|
|
|
|
|
|
hüttencrew
Registrierungsdatum: Aug 2000
Beiträge: 382
|
proftpd redhat 7.3
Hallo also ich krieg es einfach nicht gebacken das ich proftp so zum laufen bringe, dass ich mich einloggen auf dem ftp...
er sagt immer 530 invalid username ...
hier mal die proftp.conf:
# This is the ProFTPD configuration file
# $Id: proftpd.conf,v 1.6 2003/09/24 10:51:11 dude Exp $
ServerName "ProFTPD server"
ServerIdent on "lalaBlub!"
ServerAdmin root@localhost
ServerType standalone
#ServerType inetd
DefaultServer on
AccessGrantMsg "User %u logged in."
#DisplayConnect /etc/ftpissue
#DisplayLogin /etc/ftpmotd
#DisplayGoAway /etc/ftpgoaway
DeferWelcome off
# Use this to excude users from the chroot
DefaultRoot ~ !adm
# Use pam to authenticate by default
AuthPAMAuthoritative on
# Do not perform ident nor DNS lookups (hangs when the port is filtered)
IdentLookups off
UseReverseDNS off
# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
# Default to show dot files in directory listings
ListOptions "-a"
# See Configuration.html for these (here are the default values)
#MultilineRFC2228 off
#RootLogin off
#LoginPasswordPrompt on
#MaxLoginAttempts 3
#MaxClientsPerHost none
#AllowForeignAddress off # For FXP
# Allow to resume not only the downloads but the uploads too
AllowRetrieveRestart on
AllowStoreRestart on
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 20
# Set the user and group that the server normally runs at.
User nobody
Group nobody
# This is where we want to put the pid file
ScoreboardFile /var/run/proftpd.score
# Normally, we want users to do a few things.
<Global>
AllowOverwrite yes
<Limit ALL SITE_CHMOD>
AllowAll
</Limit>
</Global>
# Define the log formats
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
# TLS
# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
#TLSEngine on
#TLSRequired on
#TLSRSACertificateFile /usr/share/ssl/certs/proftpd.pem
#TLSRSACertificateKeyFile /usr/share/ssl/certs/proftpd.pem
#TLSCipherSuite ALL:!ADH:!DES
#TLSOptions NoCertRequest
#TLSVerifyClient off
##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
#TLSLog /var/log/proftpd/tls.log
# A basic anonymous configuration, with an upload directory.
#<Anonymous ~ftp>
# User ftp
# Group ftp
# AccessGrantMsg "Anonymous login ok, restrictions apply."
#
# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp
#
# # Limit the maximum number of anonymous logins
# MaxClients 10 "Sorry, max %m users -- try again later"#
#
# # Put the user into /pub right after login
# #DefaultChdir /pub
#
# # We want 'welcome.msg' displayed at login, '.message' displayed in
# # each newly chdired directory and tell users to read README* files.
# DisplayLogin /welcome.msg
# DisplayFirstChdir .message
# DisplayReadme README*
#
# # Some more cosmetic and not vital stuff
# DirFakeUser on ftpadm
# DirFakeGroup on ftpadm
#
# # Limit WRITE everywhere in the anonymous chroot
# <Limit WRITE SITE_CHMOD>
# # DenyAll
# </Limit>
#
# # An upload directory that allows storing files but not retrieving
# # or creating directories.
# <Directory uploads/*>
# AllowOverwrite no
# <Limit READ>
# DenyAll
# </Limit>
#
# <Limit STOR>
# AllowAll
# </Limit>
# </Directory>
#
# # Don't write anonymous accesses to the system wtmp file (good idea!)
# WtmpLog off#
#
# # Logging for the anonymous transfers
# ExtendedLog /var/log/proftpd/access.log WRITE,READ default
# ExtendedLog /var/log/proftpd/auth.log AUTH auth
#
#</Anonymous>
# Allow webadmin access to /
DefaultChdir /var/www webadmin
#Set the default root to website document root for webadmin group members
DefaultRoot ~ !webadmin
DefaultRoot /var/www webadmin
#Restrict all users from using FTP except listed
<Limit LOGIN>
AllowGroup ftpusers
DenyAll
</Limit>
ich weiss nit recht woran es liegen könnte...
|
11. 05. 2004, 00:50
|
#1
|
|
Mitglied
Registrierungsdatum: Nov 2003
Beiträge: 293
|
Die proftpd.conf alleine hilft nicht weiter, denn:
Code:
# Use pam to authenticate by default
AuthPAMAuthoritative on
Stöbere mal in /etc/pam.d/ nach "ftpd" oder "proftpd" oder ähnlichem und poste das dann bitte.
Das Limit LOGIN macht übrigens afaik keinen Sinn, da das auch von pam geregelt wird.
|
|
11. 05. 2004, 06:23
|
#2
|
|
hüttencrew
(Threadstarter)
Registrierungsdatum: Aug 2000
Beiträge: 382
|
jop hier die datei:
etc/pam.d/ftp
#%PAM-1.0
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
session required /lib/security/pam_pwdb.so
|
|
11. 05. 2004, 08:31
|
#3
|
|
al Forno
Registrierungsdatum: Feb 2001
Beiträge: 443
|
Kann es sein, dass der username in /etc/ftpusers drinsteht?
Dann kriegt er genau keinen Zugang.
|
|
11. 05. 2004, 11:29
|
#4
|
|
Harbard
Registrierungsdatum: Dec 2003
Ort: Berlin
Beiträge: 1.207
|
Kommentier die vier Zeilen unter "Restrict all users from using FTP except listed" aus oder denk darüber nach, was das bedeuted.
|
|
11. 05. 2004, 11:49
|
#5
|
|
Mitglied
Registrierungsdatum: Nov 2003
Beiträge: 293
|
Etwas ungeschickt ist die Kombination aus
Code:
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
und oben angesprochenem Limit LOGIN...
|
|
11. 05. 2004, 12:51
|
#6
|
|
hüttencrew
(Threadstarter)
Registrierungsdatum: Aug 2000
Beiträge: 382
|
hmm und was soll ihc da nu machen? hat nich jemand ne standart conf für das teil ? und was soll ich inner pam file ändern damit es funzt?
habs jetzt so also die conf ( pam is das gleiche wie oben noch)
ServerName "ProFTPD server"
ServerIdent on "test3 Paschy ist doof und der FTP-Server ist ready."
ServerAdmin root@localhost
ServerType standalone
#ServerType inetd
DefaultServer on
AccessGrantMsg "User %u logged in."
DeferWelcome off
defaultroot ~
AuthPAMAuthoritative on
IdentLookups off
UseReverseDNS off
Port 21
Umask 022
ListOptions "-a"
AllowRetrieveRestart on
AllowStoreRestart on
MaxInstances 20
User nobody
Group nobody
ScoreboardFile /var/run/proftpd.score
<Global>
AllowOverwrite yes
<Limit ALL SITE_CHMOD>
AllowAll
</Limit>
</Global>
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
<Anonymous /home/ftp>
RequireValidShell off
User ftp
Group ftp
AccessGrantMsg "Anonymous login ok, restrictions apply."
UserAlias anonymous ftp
MaxClients 5 "Sorry, max %m users -- try again later"
DisplayLogin /welcome.msg
DisplayFirstChdir .message
DirFakeUser on ftpadm
DirFakeGroup on ftpadm
<Limit WRITE SITE_CHMOD>
DenyAll
</Limit>
<Limit LOGIN>
AllowAll
</Limit>
WtmpLog off
ExtendedLog /var/log/proftpd/access.log WRITE,READ default
ExtendedLog /var/log/proftpd/auth.log AUTH auth
</Anonymous>
damit komm ich als anonym schonmal drauf nur halt username funzt nicht
|
|
12. 05. 2004, 10:32
|
#7
|
|
Mitglied
Registrierungsdatum: Nov 2003
Beiträge: 293
|
Du kannst dich nicht einloggen, weil du den user in ftpusers eingetragen hast. Das hat stronzo schon gesagt...
|
|
12. 05. 2004, 17:53
|
#8
|
|
hüttencrew
(Threadstarter)
Registrierungsdatum: Aug 2000
Beiträge: 382
|
nein der user steht in der datei nicht drin!
|
|
16. 05. 2004, 23:26
|
#9
|
|
|
Alle Zeitangaben in UTC +1. Es ist jetzt 18:22 Uhr.
|
|
