Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

10.3: A fix for proftpd not allowing user login UNIX
This is a hint on making the proftpd ftp server work on Panther. I use it because it allows me to lock users in their home directory, whereas with the ftp server that comes with the system, a user can roam the whole directory tree (except for other users' home folders). I installed proftpd and configured it as I had with Jaguar, using the following instrucitons on macosXhints (Hint #1, Hint #2). Remember to set the user and group for proftpd to "root" and "wheel". The sever did work but would not allow users to login. If this happens, all you need to do is open a terminal and then type:
 % cd /etc/pam.d
 % sudo cp ftpd ftp
This will copy the ftpd file and name the copy ftp. Restart the server from the Sharing preferences panel and it should all work. It has for me.

[robg adds: I haven't verified this one yet ... and according to this hint, ftpchroot should now work to lock FTP users into their home directories even with the stock FTP server.]
    •    
  • Currently 2.50 / 5
  You rated: 4 / 5 (6 votes cast)
 
[18,286 views]  

10.3: A fix for proftpd not allowing user login | 6 comments | Create New Account
Click here to return to the '10.3: A fix for proftpd not allowing user login' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.3: A fix for proftpd not allowing user login
Authored by: kevinv on Nov 04, '03 10:01:54AM

I gave up on FTP. Now I use SFTP via OpenSSH and use Fugu as the front end. Works great. Since I mainly use this to work on web sites "live" (I know, bad idea) the Fugu integration with BBEdit makes up for losing BBEdit's Open via FTP feature.



[ Reply to This | # ]
10.3: A fix for proftpd not allowing user login
Authored by: Buur on Nov 06, '03 09:02:32AM
Your tip didn't work for me... So I stumbled on... Proftpd was working fine, but not allowing anyone to get in... :-(
Suddenly I remembered another 'feature' of proftpd: users must have a valid shell! So, if you're like me then ftp users can not login via telnet or ssh or a normal shell, they're limited to ftp. In Netinfo they have been 'rewarded' a shell of /dev/null or /sbin/nologin... But those shells are standard not in /etc/shells !!! I had to manually add them to make proftpd work. What I did: Open Terminal and enter
% sudo pico /etc/shells
Type your admin password when asked. Edit the file by adding
/dev/null<br>
/sbin/nologin
(or whatever you have given to ftp users).
Remember to add a return after the last entry! The file must end with an extra line.
Now, Ctrl-O, hit Return, Ctrl-X and exit the Terminal window.

That did it for me.

---
Developers + (Free Time or Exhaustion) + (Beer or Caffeine) - Social Life = Weird Features

[ Reply to This | # ]

10.3: A fix for proftpd not allowing user login
Authored by: apacor on Nov 09, '03 11:54:14PM

Thanks for continuing this thread. I posted the original hint out of frustration for not finding anything helpful on the web, and since I stumbled on a fix I thought I could share.

I would like to add that my fix worked for me with proftpd 1.2.8p. It would not work with 1.2.9 (latest). I couldn't make your fix work either with the latest release.

Anyway, I since thought that a link would be a cleaner way of fixing the problem (provided my fix works at least for some people out there). Open a Terminal and type:

cd /etc/pam.d
sudo ln ftpd ftp

This will simply create a link to the "ftpd" file and call it "ftp." It worked for me.



[ Reply to This | # ]
PAM Authentication disallows FTP Login
Authored by: richaber on Sep 29, '04 12:27:44AM

Forgive me for stating the obvious, but up until I ran across this hint and noticed the pam.d directory in the instructions, I had never actually heard of PAM Authentication before.

After digging around and wondering what the heck this hint did exactly, I decided to check the ProFTPD documentation itself, I know, a novel concept. There I found the lines in README.PAM that say --

Mac OS X

--------

To use PAM with ProFTPD, you must edit

/etc/pam.d/ftp
and add the following lines:
auth       required    pam_unix.so try_first_pass
account    required    pam_unix.so try_first_pass
session    required    pam_permit.so

Note that it does say

/etc/pam.d/ftp

and not

/etc/pam.d/ftpd

ftpd is the PAM authentication file that already exists by default in 10.3, and the hint apacor provided is simply duplicating that file to satisfy ProFTPD's requirement of having a PAM file named ftp.

Although I did not dupe ftpd the file, I created a new one named ftp with the lines exactly as they appeared in the README.PAM file, I would never have figured this out on my own.

Now I feel silly for not having read all the README files in the ProFTPD install in the first place. Thanks for putting me on the right track apacor!

[ Reply to This | # ]

10.3: A fix for proftpd not allowing user login
Authored by: Pex on Nov 25, '03 08:21:04PM

Unfortunately, the fix didn't work for me. I had to:

1. add new users to the 'staff' group (Panther doesn't);
2. set 'authentication_authority' to ';basic;' for new users in Netinfo Manager;
3. use 'openssl passwd {password}' to encrypt;
4. paste the encrypted password in the proper field within Netinfo Manager.

I don't know whether this is orthodox, but it worked on my system. Note that only the users I created after upgrading to 10.3 were unable to login to my FTP server.



[ Reply to This | # ]
10.3: A fix for proftpd not allowing user login
Authored by: megaton on Feb 22, '06 07:03:57AM

Use PureFTP and all your problems will be solved. FTP only user accounts, locked down to user-specific directories. It doesn't get any better. I was up in arms over FTP until I found PureFTP. You won't be sorry! (no I'm not the author)

http://macupdate.com/info.php/id/12630



[ Reply to This | # ]