Proftpd

Thomas Mondoshawan Tate plug-discuss@lists.PLUG.phoenix.az.us
Fri, 9 Nov 2001 07:45:40 -0700 

--UlVJffcvxoiEqYs2
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 06, 2001 at 08:35:31AM -0700, Jeff wrote:
> Ok, Here is my problem:
>=20
> Again it's a problem finding a good HOWTO.  All the howtos and readmes on
> proftp tell me pretty good how to set up an anonymous account, however, I
> don't want an anonymous account setup.  I want myself, and anyone who I f=
eel
> worthy, to be able to log in with a username and password of their choice
> (following good linux password rules)
>=20
> My problem seems to be with configuring a correct proftpd.conf file.
>=20
> I would like the logins to have as high of security as possible without
> downloading and installing and configuring excess packages.
>=20
> The accounts don't necessarily have to have a shell account to log in, and
> I'd like all the logins to have the same folder tree. However, occasional=
ly,
> I may want to make a diff folder for a new login account.

That's all handled via the passwd file by default (you can change the
user database to anything ranging from an SQL database to a simple
plain-text file with plugins) --  shells, home directories, etc.
Whenever someone logs into an existing account, ProFTPD (by default) changes
to the home directory listed in /etc/passwd automaticially. Note, however,
that it does _not_ chroot() to the directory by default -- that has to be
explicitly asked for. Also, if the RequireValidShell variable is set to on,
all of the users that you want to use ftp _must_ have a valid shell that is
listed in /etc/shells.

> I was also wondering, if it's possible to setup different accounts for
> each Ethernet interface.  Say a highly secure login for myself from eth0 =
and
> a simple anon login if you are coming from eth1.

Possibly, but I'm unsure. You could try doing it as a pair of virtual
servers -- one bound to the eth0 interface, the other bound to eth1.=20

> I don't know if that's possible or not.
>=20
> Anyhow, Where can you point me?

Pull down the Proftp source, and read the proftpd/doc/Configuration.html
file, or look for online documentation at the website.

--=20
Thomas "Mondoshawan" Tate
phoenix@psy.ed.asu.edu
http://tank.dyndns.org

--UlVJffcvxoiEqYs2
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE76+wTYp5mUsPGjjwRAoUYAJ9mN2kuIBckdunO4iqnTMOLVYS00gCdE4sr
VWgTQe5xpkVpHHD+3SQefNo=
=kUWh
-----END PGP SIGNATURE-----

--UlVJffcvxoiEqYs2--