Ricardo,

I followed the advice you offered back-channel and backed off the galaxy 
changes to support pbkdf2.  I can now authenticate via the latest stable 
release of ProFTPD.

Thanks!

Malcolm

On Thursday 20 June 2013 10:54:44 Perez, Ricardo wrote:
> I am sorry, i posted the wrong configuration file above.  I am posting now 
> the updated proftpd.conf , the differences is that some things are commented 
> out and others are not.
> 
> # This is a basic ProFTPD configuration file (rename it to 
> # 'proftpd.conf' for actual use.  It establishes a single server
> # and a single anonymous login.  It assumes that you have a user/group
> # "nobody" and "ftp" for normal operation and anon.
> 
> ServerName                    "Genomics01 ProFTPd"
> ServerType                    standalone
> DefaultServer                 on
> DeferWelcome                    off
> UseIPv6                         on
> IdentLookups                    off
> MultilineRFC2228                on
> ShowSymlinks                    on
> 
> ModulePath                    
> /usr/local/galaxy/downloads/proftpd-1.3.5rc3/modules/
> 
> LoadModule                    mod_sql.c
> LoadModule                    mod_sql_postgres.c
> LoadModule                    mod_sql_passwd.c
> 
> <IfModule mod_sql.c>
> SQLBackend                    postgres
> SQLEngine                     on
> SQLAuthenticate               users
> SQLAuthTypes                  SHA1 SHA256 pbkdf2
> SQLPasswordPBKDF2             SHA256 1000 24
> #SQLPasswordSaltFile          /path/to/file
> SQLConnectInfo                        galaxydb@localhost:5432 ftpuser 
> mypassword
> SQLUserInfo                   custom:/LookupGalaxyUser
> #SQLNamedQuery                LookupGalaxyUser SELECT 
> "email,password,'galaxy','galaxy','/usr/local/galaxy/galaxy-dist/database/ftp/%U','/bin/bash'
>  FROM galaxy_user WHERE email='%U'"
> 
> SQLPasswordUserSalt           sql:/GetUserSalt
> 
> 
> SQLNamedQuery                 LookupGalaxyUser  SELECT "email, (CASE WHEN 
> substring(password from 1 for 6) = 'PBDKF2' THEN substring(password from 38 
> for 69) ELSE password END) AS 
> password2,'galaxy','galaxy','/usr/local/galaxy/galaxy-dist/database/ftp/%U','/bin/bash'
>  FROM galaxy_user WHERE email='%U'"
> 
> SQLNamedQuery                 GetUserSalt SELECT "(CASE WHEN SUBSTRING 
> (password from 1 for 6) = 'PBDKF2' THEN SUBSTRING (password from 21 for 36) 
> END) AS salt FROM galaxy_user WHERE email='%U'"
> 
> 
> </IfModule>
> 
> SQLDefaultGID                   1002
> SQLDefaultUID                   1002
> 
> TimeoutNoTransfer               600
> TimeoutStalled                  600
> TimeoutIdle                     1200
> 
> DisplayLogin                    welcome.msg
> DisplayChdir                    .message true
> ListOptions                     "-l"
> 
> DenyFilter                      \*.*/
> 
> # Use this to jail all users in their homes
> DefaultRoot                     ~
> CreateHome                      on dirmode 700
> AllowOverwrite                  on
> AllowStoreRestart               on
> SQLPasswordEngine               on
> SQLPasswordEncoding             hex
> PassivePorts                  30000 40000
> 
> 
> 
> # Port 21 is the standard FTP port.
> Port                          21
> 
> # Don't use IPv6 support by default.
> # Umask 022 is a good standard umask to prevent new dirs and files
> # from being group and world writable.
> Umask                         077
> 
> # To prevent DoS attacks, set the maximum number of child processes
> # to 30.  If you need to allow more than 30 concurrent connections
> # at once, simply increase this value.  Note that this ONLY works
> # in standalone mode, in inetd mode you should use an inetd server
> # that allows you to limit maximum number of processes per service
> # (such as xinetd).
> MaxInstances                  30
> 
> # Set the user and group under which the server will run.
> User                          galaxy
> Group                         galaxy
> 
> # To cause every FTP user to be "jailed" (chrooted) into their home
> # directory, uncomment this line.
> #DefaultRoot ~
> 
> # Normally, we want files to be overwriteable.
> AllowOverwrite                on
> 
> AuthOrder                       mod_sql.c
> 
> 
> # Bar use of SITE CHMOD by default
> #<Limit SITE_CHMOD>
> #  DenyAll
> #</Limit>
> Include /etc/proftpd/conf.d/
> ___________________________________________________________
> Please keep all replies on the list by using "reply all"
> in your mail client.  To manage your subscriptions to this
> and other Galaxy lists, please use the interface at:
>   http://lists.bx.psu.edu/
> 
> To search Galaxy mailing lists use the unified search at:
>   http://galaxyproject.org/search/mailinglists/
> 

-- 
Malcolm Tobias
314.362.1594

___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  http://lists.bx.psu.edu/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/mailinglists/

Reply via email to