:
touch /etc/vsftpd/passwd && htpasswd -p -b /etc/vsftpd/passwd USERNAME $(openssl passwd -1 -noverify PASSWORD)
Do not forget to supply a per-user configuration files located in /etc/vsftpd/users:
I.e. /etc/vsftpd/users/USERNAME
local_root=/var/www
guest_username=www-data