LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 01-10-2008, 07:52 AM   #1
freddo
LQ Newbie
 
Registered: Oct 2006
Posts: 10

Rep: Reputation: 0
Proftpd with Mysql authentication on ubuntu server


Hi to everybody!

I want to create an ftp server with mysql authentication because I want use
only virtual users (the server's users don't have to be system's users).
I've tried some ftp server like vsftpd,pure-ftp without results.
Now I've installed proftd, with mysql support, on my machine. After that I've create a new mysql database (known as proftpd) with only one table (known as users).

The structure of this table is UserId,Passwd,UID,GID,homedir,shell, it contains only this element:

utente1 'cypher password with md5' 501, 65534, /home/ftp/, /bin/false

My configuration file of proftpd (/etc/proftpd/proftpd.conf) is:

Code:
#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
# 

# Includes DSO modules
Include /etc/proftpd/modules.conf

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6                off

ServerName            "FreddoServer"
ServerType            standalone
#ServerType            inetd
DeferWelcome            off

MultilineRFC2228        on
DefaultServer            on
ShowSymlinks            on

TimeoutNoTransfer        600
TimeoutStalled            600
TimeoutIdle            1200

DisplayLogin                    welcome.msg
DisplayFirstChdir               .message
ListOptions                    "-l"

DenyFilter            \*.*/

# Use this to jail all users in their homes 
DefaultRoot            ~

# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell        off

# Port 21 is the standard FTP port.
Port                21

# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts                  49152 65534

# If your host was NATted, this option is useful in order to
# allow passive tranfers to work. You have to use your public
# address and opening the passive ports used on your firewall as well.
# MasqueradeAddress        1.2.3.4

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances            30

# Set the user and group that the server normally runs at.
User                proftpd
Group                nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask                022  022
# Normally, we want files to be overwriteable.
AllowOverwrite            on

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd        off

# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
#
# UseSendFile            off

# Choose a SQL backend among MySQL or PostgreSQL.
# Both modules are loaded in default configuration, so you have to specify the backend 
# or comment out the unused module in /etc/proftpd/modules.conf.
# Use 'mysql' or 'postgres' as possible values.
#
#<IfModule mod_sql.c>
# SQLBackend            mysql
#</IfModule>

TransferLog /var/log/proftpd/xferlog
SystemLog   /var/log/proftpd/proftpd.log

<IfModule mod_tls.c>
TLSEngine off
</IfModule>

<IfModule mod_quota.c>
QuotaEngine on
</IfModule>

<IfModule mod_ratio.c>
Ratios on
</IfModule>


# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default. 
<IfModule mod_delay.c>
DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine        on
ControlsMaxClients    2
ControlsLog           /var/log/proftpd/controls.log
ControlsInterval      5
ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>

# A basic anonymous configuration, no upload directories.

# <Anonymous ~ftp>
#   User                ftp
#   Group                nogroup
#   # We want clients to be able to login with "anonymous" as well as "ftp"
#   UserAlias            anonymous ftp
#   # Cosmetic changes, all files belongs to ftp user
#   DirFakeUser    on ftp
#   DirFakeGroup on ftp
# 
#   RequireValidShell        off
# 
#   # Limit the maximum number of anonymous logins
#   MaxClients            10
# 
#   # We want 'welcome.msg' displayed at login, and '.message' displayed
#   # in each newly chdired directory.
#   DisplayLogin            welcome.msg
#   DisplayFirstChdir        .message
# 
#   # Limit WRITE everywhere in the anonymous chroot
#   <Directory *>
#     <Limit WRITE>
#       DenyAll
#     </Limit>
#   </Directory>
# 
#   # Uncomment this if you're brave.
#   # <Directory incoming>
#   #   # Umask 022 is a good standard umask to prevent new files and dirs
#   #   # (second parm) from being group and world writable.
#   #   Umask                022  022
#   #            <Limit READ WRITE>
#   #            DenyAll
#   #            </Limit>
#   #            <Limit STOR>
#   #            AllowAll
#   #            </Limit>
#   # </Directory>
# 
# </Anonymous>

SQLAuthenticate     on
SQLUserInfo         proftpd userid passwd NULL NULL homedir shell
SQLAuthTypes        Crypt Backend Plaintext
SQLConnectInfo      proftpd@localhost:3306 proftpd ax901pb
#SQLUserWhereClause  "LoginAllowed = 'Y'"
SQLDefaultGID       106
SQLDefaultUID       65534
#SQLLog PASS updatelogin
#SQLNamedQuery updatelogin UPDATE "count=count+1 WHERE username='%u'" ftpusers

TransferLog /var/log/xfer/xferlog
DefaultRoot ~
# Normally, we want files to be overwriteable.
<Directory /*>
AllowOverwrite on
</Directory>

If I try to connect me with the server (in localhost or from an host in my LAN) I retrive this error:

Connected to freddoserv.
421 Service not available, remote server has closed connection


What am I wrong?

Thank you very much.
Greatings Freddo
 
Old 01-10-2008, 08:57 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,924

Rep: Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327
First you need
Code:
AuthOrder mod_sql.c
to define the authentication mode. Then try the following in proftpd.conf (replacing the existing ones)
Code:
SQLAuthenticate     users
SQLUserInfo           users userid passwd NULL NULL homedir shell
SQLConnectInfo     proftpd@localhost proftpd ax901pb
 
Old 01-10-2008, 05:03 PM   #3
freddo
LQ Newbie
 
Registered: Oct 2006
Posts: 10

Original Poster
Rep: Reputation: 0
I've just modified the file /etc/proftpd/proftpd.conf like you've suggested me:

(These are the only changes, the other parts are the same of before)

Code:
AuthOrder mod_sql.c
SQLAuthenticate     users
SQLUserInfo         users userid passwd uid gid homedir shell
#SQLAuthTypes        Crypt Backend Plaintext
SQLConnectInfo      proftpd@localhost proftpd ax901pb
#SQLUserWhereClause  "LoginAllowed = 'Y'"
#SQLDefaultGID       108
#SQLDefaultUID       65534
#SQLLog PASS updatelogin
#SQLNamedQuery updatelogin UPDATE "count=count+1 WHERE username='%u'" ftpusers

#TransferLog /var/log/xfer/xferlog
#DefaultRoot ~
# Normally, we want files to be overwriteable.
But I still retrive the same error:

Connected to freddoserv.
421 Service not available, remote server has closed connection


Why?

Thank you
 
Old 01-11-2008, 01:57 AM   #4
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,924

Rep: Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327Reputation: 1327
Take a look at your logs to see if you find what the problem is.
You can also take a look at this howto for hints on how to accomplish what you want.

Regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
FC4, proftpd + mysql authentication error prophoto Fedora 5 01-14-2007 08:25 AM
FTP Server and mySQL Authentication chriswible Linux - Networking 4 12-08-2006 09:36 AM
Proftpd and mysql authentication question Galam Linux - Networking 0 09-14-2005 10:31 AM
Proftpd & MySQL Authentication Help Needed CyonyC Linux - Newbie 3 06-23-2004 07:01 PM
ProFTPd & MySQL Authentication Help CyonyC Linux - Software 4 06-22-2004 03:37 PM


All times are GMT -5. The time now is 05:01 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration