LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   Slack 13.0 proftpd works only for anonymous (http://www.linuxquestions.org/questions/slackware-14/slack-13-0-proftpd-works-only-for-anonymous-850793/)

helcik 12-16-2010 11:41 PM

[solved] Slack 13.0 proftpd works only for anonymous
 
Fresh Slack 13.0 64bit with default proftpd installation allows to log-in the anononymous user only. All the shell users (having valid shell in /etc/passwd) are rejected. Anybody has an idea?

> proftdp -n -d5

dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
dispatching PRE_CMD command 'PASS (hidden)' to mod_core
dispatching PRE_CMD command 'PASS (hidden)' to mod_core
dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap
dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
dispatching CMD command 'PASS (hidden)' to mod_auth
USER test (Login failed): Incorrect password.

paulsm4 12-17-2010 01:05 AM

Check out this link:
http://www.proftpd.org/docs/howto/Authentication.html

And this link:
Quote:

http://www.proftpd.org/docs/faq/faq_full.html#AEN267

1. Why is PAM the default authentication system?

Security, pure and simple. PAM is the most secure (or securable) of the available authentication systems. Many of the issues and configuration hints for PAM are contained in README.PAM which is bundled with the server source and in the various packaged builds. To use /etc/passwd manual compilation will be required with the configure script being run with the --without-pam flag. Unless the PAM subsystem is properly configured authentication will fail.
Bottom line: Make sure mod_auth_unix is enabled.

'Hope that helps

volkerdi 12-17-2010 11:13 AM

Can someone run a poll about removing ProFTPD from Slackware? :)

It's been one security hole after another, all while the extremely high-quality vsftpd is right there, waiting to be used. And then there's stuff like this. Which "point release" introduced this breakage?

My suggestion: forget about mod_auth_unix with ProFTPD and use vsftpd instead.

willysr 12-17-2010 05:16 PM

It's now running on my SlackBlogs

I hope people will give their votes there :)

unSpawn 12-17-2010 07:53 PM

Quote:

Originally Posted by volkerdi (Post 4194907)
use vsftpd instead.

As the score right now is ProFTPd: 35 - VsFTPd: 8 that makes sense.

bathory 12-18-2010 03:07 AM

Quote:

Originally Posted by unSpawn (Post 4195390)
As the score right now is ProFTPd: 35 - VsFTPd: 8 that makes sense.

Why not pure-ftpd?
Score:
ProFTPd: 35 - VsFTPd: 8 - Pure-FTPd: 1

Regards

rg3 12-18-2010 07:00 AM

If possible, instead of simply removing ProFTPD and leave only vsftpd, I'd replace ProFTPD with Pure-FTPd. I've used it in the past. It's very easy to use, it lets you have virtual users without PAM and has a lot of good features. My 2 cents.

mRgOBLIN 12-18-2010 07:11 AM

I've been using pure-ftpd for several years too so I'm with rg3 on this one.

Petri Kaukasoina 12-18-2010 07:52 AM

Quote:

Originally Posted by unSpawn (Post 4195390)
As the score right now is ProFTPd: 35 - VsFTPd: 8 that makes sense.

Your keyword search for vsftpd gives 8 vulnerabilities. Some of them are problems not in vsftpd but in some third party utilities like webmin or blockhosts, some are RedHat specific. The real vsftpd problems are denial of service type and one (from 2004) allowed remote user verify valid usernames.

On the other hand, you found lots of severe ProFTPD vulnerabilities allowing remote attackers execute arbitrary code.

guanx 12-20-2010 10:57 AM

Quote:

Originally Posted by volkerdi (Post 4194907)
Can someone run a poll about removing ProFTPD from Slackware? :)

It's been one security hole after another, all while the extremely high-quality vsftpd is right there, waiting to be used. And then there's stuff like this. Which "point release" introduced this breakage?

My suggestion: forget about mod_auth_unix with ProFTPD and use vsftpd instead.

From functionality -- prefer proftpd over vsftpd
From security -- prefer sftp over ftp; prefer strict firewall over no firewall

So, no reason to replace proftpd with vsftpd now. (I run service only within organizations, not globally.)

sahko 12-20-2010 11:44 AM

Quote:

Originally Posted by bathory (Post 4195627)
Why not pure-ftpd?
Score:
ProFTPd: 35 - VsFTPd: 8 - Pure-FTPd: 1

Regards

Bftpd: 5 :)

MadMaverick9 12-22-2010 11:17 PM

To put this thread back on topic:

On my default 13.1 system I simply uncommented proftpd in "/etc/inetd.conf" and I was able to login as any shell user, except for "root", because "root" is listed in "/etc/ftpusers".

It seems that the user helcik is starting proftpd in a non-default way "> proftdp -n -d5"; I don't see a "root" prompt "#", so that may well be the cause of the problem.

tallship 12-31-2010 05:49 PM

Two sucky polls that don't accurately address the man's question...
 
Quote:

Originally Posted by mRgOBLIN (Post 4195763)
I've been using pure-ftpd for several years too so I'm with rg3 on this one.

Man, what a sucky poll!

That's not even what Patrick asked us to put up. Neither poll (Willy's being the other one) addresses Patrick's request in the spirit he asked it, IMO.

Pat asked if someone could put up a poll asking if vsftpd should be the daemon to replace proftpd.

Like @mRgOBLIN, @rg3, and @bathory, I like [and would actually prefer] pure-ftpd too [over that of vsftpd]. That having been said, I like proftpd as well, but that's just because of config related points.

If we're having issues with it - over and over and over again - then perhaps, as Patrick suggests, it's time for a change of guard.

I'm going to run whichever daemon best suits my needs at the time, because I'm a Slacker, and I have choices, but wrt the defaults upon install, vsftpd might as well be the new black (or is that the new blue or red?).

I would really have liked it if the two polls reflected Pat's question the way he posed it, instead of just asking - should we ditch proftpd?

That might lead some people to surmise that Slackware is removing an ftp server as part of a default install (at least one person thought so HERE).

As others have posted as well, I like sftp, although that really isn't even ftp, and to reiterate what I said above again, I use whichever fits my needs, or the needs of my clients, at the moment anyway.

Okay I voted in both polls, and I'm all for ditching proftpd as the default, and as at least one other person in these threads has asked of us, I'm also offering why.

Thanks Pat, for asking :) (Even though most of us are going to weigh in very heavily on the side of what your personal preferences are anyway ;)

Well Pat, I hope that my input on the matter helps.

Kindest regards,

T3slider 01-01-2011 12:57 AM

Er...wasn't the point to remove proftpd from a default install so Pat wouldn't have to keep up with the many security patches? There is no 'default' FTP server in Slackware...both servers are commented out in /etc/inetd.conf and vsftpd is actually placed first...so if the question involved merely setting vsftpd as the default FTP server, then what about the current installation would change? Provided that people are aware that Slackware currently ships with two FTP servers, I think the polls are fine.

mRgOBLIN 01-01-2011 02:00 AM

Although the removal of proftpd would make vsftpd the default by default. =)


All times are GMT -5. The time now is 07:16 PM.