I would like to setup proftpd with mod_sql to access a mysql database for ftp accounts instead of using pam. The server has pleask 8.1 installed with psa-proftpd-xinetd-1.3.0 installed. How do I recompile the psa-proftpd with --with-modules=mod_sql option? Here is the current proftpd configure command:
My Plesk version is 8.2 and i use debian 3.1, I check the instructions on
[url]
this faq, it seems added in both inetd configuration file and xinetd.d configuration file in my configuration, also xinetd is working through system but ftp cannot be connectable. It gives "Unable to login server" from remote client and i also check with command line ftp client and service says that "421 Service not available, remote server has closed connection"
I also check this
[url]
faq and port is open:
Quote:
Starting nmap 3.81 [url] at 2007-08-02 16:59 CEST Interesting ports on xx-server.xxxxxx.net (xxx.xxx.xxx.xxx): PORT STATE SERVICE 21/tcp open ftp
Nmap finished: 1 IP address (1 host up) scanned in 0.013 seconds
Is there anyone knows how could I solve this situation?
How do I remove psa-proftpd on my Server? or make config by proftpd-basic?I have problems with Game Panel Easy-Wi..or is there a tutorial about this problem with Plesk and Easy-Wi?
I'm running a brand new installed VPS with CentOS 6.6 and Plesk 12.0.18. I created a subscription and by default a FTP user is created. However, I cannot login with these credentials. I also created a new user but the same problem presists. I'm 100% sure that the username and password is correct.
Filezilla gives me and 530 Login incorrect. But if I look at the /var/log/secure file, I see this odd message (FTP username = test):
Jan 30 16:01:45 transip proftpd: PAM unable to dlopen(/lib64/security/pam_stack.so): /lib64/security/pam_stack.so: cannot open shared object file: No such file or directory Jan 30 16:01:45 transip proftpd: PAM adding faulty module: /lib64/security/pam_stack.so Jan 30 16:01:45 transip proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers Jan 30 16:01:45 transip proftpd[18085]: 127.0.0.1 (x.x.x.x[x.x.x.x]) - USER test (Login failed): No such user found
No such user found, although it is created with Plesk.
I am noticing that several of my users are wiping out their user root folders ( logs, error docs, etc...) when they fail to use '/httpdocs/' as the root directory when publishing with FTP.
I fixed this by editing the proftpd.conf to use ~/httpdocs/ as the DefaultRoot folder ( instead of just ~/ ).Would it be safer(better) to go through all the ftp users and make the home directory '/httpdocs/' instead of '/' in the admin UI? If yes, what is the best way to do a mass update of this setting for multiple users ( multiple domains ) ?
I had a HDD crash recently on my Root Server. Replaced HDDs, installed Ubuntu 12.04 LTS, since Ubuntu 14.04 LTS is not supported by Plesk yet. Anyway...
I had 2 issues:
1) Could not create Customers, because IP Pool was empty. Changed IP Type from Dedicated to Shared. Fixed issue. 2) Cannot connect to the FTP Server using the Login Data from one of my Domains.
FlashFXP and FileZilla both show the same error, which is:
Code: Response:220 ProFTPD 1.3.4c Server (ProFTPD) [*ip removed*] Command:USER *user removed* Response:331 Password required for *user removed* Command:PASS ************** Response:530 Login incorrect. Error:Critical error Error:Could not connect to server
I have a brand new Plesk 12 Installation with just a first Subscription/Domain for my test. Enabling fail2ban jails brings me the following error for the jails plesk-proftpd and ssh. All others went on.
error 'f2bmng failed: ERROR No file(s) found for glob /var/log/secure'.
I see that /var/log/secure is missing, althoug I already used ssh and ftp to log in once. I can go to touch the /var/log/secure file or adjust the jail configs to proper log file location? Which is the way to go?
My company and I are currently discovering Plesk on a CentOS 6.6 based system. We are migrating from an old system on which FTP usernames could hold uppercase letters, which apparently is not the case in Plesk 11 (or is it because of CentOS?).
Anyway, as we can't change these FTP account names, I was thinking about creating a rule with mod_rewrite in the proftpd.conf file.
So the question is: how can I reinstall/reconfigure proftpd with this module activated? I don't even know where to find the corresponding package (which repo, correct version, etc...)
I am running Proftpd on my RedHat. I have disabled anonymous login because i dont need it and its running fine.
I have created a user named test on the server and i try to connect it by typing ftp://myserver/ and then provide the id and pass.
Now it logged-in successfully but cant access any directories on the server. i have been Google around but really getting confused how i properly create a ftp user
i want the test user to access the following directories and he can be able to upload and download files from these directories
This isn't a major problem but I was just wondering something regarding how ProFTPd functions. I have received a complaint about a user uploading a script, the script creating files and directories, and the user not being able to CHMOD, delete, rename, or do anything to these files.
When files are created through scripts on my server, they are given a default owner permission with "www-data" for the user and group.
Since ProFTPd is set up to only modify files on certain owner permissions according to the user's FTP access, ProFTPd will not allow any other owner permission and if any other owner permissions exist, ProFTPd will not allow those files to be modified or changed in anyway.
Is there a way to fix this? I've been trying to figure it out but I can't.
Just for note, I am using proftpd-mysql and so every user is linked through a MySQL database.
When connecting via an ftp client I want the directory listed to be /var/www/html but currently it's /home/username. I've tried changing the initial login directory with webmin to /var/www/html but to no avail. How would this be done?
After installation, im worried about the default security config.
Also, i can log as anonym wich is ok, however i can't log using my unix user what i have to do?
Here's my config sample;
Quote:
# This is a basic ProFTPD configuration file (rename it to # 'proftpd.conf' for actual use. It establishes a single server # and a single anonymous login. It assumes that you have a user/group # "nobody" and "ftp" for normal operation and anon.
# Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask022
# To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd). MaxInstances30
# Set the user and group under which the server will run. Usernobody Groupnobody
# To cause every FTP user to be "jailed" (chrooted) into their home # directory, uncomment this line. DefaultRoot ~
# Normally, we want files to be overwriteable. <Directory /> AllowOverwriteon </Directory>
# A basic anonymous configuration, no upload directories. If you do not # want anonymous users, simply delete this entire <Anonymous> section. <Anonymous ~ftp> Userftp Groupftp
# We want clients to be able to login with "anonymous" as well as "ftp" UserAliasanonymous ftp
# Limit the maximum number of anonymous logins MaxClients10
# We want 'welcome.msg' displayed at login, and '.message' displayed # in each newly chdired directory. DisplayLoginwelcome.msg DisplayFirstChdir.message
# Limit WRITE everywhere in the anonymous chroot <Limit WRITE> DenyAll </Limit> </Anonymous>
Trying to install ProFTPD with mysql, the problem is after installing it and adding the lines in the config file to use MySQL the service fails to start. The error Im getting is:
"unknown configuration directive 'SQLAuthTypes'"
So it seems like it doesnt recongize the function needed to use mysql with proftpd, which is in mysql_mod.c. I did proftpd -l and the mysql_mod.c was not listed, I did a search on the whole box and couldnt find mysql_mod anywhere. Im on Fedora Core 6 and tried to install proftpd with yum:
yum install proftpd proftpd-mysql
Do I have to compile from source to get this to work? Or did I miss installing something else that would have mysql_mod.c present? I currently have mysql installed and running, tested the login info I had in the config file and everything works on the mysql side.Silly
What I want to do is setup virtualhosts for my clients and set the user/group that their files upload as. been on google and im guessing ill need to setup mod_auth?
The problem is, how do I get the group to be set as apache on a file/dir upload? I really do not like having other permissions set, as it can be a security risk, allowing others to access someone else's files.
Another issue is, I can't remove privileges, but I can add them.
copy of proftpd.conf:
Code: ServerName "FTP" ServerType standalone
Port 21 PassivePorts 35000 35999 UseReverseDNS off TimesGMT off TimeoutLogin 120 TimeoutIdle 600 TimeoutNoTransfer 900 TimeoutStalled 3600
#MaxCients 20 "Sorry, the maximum number of allowed users are already connected (%m)" #MaxClientsPerHost 2 #MaxClientsPerUser 2 MaxConnectionsPerHost 6 "Sorry, you may not have more then 6 connections open at a time" MaxHostsPerUser 6 "Sorry, you may not connect more than 6 times"
#DON'T modify this log format. Its used by DirectAdmin to determine user usage LogFormat userlog "%u %b" ExtendedLog /var/log/proftpd/IP.bytes WRITE,READ userlog
AuthUserFile /etc/proftpd.passwd DefaultServer on
#AuthPAM off
<IfModule mod_tls.c> TLSEngine on TLSLog /var/log/proftpd/proftpd.tls.log TLSProtocol TLSv1 TLSVerifyClient off TLSRequired off
We've got a Linux box running ProFTPd reaches a Windows box over SAMBA. This works very well but when the client has a great number of files, the FTP Windows-based FTP clients they use don't always give accurate directory listings (if any at all). I know there's some bug in the way SAMBA works with Windows File Sharing but I don't know what the magic file number is that, when reached, prevents a proper directory listing. Does anyone know what this magic number is or if there's an available, tested fix for this?
Code: cd /usr/local/directadmin/customapache/ wget ftp://ftp.proftpd.org/distrib/source....3.1rc2.tar.gz tar xzf proftpd-1.3.1rc2.tar.gz rm -rf proftpd-1.3.1rc2.tar.gz cd proftpd-1.3.1rc2 ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var/run --with-modules=mod_ratio:mod_readme:mod_tls make make install perl -pi -e "s/^AuthPAM on/#AuthPAM on/g" /etc/proftpd.conf /etc/rc.d/init.d/proftpd restart I changed the proftpd-1.3.1rc2 version to the newest version of proftpd.org
When I run /etc/init.d/proftpd start, I get the following:
Code: Starting proftpd: - mod_tls/2.1.2: compiled using OpenSSL version 'OpenSSL 0.9.7k 05 Sep 2006' headers, but linked to OpenSSL version 'OpenSSL 0.9.7a Feb 19 2003' library - Fatal: unable to load module 'mod_tls.c': Operation not permitted [FAILED]
Starting proftpd: - mod_tls/2.2.1: compiled using OpenSSL version 'OpenSSL 0.9.8i 15 Sep 2008' headers, but linked to OpenSSL version 'OpenSSL 0.9.8g 19 Oct 2007' library
proftpd has its own set of issues obviously built with i headers and linked to g headers. Any ideas wtf I did? I recomplined and restarted everything. I removed the g and i libraries completely. OpenSSH seems happy and nothing is actually "wrong", the server is working fine but I'm really anal retentive this way...it's kinda how I feel "safer" at the OS level.
I have been attempting to install Proftpd on linux(cent os 5 32 bit). The issue is i have to use proftpd i can't use vsftp or pure ftp I have downloaded the RPM. I downloaded this one to the server [url]. and i ran the command rpm -ivh proftpd* and it did its thing for a second and told me it was done. But when i run the command /etc/init.d/proftpd start or restart it doesn't wanna start. It just tells me failed. Can anyone help me with this? I'm not sure what else i can do.
I try to upload a big file between 300 and 500 MB by FTP to my dedicated server but connection is broken and when I try to do the resume it's not allowed how can I enable upload big files and resume files in ProFTPD 1.3.0a or am I missing something inthe conf file ?.
Currently having a problem with proftpd on my centos plesk 8.1 server.
During large uploads, lets say around 10 MB the FTP connection fails within 5 minutes or so saying:
"A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond."
I have asked for help from my server provider but they have tried and are now unable to help.
I currently have the APF firewall in my server.
Has anyone experienced this?
Below is the APF config file that i currently have & the proftpd config files that i have, if anyone can help it would be really really appreciated
APF CONFIG:
Code: #!/bin/sh # # APF 0.9.6 [apf@r-fx.org] # # NOTE: This file should be edited with word/line wrapping off, # if your using pico please start it with the -w switch # (e.g: pico -w filename) #
## # [Devel Mode] # !!! Do not leave set to (1) !!! # When set to enabled; 5 minute cronjob is set to stop the firewall. Set # this mode off (0) when firewall determined to be operating as desired. ##
# The installation path of APF; this can be changed but it has not # been tested what would happen. INSTALL_PATH="/etc/apf"
# Untrusted Network interface(s); all traffic on defined interface will be # subject to all firewall rules. This should be your internet exposed # interfaces. Only one interface is accepted for each value. # NOTE: The interfacing structure is being worked towards support of MASQ/NAT IFACE_IN="eth0" IFACE_OUT="eth0"
# Trusted Network interface(s); all traffic on defined interface(s) will by-pass # ALL firewall rules, format is white space or comma seperated list. IFACE_TRUSTED=""
# Enable virtual network subsystem; creats independent policy ruleset for each # ip on a system (pulls data from 'ip addr list') to /etc/apf/vnet/ip.rules # Template is located in the vnet/ folder for rule files. This feature can # reduce apf start/stop performance and is not recommend for systems with more # than 255 (/24) ip's. [0 = Disabled / 1 = Enabled] SET_VNET="0"
# Support Monolithic kernel builds [no LKM's]. This mode of operation is # not really supported and you use at your own risk. SET_MONOKERN="0"
# Verifies that all inbound traffic is sourced from a defined local gateway MAC # address. All other traffic that does not match this source MAC address will be # rejected as untrusted traffic. It is quite trivial to forge a MAC address and as # such this feature executes NO default accept policy against this MAC address. VF_LGATE=""
# Verifies that the IF and IFACE_TRUSTED interfaces are actually routed (/sbin/route) # to something. If not then chances are APF will not start properly if at all. VF_ROUTE="1"
# Verifies that crond service is running when DEVEL_MODE=1; if not then APF will not # try to load as if lock-up occures no cron service to flush firewall VF_CROND="1"
# Verifies that the current system uptime is greater than this value before APF # can activate. This is to prevent on-boot lockup issues or delays due to excessive # amount of firewall rules. Value is in seconds; should you wish to disable this # feature, simply set VF_UTIME to 0 value. !! NOTE: APF WILL NOT START ON IT's OWN; # IT WILL EXIT WITH FATAL ERROR BELOW SET UPTIME !! VF_UTIME="0"
## # [Packet Filtering/Handling] ##
# How to handle TCP packet filtering? # # RESET (sends a tcp-reset; TCP/IP default) # DROP (drop the packet; stealth ?) # REJECT (reject the packet) TCP_STOP="DROP"
# How to handle UDP packet filtering? # # RESET (sends a icmp-port-unreachable; TCP/IP default) # DROP (drop the packet; stealth ?) # REJECT (reject the packet) # PROHIBIT (send an icmp-host-prohibited) UDP_STOP="DROP"
# How to handle all other packet filtering? (icmp,arp,igmp) # # DROP (drop the packet) # REJECT (reject the packet) DSTOP="DROP"
# The sanity options control the way packets are scrutinized as # they flow through the firewall. The main PKT_SANITY option is a # top level toggle for all SANITY options and provides general # packet flag sanity as a pre-scrub for the other sanity options PKT_SANITY="1"
# Block any packets that do not conform as VALID; this feature # is safe for most but some may experience protocol issues with # broken remote clients PKT_SANITY_INV="0"
So I am unsure where it is getting the "300 seconds" from.
Even though the error states 300 seconds, this problem happens way before 300 seconds every time and has happened during the transfer of files (when the connection has been active and in use).
I've tried 3 different FTP clients and used the "Keep Alive" option in each and it has absolutely no effect.
I am unsure if APF is causing the problem, I can't see any problems in any of the server logs in relation to ftp.