proFTPd configuration

Discussion in 'Installation/Configuration' started by Nejko, Jan 19, 2006.

  1. Nejko

    Nejko New Member


    I was wondering if anyone could post here some info, how to configure proftpd. WebAdmin gave me that;

    Shell /bin/false for FTP users is not included in /etc/shells, which may prevent FTP access.

    What should i do? Thanx for all your answers!

    CU, Nejc
  2. falko

    falko Super Moderator ISPConfig Developer

    Put /bin/false into the file /etc/shells.
  3. Nejko

    Nejko New Member

    amm, stupid question, but which command should i use?
  4. falko

    falko Super Moderator ISPConfig Developer

  5. Nejko

    Nejko New Member

    hmm, i did:
    [[email protected] ~]# echo /bin/false >> /etc/shells
    [[email protected] ~]#

    , but in webmin still:

    Shell /bin/false for FTP users is not included in /etc/shells, which may prevent FTP access.

  6. falko

    falko Super Moderator ISPConfig Developer

    Please post your /etc/shells here.
  7. Nejko

    Nejko New Member

    [email protected]^Q@^@^@^@^@[email protected]^@^@^@^@^@^@[email protected]^@^@^@^R^@^@^@^@^@^@^@^@^@^@[email protected]^A^@^@^@^@^@[email protected]^A^@^@^Âł^Ă;^@^@^@^A^@^@^@^@^@^@[email protected]
    Âł^Ă;^@^@^@^A^@^@^@^@^@^@[email protected]^P^NÂł^Ă;^@^@^@^A^@^@^@^@^@^@[email protected]^@^@[email protected]^A^@^@^P^@^@[email protected]^Yi ^@^@[email protected]
    ^@^@^@^@^@^@^@^@^@^@^@(3P^@^@^@^@^@^G^@^@^@^K^@^@^@^@^@^@^@^@^@^@[email protected]^@^@^@^@^@^G^@^$
    ^@^@^@^@^@^@^@^@^@^@[email protected]^@^@^@^@^@^G^@^@^@^O^@^@^@^@^@^@^@^@^@^@^@@3P^@^@^@^@^@^G^@^$
    ^@^@[email protected]@[email protected]^K^@^@[email protected][email protected]^L^@^@[email protected] [email protected]
    ^@^@[email protected][email protected]^N^@^@[email protected][email protected][email protected]^O^@^@[email protected]%:%^U+^U^@[email protected]^A^@^@[email protected][email protected]^W^@^@[email protected]%^U^@[email protected]^ĂĂH^ÿÿÿ%ò$^U^@[email protected]^VÞÿÿH^ĂĂ=Ă=Ă^T^@[email protected]^ĂĂH^ĂĂ^E°^T^@[email protected]
    ĂuĂĽL^ĂE^HÂ=Âş^T^@[email protected]^ĂĂ5Âź^T^@[email protected][email protected]^Ă81Ăè}^O^@[email protected]^A^@^@[email protected]^ĂE^Hfff^ĂëŁ^$H^Ă^UÂľ^T^@[email protected]
    Âś^T^@[email protected]
    H^ĂĂH^ĂĂ ^EW^U^@[email protected]^ODĂH^ĂĂH^ĂĂ Q^BH9T$Pv^RD^ĂĂ°Ăè^C$^G^D0H^Ă\$X^$Ăż^Ă^H[]ĂĂ˝^Q^AH9T$Pv^PD^ĂĂ°Ăè^F^D0H^Ă\$X^Ă^D^SI^ĂUSH^ĂĂŹ^Ă^@^@[email protected]^Ă|$XH^Ăt$PH^ĂTH^Ă\$XBĂ^D^K\I^èI^AĂH^Ă|$^Xè"A^BH9D$Pv
    H^ĂTA^AH9D$Pv H^ĂL$XĂ^D^A\I^Ă ^L8H^$
    ?I^Ă nÿÿÿI^ĂĂż^A^O^Ăš^C^@[email protected]^Ă H^Ă\$XĂ^D^C?I^ĂĂ^CI^Ăø^ĂD$|^Ă
    H^ĂTA^AH9D$Pv [email protected]^ĂT$HA^BH9D$Pv
    \I^Ă A^AH9D$Pv H^ĂT$XĂ^D^B\I^Ă H^Ă\$XĂ^D^C0I^ĂĂ^CAž0^@^@[email protected]^A^@^@[email protected]^ĂD$XBĂ^D^H'I^Ă H^ĂL$XĂ^D^A'I^ĂĂ^CAž'Âż ^U^Ă
    ^@[email protected]^ĂL$hHĂD$p^A^@^@[email protected]$|^A^@^@[email protected]^ĂD$XĂ^@'Aš^A^@^@[email protected]
    ^@[email protected][email protected]^@^@[email protected]^ĂøÿÿE1ĂL9L$Pv H^ĂL$XB^Ă^D I^ĂĂ^AB^OÂś^D^t^OH^ĂïèK^\^LL^Ăïè^Ă^E^@[email protected]^ĂĂ
    H^ĂC^HM$Ăø^E [email protected]=^ĂĂŽHĂĂŚ^DH^ĂĂèB^E^@[email protected]^Ă^Ev^W^P^@^Ă=l^W^P^@^ĂĂŞ)[email protected]^Ă D$ĂHĂD$Ă^@^@^@[email protected]@^H^@^@^@[email protected]@^P^@^@^@[email protected]@[email protected]H^Ă
    ^@[email protected]^ĂĂŠH^Ăž^A^@^@[email protected]^ĂĂè^EÎÿÿH^ĂC(H;C0^O^Ă^\^A^@[email protected]^@
    H^ĂĂ^AH^ĂC([email protected]^Ă8èjÎÿÿH^ĂC(H;C0^O^Ă^C^A^@[email protected]^@
    H^ĂĂ^AH^ĂC(Âş^E^@^@[email protected]
    ^@[email protected]~Ă5H ^@[email protected]$^ĂĂè35EÿÿH^ĂĂ 5^Ă ^@[email protected]^@[email protected]^E^@^@[email protected]^Ă5$ []A\ĂèüĂ*ÿÿº^E^@^@[email protected]
    ^@[email protected]^E^@^@[email protected]
    ^@[email protected]
    ^@[email protected]^A^@^@[email protected]^ĂĂ1Ăè°ÏÿÿÊ^ĂÞÿÿž
    ^@^@[email protected]^ĂĂè^^ÎÿÿÊà ^Ă ^D^Ă ^U^B^E.^@^@[email protected])ĂH^Ă@^$$^ĂĂè^LÎÿÿÊÜÞÿÿH^ĂĂŹĂ^@^@[email protected][email protected]^ĂL$HD^OÂśĂJ^Ă
    [email protected][email protected]
    [email protected])ĂI^ĂĂ
    or: %s OPTIONCu^SH^Ă^\$H^Ăl$^HL^Ăd$^PH^ĂĂ
    Exit with a status code indicating failure. ^XĂ1Ă*H^ĂĂff^Ăff^ĂHĂżĂ
    These option names may not be abbreviated.

    ^@^@^@ --help display this help and exit
    ^@^@^@^@ --version output version information and exit
    Report bugs to <%s>.
    [email protected]^@[email protected]_CORRECT^@--help^@[email protected] [email protected][email protected] [email protected][email protected] error$
    and %s.
    [email protected] by %s, %s, %s,
    %s, and %s.
    ^@^@^@^@[email protected] by %s, %s, %s,
    %s, %s, and %s.
    [email protected] by %s, %s, %s,
    %s, %s, %s, and %s.
    ^@^@^@^@[email protected] by %s, %s, %s,
    %s, %s, %s, %s,
    and %s.
    [email protected] by %s, %s, %s,
    %s, %s, %s, %s,
    %s, and %s.
    ^@^@^@^@[email protected] by %s, %s, %s,
    %s, %s, %s, %s,
    %s, %s, and others.
    ^@^@^@^@^@This is free software; see the source for copying conditions. There is NO
    ^@%s (%s) %s
    ^@%s %s
    ^@Written by %s.
    ^@Written by %s and %s.
    ^@Written by %s, %s, and %s.
    ^@^@^@Þôÿÿ^ĂþÿÿzþÿÿiþÿÿXþÿÿGþÿÿ6þÿÿ%þÿÿ^Tþÿÿ^Cþÿÿmemory exhausted^@^@^@^@^A^[^C;(^A^@^@$^@^@^@^ĂäÿÿD^^@^@^@^@^@^@^@^@^@^@^@^T^@^@^@Ăź^A^@^@^Lïÿÿ^S^@^@^@^@^@^@^@^@^@^@^@^T^@^@^@^T^B^@^@^Gïÿÿ ^B^@^@^@^@^\$@^@^@^@^@^@^@^@^T^@^@^@,^B^@^@ÚÎÿÿX^@^@^@^@^@^@^@^@^@^@^@$^@^@^@D^B^@^@9ïÿÿf^@^@^@^@B^N^PB^N^XA^N D^N^Ă^A^Ă^D^Ă^C^Ă
    @^@^@^@^@^@^G^@^@^@^@^@^@^@^Ă @^@^@^@^@^@^H^@^@^@^@^@^@^@Ă^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^X^@^@^@^@^@^@^@Þÿÿo^@^@^@^@P @^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@Ă^\^Ă^Ă;^@^@^@Ă°Ă^Ă;^@^@^@`Ě^Ă;^@^@$
    ^@^@^@^@^@^@Ă ^A^@^@^@^@^@^@^@^@^@^@^@^@^@^@^D^@^@^@^@^@^@^@^P^@^@^@^@^@^@^@m^@^@^@^A^@^@^@^F^@^@^@^@^@^@^@^@^O@^@^@^@^@^@^@^O^@^@^@^@^@^@^@^@^@^@P
    ^@^@^@^@^@^@Ă ^A^@^@^@^@^@^@^@^@^@^@^@^@^@^@^D^@^@^@^@^@^@^@^P^@^@^@^@^@^@^@m^@^@^@^A^@^@^@^F^@^@^@^@^@^@^@^@^O@^@^@^@^@^@^@^O^@^@^@^@^/bin/false

    something like that :D

    edit: after restart, that massage has gone away :) hope now ftp will work. :) if not, be sure that 'll post here :D

    edit #2: ftp not working. here's my conf:

    # This is the ProFTPD configuration file
    # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $

    ServerName "ProFTPD server"
    ServerIdent on "FTP Server ready."
    ServerAdmin root@localhost
    ServerType standalone
    #ServerType inetd
    DefaultServer on
    AccessGrantMsg "User %u logged in."
    #DisplayConnect /etc/ftpissue
    #DisplayLogin /etc/ftpmotd
    #DisplayGoAway /etc/ftpgoaway
    DeferWelcome off

    # Use this to excude users from the chroot
    DefaultRoot ~ !adm

    # Use pam to authenticate (default) and be authoritative
    AuthPAMConfig proftpd
    AuthOrder mod_auth_pam.c* mod_auth_unix.c

    # Do not perform ident nor DNS lookups (hangs when the port is filtered)
    IdentLookups off
    UseReverseDNS off

    # Port 21 is the standard FTP port.
    Port 21

    # Umask 022 is a good standard umask to prevent new dirs and files
    # from being group and world writable.
    Umask 022

    # Default to show dot files in directory listings
    ListOptions "-a"

    # See Configuration.html for these (here are the default values)
    #MultilineRFC2228 off
    #RootLogin off
    #LoginPasswordPrompt on
    #MaxLoginAttempts 3
    #MaxClientsPerHost none
    #AllowForeignAddress off # For FXP

    # Allow to resume not only the downloads but the uploads too
    AllowRetrieveRestart on
    AllowStoreRestart on

    # To prevent DoS attacks, set the maximum number of child processes
    # to 30. If you need to allow more than 30 concurrent connections
    # at once, simply increase this value. Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances 20

    # Set the user and group that the server normally runs at.
    User nobody
    Group nobody

    # This is where we want to put the pid file
    ScoreboardFile /var/run/proftpd.score

    # Normally, we want users to do a few things.
    AllowOverwrite yes
    <Limit ALL SITE_CHMOD>

    # Define the log formats
    LogFormat default "%h %l %u %t \"%r\" %s %b"
    LogFormat auth "%v [%P] %h %t \"%r\" %s"

    # TLS
    # Explained at
    #TLSEngine on
    #TLSRequired on
    #TLSRSACertificateFile /usr/share/ssl/certs/proftpd.pem
    #TLSRSACertificateKeyFile /usr/share/ssl/certs/proftpd.pem
    #TLSCipherSuite ALL:!ADH:!DES
    #TLSOptions NoCertRequest
    #TLSVerifyClient off
    ##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
    #TLSLog /var/log/proftpd/tls.log

    # A basic anonymous configuration, with an upload directory.
    #<Anonymous ~ftp>
    # User ftp
    # Group ftp
    # AccessGrantMsg "Anonymous login ok, restrictions apply."
    # # We want clients to be able to login with "anonymous" as well as "ftp"
    # UserAlias anonymous ftp
    # # Limit the maximum number of anonymous logins
    # MaxClients 10 "Sorry, max %m users -- try again later"
    # # Put the user into /pub right after login
    # #DefaultChdir /pub
    # # We want 'welcome.msg' displayed at login, '.message' displayed in
    # # each newly chdired directory and tell users to read README* files.
    # DisplayLogin /welcome.msg
    # DisplayFirstChdir .message
    # DisplayReadme README*
    # # Some more cosmetic and not vital stuff
    # DirFakeUser on ftp
    # DirFakeGroup on ftp
    # # Limit WRITE everywhere in the anonymous chroot
    # <Limit WRITE SITE_CHMOD>
    # DenyAll
    # </Limit>
    # # An upload directory that allows storing files but not retrieving
    # # or creating directories.
    # <Directory uploads/*>
    # AllowOverwrite no
    # <Limit READ>
    # DenyAll
    # </Limit>
    # <Limit STOR>
    # AllowAll
    # </Limit>
    # </Directory>
    # # Don't write anonymous accesses to the system wtmp file (good idea!)
    # WtmpLog off
    # # Logging for the anonymous transfers
    # ExtendedLog /var/log/proftpd/access.log WRITE,READ default
    # ExtendedLog /var/log/proftpd/auth.log AUTH auth
    Last edited: Jan 20, 2006
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats weird. /etc/shells is normally a text file and looks like this:

    # /etc/shells: valid login shells
    You posted the content of a binary file. Are you sure you did not accidently replace /etc/shells with a binary?
  9. Nejko

    Nejko New Member

    hmm, no.. i used mv command and it asked something :D

    edit: ok, changed with yours. which info should i use for login?
    Last edited: Jan 20, 2006
  10. falko

    falko Super Moderator ISPConfig Developer

    You mean for the FTP login? A valid system username and the password.
  11. Nejko

    Nejko New Member

    so... what for root? couse it ain't working...
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    The root user is normally disabled for FTP logins. FTP is too insecure as it transfers passwords in clear text, if you dont enable TLS for example.
  13. Nejko

    Nejko New Member

    Ok, got everything working with crating unix users wia webadmin. Thanx once again for all your help!

Share This Page