Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

From proftpd to pureftpd
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Maverick2k
n00b
n00b


Joined: 14 Apr 2004
Posts: 45
Location: Netherlands
PostPosted: Mon Jan 16, 2006 8:25 pm    Post subject: From proftpd to pureftpd Reply with quote
Hi,

I have used proftpd, but now I want to use pure-ftpd. But there are options that I know from proftp that aren't included in pure-ftpd or I don't no how to activate them.

In proftpd you can start the deamon with the user nobody is there some option to establish this security option in pure-ftpd.

And in proftpd you can specify what group users are allowed to login, I have established that users as root can't login with pam ftp_users_deny file, is there a better way to do that.

Other tips are also welcome.

thnx in advance.
grtz
Mv2k
_________________
Are you tired of being a crash test dummy for Microsoft? Discover Linux.
Back to top
View user's profile Send private message
Janis
n00b
n00b


Joined: 05 May 2003
Posts: 9
Location: New York
PostPosted: Tue Jan 17, 2006 5:05 am    Post subject: Reply with quote
I also switched from proftpd to pure-ftp. At the time it was a matter of security I think. I just emerged it and didn't worry about what user was running it though. As far as who can log in, you control that with the switches in the config file (no anonymous, etc.). Pure-ftpd is very different from proftpd in that you don't have the apache-like structure to control things.. but I don't miss it to be honest.
Some notes that might save you a headache: make sure this line is un_commented:
IS_CONFIGURED="yes"

These are the options I selected for my shareware download site:
MISC_OTHER="-A -i -H -R -X"
Back to top
View user's profile Send private message
Maverick2k
n00b
n00b


Joined: 14 Apr 2004
Posts: 45
Location: Netherlands
PostPosted: Thu Jan 19, 2006 5:21 pm    Post subject: Reply with quote
Thank you for youre reply.

I will test my configuration. If somebody has some tips about pure-ftp there welcome :D
_________________
Are you tired of being a crash test dummy for Microsoft? Discover Linux.
Back to top
View user's profile Send private message
minskpower
Tux's lil' helper
Tux's lil' helper


Joined: 16 Jun 2005
Posts: 94
Location: /dev/null
PostPosted: Thu Jan 19, 2006 6:42 pm    Post subject: Reply with quote
Pure-ftpd kicks proftpd's ass :)
Definetly do the switch, it's VERY configurable, clear documentation and a beautiful config file :)

If you want it the easy way, set it up to use mysql, no more PAM auth, virtual users, bandwith, ip access limits, disk space limits and more.
Give it a shot.
Back to top
View user's profile Send private message
Maverick2k
n00b
n00b


Joined: 14 Apr 2004
Posts: 45
Location: Netherlands
PostPosted: Sat Jan 21, 2006 9:30 pm    Post subject: Reply with quote
I have tryed pure-ftpd on one computer It worked, now I want to set it on my server.

But the server doesn't accept the connection.

This is my configfile:

Code:

# Config file for /etc/init.d/pure-ftpd
##Comment variables out to disable its features, or change the values in it... ##

## This variable must be uncommented in order for the server to start ##
IS_CONFIGURED="yes"

## FTP Server,Port (separated by comma) ##
## If you prefer host names over IP addresses, it's your choice :
## SERVER="-S ftp.rtchat.com,21"
## IPv6 addresses are supported.
## !!! WARNING !!!
## Using an invalid IP will result in server not starting and reporting
## a good start. Work is being done to solve that in:
## http://bugs.gentoo.org/show_bug.cgi?id=75861
#SERVER="-S 192.168.0.1,21"
SERVER="-S 192.168.1.1,21"

## Number of simultaneous connections in total, and per ip ##
MAX_CONN="-c 10"
MAX_CONN_IP="-C 3"

## Start daemonized in background ##
DAEMON="-B"

## Don't allow uploads if the partition is more full then this var ##
DISK_FULL="-k 90%"

## If your FTP server is behind a NAT box, uncomment this ##
#USE_NAT="-N"

## Authentication (others are 'pam', ...)##
## Further infos in the README file.
AUTH="-l pam"

## Change the maximum idle time. (in minutes. default 15)
#TIMEOUT="-I <timeout>'"

## Use that facility for syslog logging. It defaults to 'ftp'
## Logging can be disabled with '-f none' .
#LOG="-f facility"

## Misc. Others ##
MISC_OTHER="-A -x -j -E -R -B -p 51000:51150  -O clf:/var/log/pureftpd.log -T 50:50 -n 1000:20"


If I try to login he see's the server and gives the following response:

Code:

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 10 allowed.
220-Local time is now 00:21. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
    USER nexus
331 User nexus OK. Password required
    PASS (hidden)
    Cannot login waiting to retry (30s)...
    Server closed connection


My user has an home directory and a valid shell ftp that is a copy of /bin/false

I can't seem to find out what the problem is
_________________
Are you tired of being a crash test dummy for Microsoft? Discover Linux.
Back to top
View user's profile Send private message
Maverick2k
n00b
n00b


Joined: 14 Apr 2004
Posts: 45
Location: Netherlands
PostPosted: Sun Jan 22, 2006 11:27 am    Post subject: Reply with quote
I forgot to post my pam configuration:

Code:

# Provided by ftpbase (dont remove this line!)
# Standard pam.d file for ftp service packages.
# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftpbase/files/ftp-pamd-include,v 1.1 2005/06/28 14:52:26 uberlord Exp $

auth     required  pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth     include   system-auth

# If this is enabled, anonymous logins will fail because the 'ftp' user does
# not have a "valid" shell, as listed in /etc/shells.
#
# If you enable this, it is recommended that you do *not* give the 'ftp'
# user a real shell. Instead, give the 'ftp' user /bin/false for a shell and
# add /bin/false to /etc/shells.
# auth     required  pam_shells.so

account  include   system-auth

session  include   system-auth


When I try to login with a user that really exist I get the message that is shown above in my post before. If I try to login with a user that does not exist It's gives authentication failed.

But still I don't no what error is causing this problem.
_________________
Are you tired of being a crash test dummy for Microsoft? Discover Linux.
Back to top
View user's profile Send private message
Maverick2k
n00b
n00b


Joined: 14 Apr 2004
Posts: 45
Location: Netherlands
PostPosted: Sun Jan 22, 2006 5:40 pm    Post subject: Reply with quote
Finally my problem is solved.

the home directory wasn't accesable for the user because the permissions weren't set properly. :D:D

A stupid mistake but I am still learning :D
_________________
Are you tired of being a crash test dummy for Microsoft? Discover Linux.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy