[proftp] No conecta como anonymous (resuelto)

Message

pcmaster · Post by **pcmaster** » Fri Apr 07, 2006 10:18 am

Hola,

He instalado proftpd en mi sistema, pero aunqeu consigo conectar como usuario, como anónimo no. El usuario ftp existe y tiene su directorio en /home/ftp, y el archivo /etc/proftpd/proftpd.conf contiene lo mismo que /etc/proftpd/proftpd.conf.distrib, quitando el 3 a la línea que pone DefaultRoot ~

Aquí está el archivo completo:

Code: Select all

AthlonXP proftpd # cat proftpd.conf
# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName			"ProFTPD Default Installation"
ServerType			standalone
DefaultServer			on

# Port 21 is the standard FTP port.
Port				21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask				022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances			30

# Set the user and group under which the server will run.
User				nobody
Group				nogroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite		on

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
  DenyAll
</Limit>

# A basic anonymous configuration, no upload directories.  If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
  User				ftp
  Group				ftp

  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias			anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients			10

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin			welcome.msg
  DisplayFirstChdir		.message

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>
</Anonymous>

El mensaje que sale es de "login incorrect":

Code: Select all


$ ftp 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1).
220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [127.0.0.1]
Name (127.0.0.1:pcmaster): ftp
500 AUTH not understood
SSL not available
331 Anonymous login ok, send your complete email address as your password.
Password:
530 Login incorrect.
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> exit
221 Goodbye.
$

esteban_conde · Post by **esteban_conde** » Fri Apr 07, 2006 4:03 pm

Using binary mode to transfer files.
ftp> exit
221 Goodbye.
$

basandome en lo que pone en la primera linea ya estas conectado, prueba un ls en vez de exit.

pcmaster · Post by **pcmaster** » Fri Apr 07, 2006 8:20 pm

Code: Select all

ftp> ls -l
530 Please login with USER and PASS
ftp: bind: Address already in use
ftp>

Además, fíjate en el mensaje:

530 login incorrect.

esteban_conde · Post by **esteban_conde** » Sat Apr 08, 2006 10:11 am

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~

Pues el como hacer que el usuario anonimo se conecte exactamente no se pero el por que no lo hace es facil tienes como defaultroot el home de cada user ¿contra que directorio debe loguearse nobody?.

g0su · Post by **g0su** » Sat Apr 08, 2006 11:56 am

Cambia el DefaultRoot ~ por DefaultRoot /midirectorio/ftp
Cambia el <Anonymous ~ftp> por <Anonymous /midirectorio/ftp>

Y añade esto dentro del anonymous:

<Directory /ftp/anonimo>
Umask 077
AllowOverwrite off

<Limit READ>
AllowAll
</Limit>
<Limit STOR WRITE>
DenyAll
</Limit>
</Directory>

Por si te sirve de ayuda, yo lo tengo algo chapucilla pero vamos:

Particiones:
/dev/sda6 195G 6,6G 179G 4% /ftp
/dev/sdb3 253G 129M 240G 1% /ftp/series

Permisos:
drwxrwxr-x 11 root proftpd 4096 abr 8 13:28 ftp
drwxrwxr-x 2 root proftpd 4096 abr 8 13:33 anonimo
drwxrwx--- 3 root proftpd 4096 abr 2 00:53 juegos
drwxrwx--- 2 root root 16384 mar 29 22:49 lost+found
drwxrwx--- 2 root proftpd 4096 mar 30 22:47 macox
drwxrwx--- 2 root proftpd 4096 abr 3 12:51 musica
drwxrwx--- 2 root proftpd 4096 abr 2 01:04 peliculas
drwxrwx--- 3 root proftpd 4096 mar 29 2005 series
drwxrwx--- 2 root proftpd 4096 mar 30 22:47 subir
drwxrwx--- 2 root proftpd 4096 mar 30 22:47 win

Grupos:
proftpd

407:miusurio1,miusuraio2

Usuario:
miusuario1

1001

:/ftp:/bin/false

Proftpd:

Code: Select all

ServerName                      "FTP Server"
ServerType                      standalone
DeferWelcome                    off
ServerIdent                     on "Windows.Net FTP-Server"

DefaultServer                   on
ShowSymlinks                    off
AllowOverwrite                  off

AllowRetrieveRestart            yes
AllowStoreRestart               yes

DirFakeGroup                    on
DirFakeUser                     on ftp
DirFakeMode                     0777

TimeoutNoTransfer               600
TimeoutStalled                  100
TimeoutIdle                     200

DenyFilter                      \*.*/

Port                            21

MaxInstances                    6

AccessGrantMsg                  "-= Bienvenido %u, tu acceso ha sido realizado correctamente =-"
AccessDenyMsg                   "Estas intentando acceder a un servidor privado, tu conexion ha sido logueada, marchese inmediatamente"

LogFormat       default "%h %l %u %t \"%r\" %s %b"
LogFormat       auth    "%v [%P] %h %t \"%r\" %s"
LogFormat       write   "%h %l %u %t \"%r\" %s %b"
TransferLog     /var/log/proftpd/transfer
ExtendedLog     /var/log/proftpd/proftpd.down_up_log WRITE,READ write
ExtendedLog     /var/log/proftpd/proftpd.auth_log      AUTH auth
ExtendedLog     /var/log/proftpd/proftpd.paranoid_log  ALL default

User                            asuka
Group                           proftpd

DefaultRoot ~

MaxClients                   6 "Perdona, max %m usuarios -- Prueba despues"
MaxClientsPerHost            2 "Solo 2 conexiones por HOST"
MaxClientsPerUser            2 "Solo 2 conexiones por usuario"

RequireValidShell            off


<Directory /ftp>
  Umask                         077
  AllowOverwrite                off

  <Limit READ>
        AllowAll
  </Limit>
</Directory>

<Directory /ftp/subir>
   Umask                         077
   AllowOverwrite                on

   <Limit READ WRITE>
          AllowAll
   </Limit>

   <Limit STOR>
          AllowAll
   </Limit>
</Directory>

<Anonymous /ftp/anonimo>
        AccessGrantMsg          "-= Bienvenido al FTP anonimo =-"
   	User                     ftp
        Group                    nogroup
	
        UserAlias                anonymous ftp
        
	RequireValidShell        off
	
        MaxClients               5
   	MaxClientsPerHost        1
   	MaxClientsPerUser        1
	
	<Directory /ftp/anonimo>
 		 Umask                         077
 		 AllowOverwrite                off

 		 <Limit READ>
     			   AllowAll
  		</Limit>
		<Limit STOR WRITE>
            		 DenyAll
        	</Limit>
	</Directory>

</Anonymous>

DarkTemplar linux # /etc/init.d/proftpd restart
* Stopping proftpd ... [ ok ]
* Starting proftpd ... [ ok ]
DarkTemplar linux #

USUARIO CORRECTO

Code: Select all

miusuario@DarkTemplar ~ $ ftp XXX.XXX.XXX.XXX
Connected to XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX).
220 Windows.Net FTP-Server
Name (XXX.XXX.XXX.XXX:miusuario): miusuario1
500 AUTH not understood
SSL not available
331 Password required for miusuario1.
Password:
230 -= Bienvenido asuka, tu acceso ha sido realizado correctamente =-
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful
150 Opening ASCII mode data connection for file list
drwxrwxrwx   2 ftp      ftp          4096 Apr  8 11:33 anonimo
drwxrwxrwx   3 ftp      ftp          4096 Apr  1 22:53 juegos
drwxrwxrwx   2 ftp      ftp         16384 Mar 29 20:49 lost+found
drwxrwxrwx   2 ftp      ftp          4096 Mar 30 20:47 macox
drwxrwxrwx   2 ftp      ftp          4096 Apr  3 10:51 musica
drwxrwxrwx   2 ftp      ftp          4096 Apr  1 23:04 peliculas
drwxrwxrwx   3 ftp      ftp          4096 Mar 29  2005 series
drwxrwxrwx   2 ftp      ftp          4096 Mar 30 20:47 subir
drwxrwxrwx   2 ftp      ftp          4096 Mar 30 20:47 win
226 Transfer complete.
ftp>

USUARIO INCORRECTO:

Code: Select all

miusuario@DarkTemplar ~ $ ftp XXX.XXX.XXX.XXX
Connected to XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX).
220 Windows.Net FTP-Server
Name (XXX.XXX.XXX.XXX:miusuario): pepito
500 AUTH not understood
SSL not available
331 Password required for pepito.
Password:
530 Estas intentando acceder a un servidor privado, tu conexion ha sido logueada, marchese inmediatamente
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

ANONIMO:

Code: Select all

miusuario@DarkTemplar ~ $ ftp XXX.XXX.XXX.XXX
Connected to XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX).
220 Windows.Net FTP-Server
Name (XXX.XXX.XXX.XXX:miusuario): anonymous
500 AUTH not understood
SSL not available
331 Anonymous login ok, send your complete email address as your password.
Password:
230 -= Bienvenido al FTP anonimo =-
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful
150 Opening ASCII mode data connection for file list
-rwxrwxrwx   1 ftp      ftp             0 Apr  8 11:56 ftp_solo_lectura
226 Transfer complete.
ftp>

pcmaster · Post by **pcmaster** » Sat Apr 08, 2006 12:20 pm

Gracias, al final lo he conseguido, faltaba la configuración del directorio del usuario anonymous en /etc/proftpd/proftpd.conf. también he cambiado alguna otra cosilla, coimo asegurarme de que los grupos ftp y proftpd estuvieran uno dentro de otro, y el usuario anonumous en el grupo ftp en /etc/group.