LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-01-2015, 12:25 AM   #1
Galaxy_Stranger
Member
 
Registered: Oct 2003
Distribution: CentOS 6 and Fedora
Posts: 252

Rep: Reputation: 36
ProFTPD - User Configuration


I've got ProFTPD installed and running on my machine. I created a Virtual user via gadmin-proftpd. Got everything working with SSL and created a certificicate. I'm able to login via this user I created. Even got directory access working exactly how I want it. Note, the user I created has the same user name as a system user - but different password.

Then I created a second user - also Virtual. This user did NOT exist on the system. I set up the user and gave it a password - and couldn't log in. I fiddled around and tried to find more information about user creation and administration on the Internet, but I couldn't log in as the second user - until I created it on the system. Not only that, ProFTPD only allows the user to log in via the user's system password - not the one I assigned it in ProFTPD. This now presents a problem because this user can now have SSH access, etc., which I want to avoid or I'll have to fiddle with whitelisting users on SSH.

Can someone help me understand how ProFTPD works in regard to users.
 
Old 03-02-2015, 08:29 AM   #2
sudowtf
Member
 
Registered: Nov 2013
Posts: 205

Rep: Reputation: 46
i'm not the authority on this, but i have two virtual users that are working and do not allow login.

in my /etc/proftpd/proftpd.conf , i have:
Code:
AuthUserFile /etc/proftpd/ftpd.passwd
AuthGroupFile /etc/proftpd/ftpd.group
i use the tool 'ftpasswd' to manipulate those files. i use the '--shell /bin/false' option to make certain they cannot login via console or ssh.

Code:
$ ftpasswd --help | grep required
    --home      Home directory for the user (required).
    --name      Name of the user account (required).  If the name does not
    --shell     Shell for the user (required).  Recommended: /bin/false
    --uid       Numerical user ID (required)
    --gid       Numerical group ID (required).
    --name      Name of the group (required).  If the name does not exist in
my ftpd.password file looks something like this:
Code:
$ sudo cat /etc/proftpd/ftpd.passwd 
joe:$1$D3j5Zw6L$jl73TqmYgy9ObSeKSGOrZ.:1000:1000::/mnt/synology/joe:/bin/false
frank:$1$xl7eFh4J$yTeGCs6sWjRf3BxDH1PUf.:1000:1000::/mnt/synology/frank:/bin/false
Now you will see they are set to 1000:1000. i am unsure if this is ultimately proper. this relates to my personal local account user id / group id. I THINK that more properly would be to create a system user named ftpuser with no home, no shell and assign your virtual users to it.

Code:
$ cat /etc/passwd | grep ftpuser
ftpuser:x:1001:1001::/dev/null:/bin/false
then manipulate file/folder rights with that user (chown/chmod). [??? maybe]

more info here: http://www.proftpd.org/docs/howto/VirtualUsers.html
notice the quote "Important: proftpd will use all authentication mechanisms by default."

Last edited by sudowtf; 03-02-2015 at 08:51 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Setting up proftpd to allow normal (no user or anonymous user required) operation mitusf Slackware 1 12-31-2012 10:24 AM
proftpd multi-user configuration, user cannot show contents of directories uglyoldbob Linux - Server 6 09-15-2008 11:18 PM
Mandrake 9.2 proftpd user configuration problems biniar Linux - Newbie 4 04-03-2004 02:17 PM
Pleasehelp with proftpd.conf - trying to config user to write files as other user. philg Linux - Software 1 06-21-2003 12:13 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 09:30 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration