PDA

View Full Version : ProFTPD



Ant
28th October 2001, 14:00
Anyone using ProFTPD? I have it installed under Mandrake 8.1 but cannot get normal users to log in, I can setup anonymous access just fine. Any attempted login by a normal user results in 530: Login incorrect.

Wombat
28th October 2001, 17:38
It's probably PAM being too restrictive about who can get on how.

Follow this: http://www.geocrawler.com/archives/3/524/2000/10/0/4580670/

Ant
29th October 2001, 11:45
Tried that, still can't get in :(

Wombat
29th October 2001, 12:06
Did you restart your inet daemons? I'm pretty sure PAM keeps its old behavior until you restart it.

Ant
29th October 2001, 12:24
I thought I had I'll try again...

Ant
29th October 2001, 12:32
I've restarted them, even completely rebooted the system and the damn thing still won't let me in, I'm going back to Windoze... :(

Ant
29th October 2001, 13:53
I removed ProFTPD and installed Pure-FTP and it works perfectly.

Colin Morey
31st October 2001, 15:02
um, proftpd is a bit of a stickler for correct logins,

if you want a basic config which allows everyone a shared root, just give me a shout.

C

druid1
31st October 2001, 15:33
When i tried it under Mandrake 8.1, the Xinet.d scripts seemed to be screwed. IWhen i stopped it, and edited the config to run as a daemon, then ran it just launching the proftpd command it worked fine after that. Could be an issue with xinetd if you are using it (still haven't figured out what is wrong with tho :( ).

Druid1

Colin Morey
31st October 2001, 15:41
I would advise not using inetd, (or any derivatives) I've found standalone to be much easier to debug, and more recommended from a security point of view.

C

Ant
1st November 2001, 00:27
Colin I would appreciate a working config to try, I'd still prefer to get to the bottom of it rather than just sidestep the issue :)

Colin Morey
1st November 2001, 03:20
o.k., np, first thing to check though, is that all users have vaild logins, (ie can you ssh or telnet in without errors).

I'll post the config to you later, right now its time to talk to dabs about getting my dvd drive swapped out.

Colin

Colin Morey
2nd November 2001, 16:10
o.k. ant, here's the config, (sorry for the long post,)


# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName "Private ftp, bugger off."
ServerType standalone
DefaultServer on
ServerIdent Off

# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 10

# Set the user and group that the server normally runs at.
User nobody
Group nobody

# To allow FXP we can set this
AllowForeignAddress on
#log to proftpd.log
ExtendedLog /var/log/proftpd all

# Normally, we want files to be overwriteable.
<Directory /data/ftpd/*>
AllowOverwrite on
<Limit WRITE>
Deny All
</Limit>
</Directory>
<Directory /home/*>
AllowOverwrite on
<Limit WRITE>
Allow All
</Limit>
</Directory>
DefaultRoot /data/ftpd/ ftp,!ant



things to note, this config is about 1 step up from basic, and it has a little more logging which you may want to trim down if you're running a busy server.

if you want more help, just say what you want your users to do,.. think of it as my way of giving back to you for the many years hard work you've put into this site :D

Colin