Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Help ProFtpd config
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
_SkeLeToN_
Guru
Guru


Joined: 12 Sep 2002
Posts: 506
Location: Montreal,Canada

PostPosted: Tue Oct 08, 2002 6:04 pm    Post subject: Help ProFtpd config Reply with quote

Ok guys I made some search over the gentoo forum and google but I still have a hard time to understand the $#%#$%# config file.

The exemple I have and found is always with anonymous login. I DON'T WANT ANONYMOUS. I just want a specific user to log into my serv with a valid password.

Now I have set proftpd as inedt. Now one question why they set user and group to ftp or nobody ??? I suppose this is when you run it as standalone right ?

Also I want my user to log into /home/ftp and they can go back (chroot).

inside the /home/ftp i will have upload and stuff where stuff you can only read.

This is what I have for my conf file right now
Code:

ServerName                      "SkeL's ftp"
ServerType                      inetd
DefaultServer                   on

# Port 21 is the standard FTP port.
Port                                  21
TimeoutLogin                     120
TimeoutIdle                       900
TimeoutNoTransfer             900
TimeoutStalled                   3600

DeferWelcome                    off
UseReverseDNS                  ofF
ScoreboardPath                  /var/run/proftpd
TransferLog                     /var/spool/syslog/proftpd/xferlog.legacy
LogFormat                       default "%h %l %u %t \"%r\" %s %b"
LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"
LogFormat                       write   "%h %l %u %t \"%r\" %s %b"
Umask                           022
MaxInstances                    30
# Set the user and group that the server normally runs at.
User                            ftp  DO I NEED THAT ?????
Group                           ftp
<Global>
        DisplayLogin               welcome.msg
        DisplayFirstChdir          readme
        #
        # having to delete before uploading is a pain ;)
        #
        AllowOverwrite             yes
        #
        # Turn off Ident lookups
        #
        IdentLookups         off
        #
        # Logging
        #
        # file/dir access
        #
        ExtendedLog             /var/spool/syslog/proftpd/access.log WRITE,READ write
        #
        #
        # Record all logins
        #
        ExtendedLog             /var/spool/syslog/proftpd/auth.log AUTH auth

</Global>


Its after that when you set for the home base and perm I'm confuse .... do I need to use anonymous or another rule for a specific user.

Damn why they make the config file so complicated.
Back to top
View user's profile Send private message
Xinos
n00b
n00b


Joined: 16 Sep 2002
Posts: 42
Location: Birmingham, Alabama

PostPosted: Wed Oct 09, 2002 5:52 am    Post subject: Some ideas Reply with quote

You might try looking at Pam to see if it is setup correctly

http://proftpd.linux.co.uk/localsite/Userguide/linked/x706.html

You might also try this website it shows some example setup and configs and I think this might help you. I am running proftpd also but I have just been using anonymous let me know if you get it. I would like to see your config file. Let me know how it goes good luck.
_________________
~ Always ask questions!

K. Allan Wilson
Back to top
View user's profile Send private message
Xinos
n00b
n00b


Joined: 16 Sep 2002
Posts: 42
Location: Birmingham, Alabama

PostPosted: Wed Oct 09, 2002 5:55 am    Post subject: i forgot the website Reply with quote

Here is the website sorry i forgot it:

http://www.ibiblio.org/pub/packages/solaris/sparc/html/proftpd.1.2.0.p10.html

Okay maybe that is it this time.
_________________
~ Always ask questions!

K. Allan Wilson
Back to top
View user's profile Send private message
fmalabre
Guru
Guru


Joined: 19 Jun 2002
Posts: 376
Location: Chicago

PostPosted: Wed Oct 09, 2002 2:18 pm    Post subject: Reply with quote

Well, I read the doc, and I have the same issue with ProFtp. I will give it another try and let you know...
Back to top
View user's profile Send private message
-- Thor --
n00b
n00b


Joined: 31 Aug 2002
Posts: 49

PostPosted: Wed Oct 09, 2002 2:43 pm    Post subject: Reply with quote

Here's a portion of my proftd.conf file. What this portion does is 1) sets up the chroot environment, and 2) shows you how to set up an anonymous ftp server. However if you don't want an anonymous server *keep* the user 'ftp' in /etc/ftpusers. If you do keep the user 'ftp' in /etc/ftpusers then they can't log in anonymously.

Code:

# Normally, we want files to be overwriteable.
<Directory /*>
  AllowOverwrite                on
</Directory>

<VirtualHost xxx.xxx.xxx.xxx>
<Directory /*>
  AllowOverwrite        on
</Directory>
ServerName "My Virtual FTP Server"
ServerIdent     off

DisplayConnect /etc/welcome.msg

#Jail them bastages
DefaultRoot ~

</VirtualHost>

# A basic anonymous FTP server configuration.
# To enable this, remove the user ftp from /etc/ftpusers.
<Anonymous ~ftp>
  RequireValidShell             off
  User                          ftp
  Group                         ftp
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias                     anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients                    50

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin                  /etc/welcome.msg
  DisplayFirstChdir             .message

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>

  # An upload directory that allows storing files but not retrieving
  # or creating directories.
#  <Directory incoming/*>
#    <Limit READ>
#      DenyAll
#    </Limit>
#
#    <Limit STOR>
#      AllowAll
#    </Limit>
#  </Directory>

</Anonymous>


I hope that helps you in configuring your server.
Back to top
View user's profile Send private message
_SkeLeToN_
Guru
Guru


Joined: 12 Sep 2002
Posts: 506
Location: Montreal,Canada

PostPosted: Wed Oct 09, 2002 6:36 pm    Post subject: Reply with quote

Ok I follow the link you put and with the snapshot of Thor config file I tried to configure my ftp here some problem I encounter.
Quote:

ServerName "SkeL's ftp"
ServerType inetd
DefaultServer on

Port 21
TimeoutLogin 120
TimeoutIdle 900
TimeoutNoTransfer 900
TimeoutStalled 3600

DeferWelcome off
UseReverseDNS ofF
ScoreboardPath /var/run/proftpd
TransferLog /var/spool/syslog/proftpd/xferlog.legacy
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
Umask 022
MaxInstances 30

<Global>
#
# having to delete before uploading is a pain ;)
#
AllowOverwrite yes
#
# Turn off Ident lookups
#
IdentLookups off
#
# Logging
#
# file/dir access
#
ExtendedLog /var/spool/syslog/proftpd/access.log WRITE,READ write
#
#
# Record all logins
#
ExtendedLog /var/spool/syslog/proftpd/auth.log AUTH auth

</Global>
<Limit WRITE>
DenyAll
</Limit>

# A basic anonymous configuration, no upload directories.
<Anonymous /home/ftp>
User ftp
Group ftp
UserAlias skeleton ftp
MaxClients 5
DisplayLogin /etc/welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>

<Directory upload/*>
<Limit READ>
AllowAll
</Limit>

<Limit STOR>
AllowAll
</Limit>
</Directory>

</Anonymous>


Now When I log it says :
Quote:

ProFTPD 1.2.6 Server (SkeL's ftp) [Zeus.homelinux.com]
Logging in...
Password requested by 127.0.0.1 for user "skeleton".

Anonymous login ok, send your complete email address as your password.

Password: *******
Login incorrect.


1) I DO NOT want this to be shown on the screen : Anonymous login ok, send your complete email address as your password.

2) When I put the alias skeleton ftp so that means when I log as skeleton it will be the user ftp that will log... its only an aliases. Now the password I enter is the password of ftp right ? I try skeleton pass: (pass of user ftp). I also try as the ftp user itself wont even let me type the password. I know the password is good because I can make a session with ftp and the password is valid.

3) The /etc/ftpusers do not exist on my systeme so I create the file and put the ftp inside and save but still can log into.

sorry for the long post but I want to be sure to give all the info you need to help me out.

Thx
Back to top
View user's profile Send private message
perra
n00b
n00b


Joined: 10 Jun 2002
Posts: 20
Location: Canberra, Australia

PostPosted: Wed Oct 09, 2002 8:42 pm    Post subject: Reply with quote

In one of the sample configs at the ProFTPD site (http://www.proftpd.org/docs/anonymous.conf) there is a directive called "AnonRequirePassword on" which may do the job.

See http://www.proftpd.org/docs/directives/linked/config_ref_AnonRequirePassword.html.

HTH
Back to top
View user's profile Send private message
_SkeLeToN_
Guru
Guru


Joined: 12 Sep 2002
Posts: 506
Location: Montreal,Canada

PostPosted: Wed Oct 09, 2002 9:14 pm    Post subject: Reply with quote

even if put this i still get a bad password ... I dont understand.
Back to top
View user's profile Send private message
Messiah
Tux's lil' helper
Tux's lil' helper


Joined: 30 Apr 2002
Posts: 139

PostPosted: Wed Oct 09, 2002 9:52 pm    Post subject: Reply with quote

If you do not want to have anonymous ftp, why do you have this in your config?

Code:

# A basic anonymous configuration, no upload directories.
<Anonymous /home/ftp>
User ftp
Group ftp
UserAlias skeleton ftp
MaxClients 5
DisplayLogin /etc/welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>

<Directory upload/*>
<Limit READ>
AllowAll
</Limit>

<Limit STOR>
AllowAll
</Limit>
</Directory>

</Anonymous>
Back to top
View user's profile Send private message
_SkeLeToN_
Guru
Guru


Joined: 12 Sep 2002
Posts: 506
Location: Montreal,Canada

PostPosted: Wed Oct 09, 2002 10:21 pm    Post subject: Reply with quote

I asked that question on my first post and no one answer me. Also I dunno which directive is for specific user instead of anonymous.

I know you can ftp on your account but I want a ftp with a specific user that will log into /home/ftp.

Damn this proftpd is real pain in the ass to configure .... is there other package that will do ??? ( and still secure )
Back to top
View user's profile Send private message
perra
n00b
n00b


Joined: 10 Jun 2002
Posts: 20
Location: Canberra, Australia

PostPosted: Thu Oct 10, 2002 7:12 am    Post subject: Reply with quote

Hmm... Have user ftp a valid shell in /etc/passwd? If it's nothing, /bin/false or something similar you may want to use the "RequireValidShell off" directive.

http://www.proftpd.org/docs/directives/linked/config_ref_RequireValidShell.html

HTH
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum