水静流深 | 12 Aug 11:12 2015

[Proftpd-user] Can the user of proftpd change the password themself not by admin?

Can the user of proftpd change the password themself not by admin?
I am a user of proftpd ,how can change my password after logining into proftpd by myself not by admin?
I have read all the command on ftp which contain no command to change passwd.

------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
水静流深 | 12 Aug 11:09 2015

[Proftpd-user] How to create a shared directory for all the users in proftpd?

I have installed proftpd and create two users this way.

mkdir /home/ftp mkdir /home/ftp/user1 mkdir /home/ftp/user2 adduser user1 adduser user2 usermod -d /home/ftp/user1 user1 usermod -d /home/ftp/user2 user2

Now user1 and user2 can login into proftpd with their own passwd. I want to create a shared directory from which every user can downlaod files from it.

mkdir /home/ftp/share

How to write the configuration file to do the job?

------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
kamil kapturkiewicz | 10 Aug 12:33 2015
Picon

[Proftpd-user] block access to file using scan on access option

Hi,
I am trying to configure Scan On Access with ProFTPD server to block acccess to file (not only mark as FOUND):

Mon Aug 10 10:09:35 2015 -> ScanOnAccess: /home/xyz/eicar.txt:
{HEX}EICAR.TEST.UNOFFICIAL(69630e4574ec6798239b091cda43dca0:69) FOUND
Mon Aug 10 10:09:39 2015 -> ScanOnAccess: /home/xyz/Revelation.exe:
SecuriteInfo.com.W32.HackTool.BUS.5819.UNOFFICIAL(5fbc923249818c4b0489b85c1abf0357:69632) FOUND
Mon Aug 10 10:09:44 2015 -> ScanOnAccess: /home/xyz/Revelation.exe:
SecuriteInfo.com.W32.HackTool.BUS.5819.UNOFFICIAL(5fbc923249818c4b0489b85c1abf0357:69632) FOUND

For some reason I am able to upload infected files to server and above log entries appear only during access
(download, view), even not during delete.

I can live with that if it is only possible to detect during downloading from FTP or opening, but I would like
to able block access to file if something is detected.

clamav.conf:
ScanOnAccess true
OnAccessMaxFileSize 50M
#OnAccessIncludePath /var/ftp
OnAccessIncludePath /home/xyz
OnAccessExcludeUID 0

------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html

Steve Matzura | 9 Aug 17:25 2015

[Proftpd-user] Protecting against automatic overwriting on put

What is the proper combination of directives to use so that when a
file is put which already exists, a message is sent back to the client
asking for permission to overwrite? I find that if the logged-in user
owns the file, no prompt is displayed. If the logged-in user owns the
file but the file's group is set to another group to which the user
has access, the user gets the prompt. The odd thing is, on two system
where ProFTPD appears to be configured identically, one prompts for
everything, one prompts for everything except where ownership and
groupship are the same. Am I explaining this right?

------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html

TJ Saunders | 7 Aug 23:35 2015

[Proftpd-user] Announcing mod_proxy for ProFTPD


I'm pleased to announce that I've been working on a mod_proxy module for 
ProFTPD, for proxying FTP in both forward and reverse mode, for quite a 
while.  And recently, I think it's reached the state of being useful for 
wider deployment use.

So without much more ado, see:

  https://github.com/Castaglia/proftpd-mod_proxy

This module supports FTPS (i.e. FTP over SSL/TLS) for frontend AND backend 
connections (in both forward and reverse proxy mode), IPv6, configurable 
active/passive data transfer policies, and load balancing (both 
"balancing" and "sticky" policies).

As always, I'd love to hear your thoughts/feedback on work like this.

Cheers,
TJ

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Thus I live in the world rather as a spectator of mankind than
   as one of the species.

   	-Joseph Addison

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html

Steve Matzura | 25 Jul 19:49 2015

[Proftpd-user] Problem with anonymous login

I followed the instructions in proftpd.conf to set up an anonymous
login. I can log in, but neither ls nor put work. For ls, I get "500
Illegal port command" followed by "425 Unable to build data
connection. Connection refused"; for put, I get "500 Illegal port
command" followed by "550 {my-file} operation not permitted". The
directory into which I want my anonymous logins to go is owned by FTP
and is in the FTP group. I am not using TLS on the client side--for
testing, just your plain ordinary Windows FTP client. Here are some
suspicious-looking messages from /var/log/messages after successful
login:

Jul 25 17:33:04 patronus proftpd[25313]: 92.243.30.12
(108.30.183.45[108.30.183.45]) - Preparing to chroot to directory
'/srv/datadisk01/public_ftp'
Jul 25 17:33:05 patronus proftpd[25313]: 92.243.30.12
(108.30.183.45[108.30.183.45]) - Refused PORT 192,168,1,140,46,210
(address mismatch)
Jul 25 17:41:09 patronus proftpd[25313]: 92.243.30.12
(108.30.183.45[108.30.183.45]) - FTP session closed.

Here's my configuration:

ServerName			"ProFTPD server"
ServerIdent			on "FTP Server ready."
ServerAdmin			root <at> localhost
DefaultServer			on
DefaultRoot			~ !admin
AuthPAMConfig			proftpd
AuthOrder			mod_auth_pam.c* mod_auth_unix.c
UseReverseDNS			off
User				nobody
Group				nobody
MaxInstances			20
UseSendfile			off
LogFormat			default	"%h %l %u %t \"%r\" %s %b"
LogFormat			auth	"%v [%P] %h %t \"%r\" %s"
LoadModule mod_ctrls_admin.c
LoadModule mod_vroot.c
ModuleControlsACLs		insmod,rmmod allow user root
ModuleControlsACLs		lsmod allow user *

ControlsEngine			on
ControlsACLs			all allow user root
ControlsSocketACL		allow user *
ControlsLog			/var/log/proftpd/controls.log
<IfModule mod_ctrls_admin.c>
  AdminControlsEngine		on
  AdminControlsACLs		all allow user root
</IfModule>

<IfModule mod_vroot.c>
  VRootEngine			on
</IfModule>

<IfDefine TLS>
  TLSEngine			on
  TLSRequired			on
  TLSRSACertificateFile		/etc/pki/tls/certs/proftpd.pem
  TLSRSACertificateKeyFile	/etc/pki/tls/certs/proftpd.pem
  TLSCipherSuite		ALL:!ADH:!DES
  TLSOptions			NoCertRequest
  TLSVerifyClient		off
  #TLSRenegotiate		ctrl 3600 data 512000 required off
timeout 300
  TLSLog			/var/log/proftpd/tls.log
  <IfModule mod_tls_shmcache.c>
    TLSSessionCache		shm:/file=/var/run/proftpd/sesscache
  </IfModule>
</IfDefine>

<IfDefine DYNAMIC_BAN_LISTS>
  LoadModule			mod_ban.c
  BanEngine			on
  BanLog			/var/log/proftpd/ban.log
  BanTable			/var/run/proftpd/ban.tab

  BanOnEvent			MaxLoginAttempts 2/00:10:00 01:00:00
  BanMessage			"Host %a has been banned"
  BanControlsACLs		all allow user ftpadm
</IfDefine>

<IfDefine QOS>
  LoadModule			mod_qos.c
  # RFC791 TOS parameter compatibility
  QoSOptions			dataqos throughput ctrlqos lowdelay
  # For a DSCP environment (may require tweaking)
  #QoSOptions			dataqos CS2 ctrlqos AF41
</IfDefine>

<Global>

  Umask				022
  AllowOverwrite		yes
  <Limit ALL SITE_CHMOD>
    AllowAll
  </Limit>

AllowStoreRestart ON
</Global>

# proftpd.conf says I need PROFTPD_TIONS to include 'DANONYMOUS_FTP.
# That's been done.

<IfDefine ANONYMOUS_FTP>
  <Anonymous ~ftp>
    User			ftp
    Group			ftp
    AccessGrantMsg		"Anonymous login ok, restrictions
apply."
    UserAlias			anonymous ftp
    MaxClients			10 "Sorry, max %m users -- try again
later"
    DefaultChdir		/srv/datadisk01/public_ftp
    DisplayLogin		/welcome.msg
    DisplayChdir		.message
    DisplayReadme		README*
    DirFakeUser			on ftp
    DirFakeGroup		on ftp
    <Limit WRITE SITE_CHMOD>
      DenyAll
    </Limit>
    <Directory uploads/*>
      AllowOverwrite		no
      <Limit READ>
        DenyAll
      </Limit>

      <Limit STOR>
        AllowAll
      </Limit>
    </Directory>

    WtmpLog			off
    ExtendedLog			/var/log/proftpd/access.log WRITE,READ
default
    ExtendedLog			/var/log/proftpd/auth.log AUTH auth

  </Anonymous>
</IfDefine>

------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html

Matus UHLAR - fantomas | 15 Jun 16:39 2015
Picon

[Proftpd-user] only disable ssl3

Hello,

seems that proftpd currently supports only allowind, not disabling
protocols.

 From its page http://www.proftpd.org/docs/contrib/mod_tls.html#TLSProtocol

  Syntax: TLSProtocol protocol1 ... protocolN

That means, it's not possible to disable singl protocol other way than to
enumerate enabled protocols.

My question is: could it be possible to disable SSL3 by specifying:

TLSProtocol all -sslv3 ?

The point is: debian wheezy's proftpd DOES accept tlsv1_1 and tlsv1_2 by
default, but does not know about them.  I can't specify them in config
file, and when I want to disable sslv3, I can only enable TLSv1.0 which
disables tls1.1 and tls1.2...

--

-- 
Matus UHLAR - fantomas, uhlar <at> fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Micro$oft random number generator: 0, 0, 0, 4.33e+67, 0, 0, 0...

------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html

Dr. Mikeal Hughes | 5 Jun 15:56 2015

[Proftpd-user] File Zilla Issues

I installed prompted on my server, an Ubuntu 14.02 LTS unit. I am wanting to use it in combination with File
Zilla to upload PDF files and other content to my Word Press Website. I have been unable to get the files
uploaded. I connect through Host: www.mikealrhughes.com Username: macmike and put in my password and
port 22. It connects fine. but when I go to the local site pane and choose a file to bring over that’s when
trouble begins. Here is the error I am getting - Listing directory /var/www/mikealrhughes.com/public_html/wordpress
Command: 	put
"/Users/admin/Documents/03_Come_See_1_35_51.key.download/03_Come_See_1_35_51.key" "03_Come_See_1_35_51.key"
Error:         	/var/www/mikealrhughes.com/public_html/wordpress/03_Come_See_1_35_51.key: open for
write: permission denied
Error:         	File transfer failed

I am assuming I don’t have something configured right in proftpd. Any help appreciated.

Mike Hughes
------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Hajo Locke | 2 Jun 13:43 2015
Picon
Picon

[Proftpd-user] proftpd 1.3.5 mod_ifsession nested directives

Hello,

in former proftpd-version 1.3.4 we used nested ifUser directives to 
activate some settings for all other users:

<IfUser ! test1>
     <IfUser ! test2>
         <IfUser ! test3>
             exampledirective examplevalue
         </IfUser>
   </IfUser>
</IfUser>

In proftpd 1.3.5 it seems that nested IfUser directives arent working 
any more, regardless which user was used.
exampledirective  is never set.

This is not a big problem, we can use multiple not nested directives, 
but iam surprised about that.
We cant find a problem on our side.  mod_ifsession is loaded at last, 
just like the docs mentioned.
Is this an expected scenario?

Thanks,
Hajo

------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html

TJ Saunders | 28 May 03:18 2015

[Proftpd-user] ProFTPD 1.3.6rc1 released!


Hello, ProFTPD community. The ProFTPD Project team is pleased to
announce that the first release candidate for ProFTPD 1.3.6 is now
available for public consumption.

You can download 1.3.6rc1, including PGP signatures and MD5 sums, from
the alternate download site, hosted by GitHub:

  https://github.com/proftpd/proftpd/archive/v1.3.6rc1.tar.gz

Alternatively, you can download proftpd from the main site:

  ftp://ftp.proftpd.org/distrib/source

RPMs, once available, will be placed here:

  ftp://ftp.proftpd.org/distrib/packages/RPMS

The 1.3.6rc1 release includes major new features and numerous bugfixes,
including:

  + Support for the HOST command
  + Fixed stalled TLS data transfers
  + Various TLS security improvements

Please read the included NEWS, RELEASE_NOTES, and ChangeLog files for
the full details.

The MD5 sum for the source tarball is:

  fa321aa25f1fb6ad8a13e1441610b7db  proftpd-1.3.6rc1.tar.gz

The PGP signature for the source tarball is:

  proftpd-1.3.6rc1.tar.gz:

    
TJ Saunders | 28 May 03:17 2015

[Proftpd-user] ProFTPD 1.3.5a released!


Hello, ProFTPD community. The ProFTPD Project team is pleased to announce
that the first maintenance release for ProFTPD 1.3.5 is now available for
public consumption.

You can download 1.3.5a, including PGP signatures and MD5 sums, from
the alternate download site, hosted by GitHub:

  https://github.com/proftpd/proftpd/archive/v1.3.5a.tar.gz

Alternatively, you can download proftpd from the main site:

  ftp://ftp.proftpd.org/distrib/source

RPMs, once available, will be placed here:

  ftp://ftp.proftpd.org/distrib/packages/RPMS

The 1.3.5a release is a maintenance release, containing various fixes
backported from the 1.3.6 development cycle.

Please read the included NEWS and ChangeLog files for the full details.

The MD5 sum for the source tarball is:

  b9d3092411478415b31d435f8e26d173  proftpd-1.3.5a.tar.gz

The PGP signature for the source tarball is:

  proftpd-1.3.5a.tar.gz:

    

Gmane