View Poll Results: Do you think that gproftpd is useful ?

Voters
872. You may not vote on this poll
  • Yes, it's easy to use and really powerful

    473 54.24%
  • Yes, but i won't use it

    136 15.60%
  • No, the GUI has to be improved

    263 30.16%
Page 43 of 123 FirstFirst ... 3341424344455393 ... LastLast
Results 421 to 430 of 1225

Thread: HOWTO : Create a FTP server with user access (proftpd)

  1. #421
    Join Date
    Apr 2007
    Beans
    40

    Re: HOWTO : Create a FTP server with user access (proftpd)

    oops, guess i missed a couple lines at the top. This is what it says:

    root@Server:~# proftpd -td5
    Checking syntax of configuration file
    - mod_ctrls/0.9.4: binding ctrls socket to '/var/run/proftpd/proftpd.sock'
    - parsing '/etc/proftpd/proftpd.conf' configuration
    - <Directory /home/tjar/media>: deferring resolution of path
    - IPv6 getaddrinfo 'Server' error: Name or service not known
    Server -
    Server - Config for ServerTorkel:
    Server - /home/tjar/media
    Server - Limit
    Server - AllowAll
    Server - Limit
    Server - AllowAll
    Server - Umask
    Server - DirUmask
    Server - AllowOverwrite
    Server - AuthAliasOnly
    Server - ShowSymlinks
    Server - DisplayFirstChdir
    Server - ListOptions
    Server - RequireValidShell
    Server - RootLogin
    Server - TransferLog
    Server - UseFtpUsers
    Server - AllowStoreRestart
    Server - MaxClients
    Server - MaxClientsPerHost
    Server - MaxClientsPerUser
    Server - MaxHostsPerUser
    Server - AccessGrantMsg
    Server - Limit
    Server - AllowUser
    Server - DenyAll
    Server - AllowOverwrite
    Server - AuthAliasOnly
    Server - DeferWelcome
    Server - DefaultServer
    Server - ShowSymlinks
    Server - TimeoutNoTransfer
    Server - TimeoutStalled
    Server - TimeoutIdle
    Server - DisplayFirstChdir
    Server - ListOptions
    Server - RequireValidShell
    Server - TimeoutLogin
    Server - RootLogin
    Server - ExtendedLog
    Server - TransferLog
    Server - UseFtpUsers
    Server - AllowStoreRestart
    Server - UserID
    Server - UserName
    Server - GroupID
    Server - GroupName
    Server - Umask
    Server - DirUmask
    Server - MaxClients
    Server - MaxClientsPerHost
    Server - MaxClientsPerUser
    Server - MaxHostsPerUser
    Server - AccessGrantMsg
    Server - ServerIdent
    Server - DefaultRoot
    Server - DefaultRoot
    Server - MaxLoginAttempts
    Server - mod_ctrls/0.9.4: binding ctrls socket to '/var/run/proftpd/proftpd.sock'
    Syntax check complete.

  2. #422
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO : Create a FTP server with user access (proftpd)

    It looks good, the IPv6 error shouldn't prevent the FTP server from running properly, your problem should be elsewhere.

  3. #423
    Join Date
    Aug 2006
    Location
    Wisconsin, USA
    Beans
    1,484
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO : Create a FTP server with user access (proftpd)

    ojve: I had to add sudo in front of the command to start the server. Otherwise I was getting permission denied on some things. Also, make sure the user you created in still in your Users & Groups under System / Administration.

    frodon: Thanks for the guide! I have my FTP working. I wanted to set it up with SSL/TLS (I don't know the difference or if they are the same thing). I followed your steps, and I get prompted to enter the key on starting the server. The server starts fine, but how do I know if the SSL/TLS is working? Is there a way to check? I can still connect just the same with Firefox and KFTP Grabber on my other box. I feel like I should have had to accept a certificate or configure something in order for it to connect.

    Any help would be appreciated! Thanks again!

    Cheers!

  4. #424
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO : Create a FTP server with user access (proftpd)

    In the log you will see the TLS step and if you try yourself to log in your server you will see that you need to accept the certificate you created before giving the username and password.
    It also depend of the parameter "TLSRequired off" if you left it at the off state then normal connections (not encrypted) will be allowed but if you want for security reasons to accept only encrypted connections then put this parameter at the "on" state and your server will accept only TLS encrtpted traffic.
    Be careful not all the FTP client support TLS encryption, GFTP do not for example.

  5. #425
    Join Date
    Aug 2006
    Location
    Wisconsin, USA
    Beans
    1,484
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO : Create a FTP server with user access (proftpd)

    I deleted my log file and started it from scratch. This log file has loggings of me running the start command to start the server, and attempting to login once. (Which was successful, but I was never prompted to accept a certificate):

    Code:
    Apr 04 11:30:40 love proftpd[5828] love: error setting IPV6_V6ONLY: Protocol not available
    Apr 04 11:30:40 love proftpd[5828] love: ProFTPD 1.3.0 (stable) (built Wed Nov 29 02:01:20 UTC 2006) standalone mode STARTUP
    Apr 04 11:30:45 love proftpd[5850] love (xx.xx.xx[::ffff:xx.xx.xx]): error setting IPV6_V6ONLY: Protocol not available
    Apr 04 11:30:45 love proftpd[5850] love (xx.xx.xx[::ffff:xx.xx.xx]): FTP session opened.
    Apr 04 11:30:45 love proftpd[5850] love (xx.xx.xx[::ffff:xx.xx.xx]): no such user 'anonymous'
    Apr 04 11:30:45 love proftpd[5850] love (xx.xx.xx[::ffff:xx.xx.xx]): USER anonymous: no such user found from xx.xx.xx [::ffff:xx.xx.xx] to ::ffff:xx.xx.xx:21
    Apr 04 11:30:57 love proftpd[5850] love (xx.xx.xx[::ffff:xx.xx.xx]): USER districtthree: Login successful.
    Apr 04 11:30:57 love proftpd[5850] love (xx.xx.xx[::ffff:xx.xx.xx]): error setting IPV6_V6ONLY: Protocol not available
    Apr 04 11:30:57 love proftpd[5850] love (xx.xx.xx[::ffff:xx.xx.xx]): error setting IPV6_V6ONLY: Protocol not available
    Apr 04 11:35:57 love proftpd[5850] love (xx.xx.xx[::ffff:xx.xx.xx]): FTP session closed.
    /etc/proftpd/proftpd.conf is as follows...

    Code:
    #
    # /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
    # To really apply changes reload proftpd after modifications.
    # 
    
    # Includes DSO modules
    Include /etc/proftpd/modules.conf
    
    ServerName			"Fleur"
    ServerType			standalone
    DeferWelcome			off
    
    MultilineRFC2228		on
    DefaultServer			on
    ShowSymlinks			on
    
    TimeoutNoTransfer		600
    TimeoutStalled			600
    TimeoutIdle			1200
    
    DisplayLogin                    welcome.msg
    DisplayFirstChdir               .message
    ListOptions                	"-l"
    
    DenyFilter			\*.*/
    
    # Port 21 is the standard FTP port.
    Port				21
    
    # In some cases you have to specify passive ports range to by-pass
    # firewall limitations. Ephemeral ports can be used for that, but
    # feel free to use a more narrow range.
    # PassivePorts                    49152 49153
    
    # To prevent DoS attacks, set the maximum number of child processes
    # to 30.  If you need to allow more than 30 concurrent connections
    # at once, simply increase this value.  Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances			10
    
    # Set the user and group that the server normally runs at.
    User				proftpd
    Group				nogroup
    
    # Umask 022 is a good standard umask to prevent new files and dirs
    # (second parm) from being group and world writable.
    Umask				022  022
    # Normally, we want files to be overwriteable.
    AllowOverwrite			on
    
    # Uncomment this if you are using NIS or LDAP to retrieve passwords:
    # PersistentPasswd		off
    
    # Be warned: use of this directive impacts CPU average load!
    #
    # Uncomment this if you like to see progress and transfer rate with ftpwho
    # in downloads. That is not needed for uploads rates.
    # UseSendFile			off
    
    TransferLog /var/log/proftpd/xferlog
    SystemLog   /var/log/proftpd/proftpd.log
    
    <IfModule mod_tls.c>
    TLSEngine off
    </IfModule>
    
    <IfModule mod_quota.c>
    QuotaEngine on
    </IfModule>
    
    <IfModule mod_ratio.c>
    Ratios on
    </IfModule>
    
    
    # Delay engine reduces impact of the so-called Timing Attack described in
    # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
    # It is on by default. 
    <IfModule mod_delay.c>
    DelayEngine on
    </IfModule>
    
    <IfModule mod_ctrls.c>
    ControlsEngine        on
    ControlsMaxClients    2
    ControlsLog           /var/log/proftpd/controls.log
    ControlsInterval      5
    ControlsSocket        /var/run/proftpd/proftpd.sock
    </IfModule>
    
    <IfModule mod_ctrls_admin.c>
    AdminControlsEngine on
    </IfModule>
    
    # A basic anonymous configuration, no upload directories.
    
    # <Anonymous ~ftp>
    #   User				ftp
    #   Group				nogroup
    #   # We want clients to be able to login with "anonymous" as well as "ftp"
    #   UserAlias			anonymous ftp
    #   # Cosmetic changes, all files belongs to ftp user
    #   DirFakeUser	on ftp
    #   DirFakeGroup on ftp
    # 
    #   RequireValidShell		off
    # 
    #   # Limit the maximum number of anonymous logins
    #   MaxClients			10
    # 
    #   # We want 'welcome.msg' displayed at login, and '.message' displayed
    #   # in each newly chdired directory.
    #   DisplayLogin			welcome.msg
    #   DisplayFirstChdir		.message
    # 
    #   # Limit WRITE everywhere in the anonymous chroot
    #   <Directory *>
    #     <Limit WRITE>
    #       DenyAll
    #     </Limit>
    #   </Directory>
    # 
    #   # Uncomment this if you're brave.
    #   # <Directory incoming>
    #   #   # Umask 022 is a good standard umask to prevent new files and dirs
    #   #   # (second parm) from being group and world writable.
    #   #   Umask				022  022
    #   #            <Limit READ WRITE>
    #   #            DenyAll
    #   #            </Limit>
    #   #            <Limit STOR>
    #   #            AllowAll
    #   #            </Limit>
    #   # </Directory>
    # 
    # </Anonymous>
    
    <IfModule mod_tls.c>
        TLSEngine on
        TLSLog /var/ftpd/tls.log
        TLSProtocol TLSv1
    
        # Are clients required to use FTP over TLS when talking to this server?
        TLSRequired on
    
        # Server's certificate
        TLSRSACertificateFile /etc/ftpcert/server.crt
        TLSRSACertificateKeyFile /etc/ftpcert/server.key
    
        # CA the server trusts
        TLSCACertificateFile /etc/ftpcert/ca.crt
    
        # Authenticate clients that want to use FTP over TLS?
        TLSVerifyClient off
    </IfModule>
    I turned it to ON, but I still didn't get prompted. Thanks for the help frodon.

    Edit: My computer name is love, I am user fleur. fleur@love:~$
    Last edited by Ek0nomik; April 4th, 2007 at 05:42 PM. Reason: Added name.

  6. #426
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO : Create a FTP server with user access (proftpd)

    You have :
    Code:
    <IfModule mod_tls.c>
    TLSEngine off
    </IfModule>
    This is for sure the or a least one of the reasons why your TLS encryption isn't active.

  7. #427
    Join Date
    May 2006
    Location
    Milwaukee,WI
    Beans
    6,280
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: HOWTO : Create a FTP server with user access (proftpd)

    hi frondon, i am back. i had stopped using my ftp server but now I want it again. i removed the backport and installed dapper version 1.2.10-27ubuntu3.1. i followed this guide to make sure it would work with my router. (this time I am going with "standalone" as I could never get xinetd to work with ssl/tls or without?
    (http://ubuntuforums.org/showpost.php...2&postcount=81) no matter what I try I can't get tls/ssl to work i am in dapper. i have forwarded both ports 20 and 21 and 60000 and 65534 (65534 is the last port available in my netgear router). i have made sure that iptables isn't blocking any of them. this is what the fireftp log shows so this is really weird:

    220 you're at home
    AUTH TLS
    234 AUTH TLS successful
    PBSZ 0

    but it does say that over and over and over but the error window pops up right away. oh, i am working/troublshooting my dapper server thru putty in windows and using firefox/fireftp on that same machine to test my ftp server.another thing that's weird is that I can connect locally by using the ftp command. this is the tls.log file on the server it self.

    Apr 05 23:03:23 mod_tls/2.0.7[20517]: unable to accept TLS connection:
    (1) error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATEeer did not return a certificate
    Apr 05 23:03:23 mod_tls/2.0.7[20517]: TLS/TLS-C negotiation failed on control channel

    it appears that something is blocking the certificate from being passed thru the control channel? or the peer isn't sending the cert back? i do click ok in the firefox cert request i am using fireftp version 0.95.2 in firefox version 2.0.0.3. can you sugegst anything? I would be very greateful if you could. a little dialog does appear asking if I want to accept the cert and i click on yes, then I get this weird error in firefox. i tried taking a snapshot of it and putting it in imageshack but out of know where just now my netowrk connection is lagging horribly.

    i have even tried disabling tls/ssl and this is what i get in the log file:

    331 Password required for xxxxxxxxx.
    PASS (password not shown)
    230 YOU MADE IT!
    TYPE A
    200 Type set to A
    CWD /
    250 CWD command successful
    PASV
    227 Entring Passive Mode (xxxxxxxxxxx,243,171
    Error: [Exception... "Component returned failure code: 0x80070057 (NS_ERROR_ILLEGAL_VALUE) [nsISocketTransportService.createTransport]" nsresult: "0x80070057 (NS_ERROR_ILLEGAL_VALUE)" location: "JS frame :: chrome://fireftp/content/js/connection/dataSocket.js :: anonymous :: line 41" data: no]
    Unable to make a data connection. Please try again.
    LIST -al

    then a message pops up and says, unable to make data connection. it just doesn't make sense due to the fact that I have triple checked all the port forwarding etc etc. any suggestions.

  8. #428
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO : Create a FTP server with user access (proftpd)

    You should read carefully this post and check that you have well added your MasqueradeAddress and PassivePorts commands which are needed when you use a router.

    You can always try those parameters if it still don't work :
    Code:
    UseReverseDNS off
    IdentLookups off

  9. #429
    Join Date
    Aug 2006
    Beans
    25

    Re: HOWTO : Create a FTP server with user access (proftpd)

    Hello again,

    I fixed the "500 FTP server shut down" error by reinstalling as standalone server.
    Now I have a little problem with my permissions. If I try copying a file(with command sudo cp file_name /home/FTP-shared/download) to the download folder(that way someone can download it)

    I don't get the same permissions as the folder:

    drwxr-xr-x 2 root root 4096 2007-04-03 20:40 download

    I only get:

    -rwx------

    If I connect from remote I can't download the file. I must add permission "read" to group and user(-rwxr--r-- )

    Is it possibile to copy and assign the same permissions as the folder?

    Thanks
    Last edited by Harry_Callahan; April 6th, 2007 at 01:53 PM.

  10. #430
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO : Create a FTP server with user access (proftpd)

    This is a right management question, when you copy a file it keeps its own permission. So except giving the file you want to copy in the download folder the read permission before copying it i have no clue.
    BTW you can mount a whole directory in /home/FTP-shared/download if you wish using the "mount -o bind" command rather than copying files in the download directory.

Page 43 of 123 FirstFirst ... 3341424344455393 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •