I have installed ProFTPd through Webmin onto Ubuntu 8.10 Server edition.
I can connect to ProFTPd via FTP on Port 21 no problem, but currently am unable to via SFTP (using WinSCP).
I would like to block all FTP access on Port 21 and only make it only possible to connect via SFTP/SSH on Port 22.
I am trying to set up the FTP on my VPS. I am using webmin control pannel and os CentOs 4.
I have created a user called mic and made the home dir of the user /var/www/. then placed the user in the group ftpusers.
I then went into the proFTPD server config but of webadmin and set the user and group. i then tryed to log in to the FTP. SUCSESS.
BUT .... wen i tryed to upload somethink it give me permission denied. and when i try to delete somethink Access denied.
What did i do wrong?
Just got a new additional VPS with WHM/cPanel.
Browse to www.mydomain.com/webmail and get login box > login accepted and taken to Horde/Squirrelmail choice screen > choose Squirrelmail and get login box ... login not accepted! > Retry and choose Horde ... login not accepted!
The login is correct and the results are the same when logging in as root, or through /cPanel or /Webmail.
to set up a batch file on our server (Windows Server 2003) to upload an xml document to the web everyday. Due to nature of our business, we require the ftp to be secure (SFTP), so i need a DOS SFTP add-on: any suggestions.
It is also a requirement that we PAY for it (management?! ),
I am running Proftpd on my RedHat. I have disabled anonymous login because i dont need it and its running fine.
I have created a user named test on the server and i try to connect it by typing ftp://myserver/ and then provide the id and pass.
Now it logged-in successfully but cant access any directories on the server. i have been Google around but really getting confused how i properly create a ftp user
i want the test user to access the following directories and he can be able to upload and download files from these directories
/home/usman/public_html/
/home/usman/public_ftp/
/home/usman/cgi-bin/
This isn't a major problem but I was just wondering something regarding how ProFTPd functions. I have received a complaint about a user uploading a script, the script creating files and directories, and the user not being able to CHMOD, delete, rename, or do anything to these files.
When files are created through scripts on my server, they are given a default owner permission with "www-data" for the user and group.
Since ProFTPd is set up to only modify files on certain owner permissions according to the user's FTP access, ProFTPd will not allow any other owner permission and if any other owner permissions exist, ProFTPd will not allow those files to be modified or changed in anyway.
Is there a way to fix this? I've been trying to figure it out but I can't.
Just for note, I am using proftpd-mysql and so every user is linked through a MySQL database.
When connecting via an ftp client I want the directory listed to be /var/www/html but currently it's /home/username. I've tried changing the initial login directory with webmin to /var/www/html but to no avail. How would this be done?
View 1 Replies View Relatedwe have a WHM account... we have different accounts on that...and for each account, there are add-on domains underneath that. (i hope you know what i mean)
and we set it up to use only SFTP to connect to server. no FTP.
after we have set it up that way, it seems that we can only connect to SFTP using 1 user/pass for each account... that is the same user/pass we use for Cpanel of each account.
say, i have Account A... under Account A, i have addon domains: A1.com, A2.com, A3.com...
setting SFTP only on that server, all those addon domains of Account A, can only use 1 user/pass to login to SFTP which is the cpanel access also of Account A.
question is.... is this behavior correct??
how can we create a different user for each add-on domain?
I'm trying to upload about 200 Gb of data and it became clear to me to route it out a specific connection sftp was the way to go.. (the ssh2 kind)
The problems I'm now having is that the 2 applications I rely on cannot get the job done.. CuteFTP Pro 8 can't even begin to get it done it crashes, errors out etc. and for while there it looked like the free program WinSCP was going to get it done but now it errors out/crash's and while it actually did get about 1/4 of the data done, it seems to think when it reported it done.. it got it all (that is when it doesn't crash for no reason, these crashes only occurred mainly when I tried to get it do 3/4's or the rest of the data)
So anyway.. recommend me a good client app if you can.. (that does real folder sync transfers) preferably ssh2/sftp, I'm uploading to dreamhost if that makes a difference I assume it doesn't though..
I've noticed that on most servers I use, downloading a file over SFTP is about 4x slower than downloading over HTTP. Can anyone tell me why and if it's possible to tune the SFTP server?
- neither the server nor my desktop shows significant CPU use so it isn't the processing overhead of encryption.
- The symetric key ciphers used should not increase the number of bytes transmitted.
- The file being transferred is already bzipped so the HTTP isn't faster due to compression.
- I'm using OpenSSH on Linux / FreeBSD server side, and WinSCP on Windows XP / Vista client side.
i use ProFTPD as FTP.
I use webmin as admin panel.
After installation, im worried about the default security config.
Also, i can log as anonym wich is ok, however i can't log using my unix user what i have to do?
Here's my config sample;
Quote:
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName"Junky-Monkey"
ServerTypestandalone
DefaultServeron
# Port 21 is the standard FTP port.
Port21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask022
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances30
# Set the user and group under which the server will run.
Usernobody
Groupnobody
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~
# Normally, we want files to be overwriteable.
<Directory />
AllowOverwriteon
</Directory>
# A basic anonymous configuration, no upload directories. If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
Userftp
Groupftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAliasanonymous ftp
# Limit the maximum number of anonymous logins
MaxClients10
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLoginwelcome.msg
DisplayFirstChdir.message
# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
I would like to setup proftpd with mod_sql to access a mysql database for ftp accounts instead of using pam. The server has pleask 8.1 installed with psa-proftpd-xinetd-1.3.0 installed. How do I recompile the psa-proftpd with --with-modules=mod_sql option? Here is the current proftpd configure command:
configure --localstatedir=/var/run --with-libraries=/usr/lib64 --sysconfdir=/etc --with-modules=mod_ratio:mod_readme:mod_quota --with-modules=mod_ratio:mod_readme:mod_quota:mod_tls --enable-buffer-size=8192 --prefix=/usr CC=gcc CFLAGS=-O -pipe -O3 -fexpensive-optimizations -fstrength-reduce -pipe -DPLESK_Linux -I/usr/include/libxml2 -I/home/builder/buildbot/psa-aiconfig-810-fc4x64/build/plesk/lib/dist/usr/include -I/usr/include CXXFLAGS=-O -pipe -O3 -fexpensive-optimizations -fstrength-reduce -pipe -DPLESK_Linux -I/usr/include/libxml2 -I/home/builder/buildbot/psa-aiconfig-810-fc4x64/build/plesk/lib/dist/usr/include -I/usr/include CXX=g++ LDFLAGS= --enable-ltdl-convenience --no-create --no-recursion
anyone used this directive?
how did you decide on a decent value to set the limits at?
ideally id just like to stop processes taking up too much cpu, but it seems you cant set it as a %..
direct root logon to a server is disabled; using another login, obviously. However, I need to be able to SFTP files from my computer to a directory on the server using said login - yet it does not have correct permissions, evidently, and therefore can't even see the directory I need to be able to SFTP files to.
Tried CHOWNing the directory with that usename, giving it 777 permissions, etc.
i am not able to get connect to SFTP server
domain : testing.com
user : test@testing.com
pass : 123456
port : 7256
& getting following error
#####################
Status: Connecting to testing.com:7256...
Response: fzSftp started
Command: open "test@testing.com@testing.com" 7256
Command: Trust new Hostkey: Yes
Command: Pass: ************
Error: Authentication failed.
Error: Critical error
Error: Could not connect to server
#####################
note that we are able to get connected to the server with FTP using same username & password
i asked our data centre regarding this issue & they suggested to use root password , but we don't want to give root password to the client
I have it setup and have a user created that can upload files to my website.
The problem that I am running in to is that the files that this user uploads are owned by him not the cpanel website user. Thus when I try to view the page in my browser I get a server 500 error since the site is set to only serve up pages that are owned by the cpanel website user.
When using FTP in the same way we did not have this problem as the file that was uploaded would automatically be owned by the cpanel website user.
I just got a barebone server. Installed apache2, php5, mysql,phpmyadmin.
I only have SSH access to the server. I wish to use CoreFTP to transfer some webpage files to /var/www folder. I can login the server using CoreFTP's SSH/SFTP and it displays all the files and directories, but I do not have the permission to write.
My question is, how do I give myself permission to write? Here is the id of my user:
uid=1000(charlie) gid=1000(charlie) groups=1000(charlie),4(adm),20(dialout),24(cdrom),46(plugdev),110(lpadmin),111(sambashare),112(admin)
I'm noticing that no one seems to offer SSH or SFTP access to Windows hosts. It seems it would be more difficult to offer this, but does anyone reputable offer this?
I am planning on uploading semi-private MS Access databases (hence the lack of Unix options) for site use, and I'd rather not expose them unencrypted.
i had access in some servers via SSH and when i try to connect i get:
Welcome to The HOST!
login as: nickname
--------------------------
We monitor/log everything on that server! IP Logged!
--------------------------
nickname@host's password:
.............
I know that there is the motd file in /etc that i can put a message but i see it when i full be recognized by the server.. (after putting the password).. How can i put the other 2 messages?
Trying to install ProFTPD with mysql, the problem is after installing it and adding the lines in the config file to use MySQL the service fails to start. The error Im getting is:
"unknown configuration directive 'SQLAuthTypes'"
So it seems like it doesnt recongize the function needed to use mysql with proftpd, which is in mysql_mod.c. I did proftpd -l and the mysql_mod.c was not listed, I did a search on the whole box and couldnt find mysql_mod anywhere. Im on Fedora Core 6 and tried to install proftpd with yum:
yum install proftpd proftpd-mysql
Do I have to compile from source to get this to work? Or did I miss installing something else that would have mysql_mod.c present? I currently have mysql installed and running, tested the login info I had in the config file and everything works on the mysql side.Silly
What I want to do is setup virtualhosts for my clients and set the user/group that their files upload as. been on google and im guessing ill need to setup mod_auth?
View 2 Replies View RelatedCurrently I have
Umask 027
The problem is, how do I get the group to be set as apache on a file/dir upload? I really do not like having other permissions set, as it can be a security risk, allowing others to access someone else's files.
Another issue is, I can't remove privileges, but I can add them.
copy of proftpd.conf:
Code:
ServerName "FTP"
ServerType standalone
Port 21
PassivePorts 35000 35999
UseReverseDNS off
TimesGMT off
TimeoutLogin 120
TimeoutIdle 600
TimeoutNoTransfer 900
TimeoutStalled 3600
#MaxCients 20 "Sorry, the maximum number of allowed users are already connected (%m)"
#MaxClientsPerHost 2
#MaxClientsPerUser 2
MaxConnectionsPerHost 6 "Sorry, you may not have more then 6 connections open at a time"
MaxHostsPerUser 6 "Sorry, you may not connect more than 6 times"
ScoreboardFile /var/run/proftpd/proftpd.pid
TransferLog /var/log/proftpd/xferlog.legacy
LogFormat default "%h %l %u %t "%r" %s %b"
LogFormat auth "%v [%P] %h %t "%r" %s"
LogFormat write "%h %l %u %t "%r" %s %b"
#DON'T modify this log format. Its used by DirectAdmin to determine user usage
LogFormat userlog "%u %b"
ExtendedLog /var/log/proftpd/IP.bytes WRITE,READ userlog
AuthUserFile /etc/proftpd.passwd
DefaultServer on
#AuthPAM off
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/proftpd.tls.log
TLSProtocol TLSv1
TLSVerifyClient off
TLSRequired off
#Certificates
TLSRSACertificateFile /etc/exim.cert
TLSRSACertificateKeyFile /etc/exim.key
#TLSCACertificateFile /etc/ftpd/root.cert.pem
</IfModule>
<Global>
DeferWelcome on
RequireValidShell no
DefaultRoot ~
DirFakeUser on ftp
DirFakeGroup on ftp
User ftp
Group ftp
#UserAlias anonymous ftp
AllowStoreRestart on
AllowRetrieveRestart on
ListOptions -a
Umask 027 022
DisplayLogin welcome.msg
DisplayChdir readme
AllowOverwrite on
IdentLookups off
ExtendedLog /var/log/proftpd/access.log WRITE,READ write
ExtendedLog /var/log/proftpd/auth.log AUTH auth
#
# Paranoia logging level....
#
#ExtendedLog /var/log/proftpd/paranoid.log ALL default
</Global>
Include /etc/proftpd.vhosts.conf
We've got a Linux box running ProFTPd reaches a Windows box over SAMBA. This works very well but when the client has a great number of files, the FTP Windows-based FTP clients they use don't always give accurate directory listings (if any at all). I know there's some bug in the way SAMBA works with Windows File Sharing but I don't know what the magic file number is that, when reached, prevents a proper directory listing. Does anyone know what this magic number is or if there's an available, tested fix for this?
View 3 Replies View RelatedI wanted to upgrade proftpd and dit this.
I followed an how-to on directadminforums:
Code:
cd /usr/local/directadmin/customapache/
wget ftp://ftp.proftpd.org/distrib/source....3.1rc2.tar.gz
tar xzf proftpd-1.3.1rc2.tar.gz
rm -rf proftpd-1.3.1rc2.tar.gz
cd proftpd-1.3.1rc2
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var/run --with-modules=mod_ratio:mod_readme:mod_tls
make
make install
perl -pi -e "s/^AuthPAM on/#AuthPAM on/g" /etc/proftpd.conf
/etc/rc.d/init.d/proftpd restart
I changed the proftpd-1.3.1rc2 version to the newest version of proftpd.org
When I run /etc/init.d/proftpd start, I get the following:
Code:
Starting proftpd: - mod_tls/2.1.2: compiled using OpenSSL version 'OpenSSL 0.9.7k 05 Sep 2006' headers, but linked to OpenSSL version 'OpenSSL 0.9.7a Feb 19 2003' library
- Fatal: unable to load module 'mod_tls.c': Operation not permitted
[FAILED]
How do you plan new network cable on your rack?
5e utp
5e ftp
6 utp
6 sstp
6a sftp
Most of my background is the Linux/Mac world, but I do have ample Windows skill set, just not as refined or aware of all the available applications in Windows world, geared toward Joe User.
My accountant needs to run two sets of backups. First, he wants to backup his documents to an offsite location (space on his web hosting service) and he wants them to be encrypted on the web hosting server, which is understandable and recommended.
Short of installing TrueCrypt and using Filezilla with a manual process , is there any free or low-cost (but well supported) that would automatically upload revised documents and data files in encrypted form? This would not be very much data, just simple documents and accounting data files.
Secondly, he wants to have a "snapshot" of his HD to a USB portable drive (standard 2.5 HD). On Linux, I'd recommend Rsync, on Mac, Rsync or SuperDuper (and others), but on Windows, any recommendations? I see Unison, etc. I would just want it to update any files that have changed to make subsequent backups run much faster, such as only 15-18 minutes (depending on amount of data changed) and make the drive bootable, so in the event he looses his HD in his laptop, he could boot from the USB portable drive and be back up and running.
While I know I could easily figure out all this on a more manual basis, looking for things that would be friendly for Joe User to use and/or be something that can be setup and would run pretty much on it's own, assuming the backup drive was connected or system was on the Internet to upload the files, etc.
I am unable to find how to resume file transfor via sftp and command line:
I use PUT command to upload file, but when connections fails and I start again, the transfer starts from its beginning - how could I made it to check the uploaded part and then resume?