LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Suse/Novell
User Name
Password
Suse/Novell This Forum is for the discussion of Suse Linux.

Notices

Reply
 
Search this Thread
Old 01-24-2013, 08:49 AM   #1
slufoot80
Member
 
Registered: Nov 2011
Posts: 61

Rep: Reputation: Disabled
Talking Failure to deny ftp access - proftpd


The problem is I can sftp and ftp to the server but if I enter the user name in the "/etc/ftpusers" file it disables both, How can I block ftp and not sftp?, below is the out put to "proftpd -V"
proftpd -V| head
Compile-time Settings:
Version: 1.3.4a (maint)
Platform: LINUX [Linux 2.6.32.54-0.3-default x86_64]
Built: Thu Feb 16 2012 10:23:20 EST

Code:
proftpd -V
Compile-time Settings:
  Version: 1.3.4a (maint)
  Platform: LINUX [Linux 2.6.32.54-0.3-default x86_64]
  Built: Thu Feb 16 2012 10:23:20 EST
  Built With:
    configure  '--prefix=/usr/local' '--enable-openssl' '-with-modules=mod_sftp:mod_tls'

  CFLAGS: -O2 -Wall
  LDFLAGS: -L$(top_srcdir)/lib  
  LIBS:  -lssl -lcrypto -lssl -lcrypto -L$(top_srcdir)/lib/libcap -lcap  -lssl  -lcrypto -lsupp -lcrypt -ldl  -ldl -lz

  Files:
    Configuration File:
      /usr/local/etc/proftpd.conf
    Pid File:
      /usr/local/var/proftpd.pid
    Scoreboard File:
      /usr/local/var/proftpd.scoreboard

  Features:
    - Autoshadow support
    - Controls support
    - curses support
    - Developer support
    - DSO support
    + IPv6 support
    + Largefile support
    - Lastlog support
    - Memcache support
    + ncurses support
    - NLS support
    + OpenSSL support
    - PCRE support
    - POSIX ACL support
    + Shadow file support
    + Sendfile support
    + Trace support

  Tunable Options:
    PR_TUNABLE_BUFFER_SIZE = 1024
    PR_TUNABLE_DEFAULT_RCVBUFSZ = 8192
    PR_TUNABLE_DEFAULT_SNDBUFSZ = 8192
    PR_TUNABLE_GLOBBING_MAX_MATCHES = 100000
    PR_TUNABLE_GLOBBING_MAX_RECURSION = 8
    PR_TUNABLE_HASH_TABLE_SIZE = 40
    PR_TUNABLE_NEW_POOL_SIZE = 512
    PR_TUNABLE_SCOREBOARD_BUFFER_SIZE = 80
    PR_TUNABLE_SCOREBOARD_SCRUB_TIMER = 30
    PR_TUNABLE_SELECT_TIMEOUT = 30
    PR_TUNABLE_TIMEOUTIDENT = 10
    PR_TUNABLE_TIMEOUTIDLE = 600
    PR_TUNABLE_TIMEOUTLINGER = 30
    PR_TUNABLE_TIMEOUTLOGIN = 300
    PR_TUNABLE_TIMEOUTNOXFER = 300
    PR_TUNABLE_TIMEOUTSTALLED = 3600
    PR_TUNABLE_XFER_SCOREBOARD_UPDATES = 10
Below is the proftpd.conf file

Code:
cat /usr/local/etc/proftpd.conf
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName                      "ProFTPD Default Installation"
ServerType                      standalone 
DefaultServer                   on
ServerIdent on "corp-ftpint01"
UseReverseDNS                   off
IdentLookups                    off
DisplayConnect  /etc/default/welcome.msg
# Port 21 is the standard FTP port.
Port                            21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           002
#DisplayLogin /etc/default/welcome.msg
# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances                    200
MaxClientsPerUser               20

# Set the user and group under which the server will run.
User                            nobody
Group                           nogroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~ 

# Normally, we want files to be overwriteable.
<Directory />
  AllowOverwrite                on
</Directory>

# A basic anonymous configuration, no upload directories.  If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
TimesGMT off
SetEnv TZ :/etc/localtime
TimeoutNoTransfer 1500
TransferLog /var/log/corp-intftp01-trans.log
ExtendedLog /var/log/corp-intftp01.commandlog all
SystemLog /var/log/proftpd.system.log

<Class ethos>
    From 10.16.4.228/32
</Class>
<Class ocr>
    From 10.110.16.0/24 
</Class>

MaxClientsPerClass ethos 20
MaxClientsPerClass ocr 30
MaxConnectionsPerHost   20
DebugLevel 10
<Global>
        UseFtpUsers on
</Global>

Last edited by slufoot80; 01-24-2013 at 08:53 AM. Reason: new information
 
  


Reply

Tags
ftp, proftpd, sftp, suse


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Proftpd won't allow users to gain access to anonymous FTP j.smith1981 Linux - Security 2 11-10-2012 02:04 AM
how to deny user from accessing FTP service using /etc/hosts.deny in redhat 6 raasukutty Linux - Security 6 01-19-2012 04:32 PM
how to deny user to use ftp to access system ust Linux - Software 4 05-23-2005 08:39 PM
Anonymous access ftp using Proftpd mkabia Linux - Networking 2 12-11-2004 04:18 AM
RW access to a directory via FTP using ProFTPD borbzz Linux - Software 4 05-11-2004 10:23 PM


All times are GMT -5. The time now is 01:36 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration