Re: ftp nologin problem
On Wed, 28 Dec 2005 09:59:47 +, Matthew Seaman [EMAIL PROTECTED] said: Imran Imtiaz wrote: I am running ProFTPD 1.2.10 on my bsd server but the problem is that if a user don't have a shell and I've defined his shell as nologin then the ftp server does not logon and give the following error C:\Documents and Settings\Asifftp 192.168.0.3 Connected to 192.168.0.3. 220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [192.168.0.3] User (192.168.0.3:(none)): db.backup 331 Password required for db.backup. Password: 530 Login incorrect. Login failed. ftp tell me how can I correct this problem cause I don't want to give user a shell. Yes -- in order for a user to log in successfully via FTP they need: ... If you're trying to setup a highly secure mechanism for copying files over the net for backup, then I'd counsel against using FTP at all -- it's one of those archaic 'dawn of the internet' type protocols that does nasty things like transmitting passwords over networks in plain text. Two much better alternatives are: FTP is actually a very well designed protocol. Jon Postel was no idiot. It is highly reliable and the RFC 959 return codes make it ideal for unattended file transfers. You are right about its security problems. However, ProFTPD, the server that he is using, supports SSL/TLS, which does not transmit passwords in clear text. To talk to ProFTPD using SSL/TLS, you will need to use OpenBSD's ftp-tls client, which is in the ports. Sandy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ftp nologin problem
On Tue, Jan 03, 2006 at 08:26:57PM +0500, Imran Imtiaz wrote: it gives the following error - Fatal: unknown configuration directive 'equireValidShell' on line 13 of -^ You missed an R. :) '/usr/local/etc/proftpd.conf'. - Original Message - From: Leonidas Tsampros [EMAIL PROTECTED] To: Imran Imtiaz [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Sent: Tuesday, January 03, 2006 6:27 PM Subject: Re: ftp nologin problem On Wed, Dec 28, 2005 at 12:36:21PM +0500, Imran Imtiaz wrote: I am running ProFTPD 1.2.10 on my bsd server but the problem is that if a user don't have a shell and I've defined his shell as nologin then the ftp server does not logon and give the following error C:\Documents and Settings\Asifftp 192.168.0.3 Connected to 192.168.0.3. 220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [192.168.0.3] User (192.168.0.3:(none)): db.backup 331 Password required for db.backup. Password: 530 Login incorrect. Login failed. ftp tell me how can I correct this problem cause I don't want to give user a shell. Regards, Imran Imtiaz Try this options in your proftpd.conf : RequireValidShell off ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ftp nologin problem
On Wed, Dec 28, 2005 at 12:36:21PM +0500, Imran Imtiaz wrote: I am running ProFTPD 1.2.10 on my bsd server but the problem is that if a user don't have a shell and I've defined his shell as nologin then the ftp server does not logon and give the following error C:\Documents and Settings\Asifftp 192.168.0.3 Connected to 192.168.0.3. 220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [192.168.0.3] User (192.168.0.3:(none)): db.backup 331 Password required for db.backup. Password: 530 Login incorrect. Login failed. ftp tell me how can I correct this problem cause I don't want to give user a shell. Regards, Imran Imtiaz Try this options in your proftpd.conf : RequireValidShell off ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ftp nologin problem
Imran Imtiaz wrote: I am running ProFTPD 1.2.10 on my bsd server but the problem is that if a user don't have a shell and I've defined his shell as nologin then the ftp server does not logon and give the following error C:\Documents and Settings\Asifftp 192.168.0.3 Connected to 192.168.0.3. 220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [192.168.0.3] User (192.168.0.3:(none)): db.backup 331 Password required for db.backup. Password: 530 Login incorrect. Login failed. ftp tell me how can I correct this problem cause I don't want to give user a shell. Yes -- in order for a user to log in successfully via FTP they need: * a user account * a valid shell (appears in /etc/shells) * not to be in the list of user accounts *denied* ftp access, confusingly kept in /etc/ftpusers I suspect it's point 2 that you are running into here. However, do not just blindly add /sbin/nologin to /etc/shells -- any user account that gets created on your system solely for the purpose of owning files or processes will probably end up with nologin as its shell. Putting nologin into /etc/shells potentially creates a back door by which those accounts can be used with FTP. Instead, take a copy of /sbin/nologin, call it /usr/local/bin/ftp-only and use that as the shell for all ftp users. Add that to /etc/shells and everything should work the way you want. If you're trying to setup a highly secure mechanism for copying files over the net for backup, then I'd counsel against using FTP at all -- it's one of those archaic 'dawn of the internet' type protocols that does nasty things like transmitting passwords over networks in plain text. Two much better alternatives are: WebDav over HTTPS -- very easy to use from the Windows desktop via the 'map network location' feature. One gotcha is that if you're using a self signed cert on your webserver then you have to click on 'examine certificate' the first time you connect to the server, and then click on 'accept this certificate' or Windows will silently refuse to map the web location. rsync or scp over ssh. On the Windows side, you'll need a SSH client, like Putty (http://www.chiark.greenend.org.uk/~sgtatham/putty/) scp is built into Putty, but adding rsync capability will need you to do a bit more work. You'll need to install rsync (Ports: net/rsync) on your FreeBSD server, plus the Cygwin environment on your windows machines ( http://www.cygwin.com/) Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
ftp nologin problem
I am running ProFTPD 1.2.10 on my bsd server but the problem is that if a user don't have a shell and I've defined his shell as nologin then the ftp server does not logon and give the following error C:\Documents and Settings\Asifftp 192.168.0.3 Connected to 192.168.0.3. 220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [192.168.0.3] User (192.168.0.3:(none)): db.backup 331 Password required for db.backup. Password: 530 Login incorrect. Login failed. ftp tell me how can I correct this problem cause I don't want to give user a shell. Regards, Imran Imtiaz ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
