Matus UHLAR - fantomas | 15 Jun 16:39 2015
Picon

[Proftpd-user] only disable ssl3

Hello,

seems that proftpd currently supports only allowind, not disabling
protocols.

 From its page http://www.proftpd.org/docs/contrib/mod_tls.html#TLSProtocol

  Syntax: TLSProtocol protocol1 ... protocolN

That means, it's not possible to disable singl protocol other way than to
enumerate enabled protocols.

My question is: could it be possible to disable SSL3 by specifying:

TLSProtocol all -sslv3 ?

The point is: debian wheezy's proftpd DOES accept tlsv1_1 and tlsv1_2 by
default, but does not know about them.  I can't specify them in config
file, and when I want to disable sslv3, I can only enable TLSv1.0 which
disables tls1.1 and tls1.2...

--

-- 
Matus UHLAR - fantomas, uhlar <at> fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Micro$oft random number generator: 0, 0, 0, 4.33e+67, 0, 0, 0...

------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
(Continue reading)

Dr. Mikeal Hughes | 5 Jun 15:56 2015

[Proftpd-user] File Zilla Issues

I installed prompted on my server, an Ubuntu 14.02 LTS unit. I am wanting to use it in combination with File
Zilla to upload PDF files and other content to my Word Press Website. I have been unable to get the files
uploaded. I connect through Host: www.mikealrhughes.com Username: macmike and put in my password and
port 22. It connects fine. but when I go to the local site pane and choose a file to bring over that’s when
trouble begins. Here is the error I am getting - Listing directory /var/www/mikealrhughes.com/public_html/wordpress
Command: 	put
"/Users/admin/Documents/03_Come_See_1_35_51.key.download/03_Come_See_1_35_51.key" "03_Come_See_1_35_51.key"
Error:         	/var/www/mikealrhughes.com/public_html/wordpress/03_Come_See_1_35_51.key: open for
write: permission denied
Error:         	File transfer failed

I am assuming I don’t have something configured right in proftpd. Any help appreciated.

Mike Hughes
------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Hajo Locke | 2 Jun 13:43 2015
Picon
Picon

[Proftpd-user] proftpd 1.3.5 mod_ifsession nested directives

Hello,

in former proftpd-version 1.3.4 we used nested ifUser directives to 
activate some settings for all other users:

<IfUser ! test1>
     <IfUser ! test2>
         <IfUser ! test3>
             exampledirective examplevalue
         </IfUser>
   </IfUser>
</IfUser>

In proftpd 1.3.5 it seems that nested IfUser directives arent working 
any more, regardless which user was used.
exampledirective  is never set.

This is not a big problem, we can use multiple not nested directives, 
but iam surprised about that.
We cant find a problem on our side.  mod_ifsession is loaded at last, 
just like the docs mentioned.
Is this an expected scenario?

Thanks,
Hajo

------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
(Continue reading)

TJ Saunders | 28 May 03:18 2015

[Proftpd-user] ProFTPD 1.3.6rc1 released!


Hello, ProFTPD community. The ProFTPD Project team is pleased to
announce that the first release candidate for ProFTPD 1.3.6 is now
available for public consumption.

You can download 1.3.6rc1, including PGP signatures and MD5 sums, from
the alternate download site, hosted by GitHub:

  https://github.com/proftpd/proftpd/archive/v1.3.6rc1.tar.gz

Alternatively, you can download proftpd from the main site:

  ftp://ftp.proftpd.org/distrib/source

RPMs, once available, will be placed here:

  ftp://ftp.proftpd.org/distrib/packages/RPMS

The 1.3.6rc1 release includes major new features and numerous bugfixes,
including:

  + Support for the HOST command
  + Fixed stalled TLS data transfers
  + Various TLS security improvements

Please read the included NEWS, RELEASE_NOTES, and ChangeLog files for
the full details.

The MD5 sum for the source tarball is:

(Continue reading)

TJ Saunders | 28 May 03:17 2015

[Proftpd-user] ProFTPD 1.3.5a released!


Hello, ProFTPD community. The ProFTPD Project team is pleased to announce
that the first maintenance release for ProFTPD 1.3.5 is now available for
public consumption.

You can download 1.3.5a, including PGP signatures and MD5 sums, from
the alternate download site, hosted by GitHub:

  https://github.com/proftpd/proftpd/archive/v1.3.5a.tar.gz

Alternatively, you can download proftpd from the main site:

  ftp://ftp.proftpd.org/distrib/source

RPMs, once available, will be placed here:

  ftp://ftp.proftpd.org/distrib/packages/RPMS

The 1.3.5a release is a maintenance release, containing various fixes
backported from the 1.3.6 development cycle.

Please read the included NEWS and ChangeLog files for the full details.

The MD5 sum for the source tarball is:

  b9d3092411478415b31d435f8e26d173  proftpd-1.3.5a.tar.gz

The PGP signature for the source tarball is:

  proftpd-1.3.5a.tar.gz:
(Continue reading)

KK | 19 May 23:24 2015
Picon

[Proftpd-user] does not work properly after upgrade.

Hi,
it seems that something was changed and my old config does not work 
properly in 1.3.4e.

My current/old config:

ServerName                      "FTP"
ServerType                      standalone
DefaultServer                   on
DefaultRoot                     ~
ServerIdent                     off
SystemLog                       /var/log/proftpd.log
TransferLog                     /var/log/xferlog
MaxLoginAttempts                3
Port                            21
PassivePorts                    7000 9000
UseIPv6                         on

Umask                           022
MaxInstances                    10
User                            ftp
Group                           ftp

AllowOverwrite          on
AllowStoreRestart       on
AllowForeignAddress     on

<Limit SITE_CHMOD>
   AllowAll
</Limit>
(Continue reading)

Robb Gosset | 11 May 18:13 2015

[Proftpd-user] Anonymous, password-less login configuration.

Hi All,

 

I’m currently trying to set up ProFTP to allow un-restricted root level access to the / directory of a linux install with a blank password field.

 

DISCLAIMER – I know this is a terrible idea and that nobody in their right mind should do it, I am aware of alternatives and ways of making this more secure. This is to replace an element of an embedded system run on closed networks where other components that I have no control over require this to be available in order to function.

 

I currently have the following in a config file with the following specified in but I’m not sure how I can allow access without requiring a password, if anyone could help I’d really appreciate it.

 

<Anonymous ~ftp>

                User      root

                Group   root

                UserAlias             anonymous root

                MaxClients         30

                AnonRequirePassword yes

</Anonymous>

 

Thanks in advance,

 

// Robb Gosset


Robb Gosset
Software Engineer

Global Design Solutions Ltd
Unit 13 | Riverside Business Park
Bristol | BS4 4ED | UK
T: +44 117 325 0063  
GDS ArcLamp is the Lighting Product of the Year 2014! 

This communication is from Global Design Solutions Limited or one of its associated/subsidiary companies. Read full email disclaimer here
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Krishna Prasad V | 11 May 13:33 2015

[Proftpd-user] Proftpd sftp sever windows version

Hi,

 

We are trying to install windows version of proftp sftp server. We could install Cygwin on our windows PC but later on with the command (cyg –get proftpd), we are unable to install proftpd server. We are simply coming out of Cygwin application.

 

Can you guys help us to share documentation or detailed steps to install proftpd on windows server.

 

Your help and immediate response is highly appreciated.

 

 

Thanks & Regards,

Krishna Prasad.V

Manager – IT & Network

C56, APIE, Sanathnagar, Hyderabad – 500 018 India

Mobile : +91 8008804664

Phone : +91 40 44451234; Extn : 369

Email : prasadv <at> elicohcs.com

 

 

 

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Frank Liu | 3 May 01:59 2015
Picon

[Proftpd-user] mod_geoip

Hi,

Based on http://www.proftpd.org/docs/contrib/mod_geoip.html the filter parameter can only be single, e.g.: CountryCode

If I want to block a region of a country, how to do that?
Since region code is not globally unique across countries, I will need to filter based on CountryCode+RegionCode. 

Reference:
Region codes are re-used across countries.

Thanks!
Frank

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Mike Seda | 21 Apr 00:12 2015

[Proftpd-user] check-file blocked by <Limit>

I am receiving an SFTP check-file related error...

2015-04-20 16:03:43,739 mod_sftp/0.9.9[20748]: 'check-file' of '/test.pdf' blocked by <Limit> configuration

Immediately after the SFTP check-file error, a SETSTAT succeeds [for the same file]...

2015-04-20 16:03:43,778 mod_sftp/0.9.9[20748]: client set modification time of '/test.pdf' to Mon Apr 20 20:02:15 2015

Please advise on how to unblock the SFTP check-file operation.

The relevant portion of my config is provided below...

AllowOverwrite        on

<Directory ~>

  # Blocks use of all FTP commands within the directory. Having denied use of
  # all commands, we then proceed to define which commands can be used.

  <Limit ALL>

    DenyAll

  </Limit>

  # Allow navigation.

  <Limit CDUP XCDUP CWD XCWD PWD XPWD REALPATH>

    AllowAll

  </Limit>

  # STOR and STOU are allowed, so that clients can actually upload files into
  # the directory (assuming that the filesystem permissions allow for the
  # client to write files in the directory as well).

  <Limit STOR STOU>

    AllowAll

  </Limit>

  # Allow viewing.

  <Limit LIST MDTM MLSD MLST NLST SIZE STAT LSTAT OPENDIR READDIR READLINK>

    AllowAll

  </Limit>

  # Allow check-file operations.

  <Limit OPEN RETR>

    AllowAll

  </Limit>

  # Allow chmod operations, which, if blocked, would cause file-transfers
  # to fail.
 
  <Limit SITE_CHMOD SETSTAT>
 
    AllowAll
 
  </Limit>

  # Allow creation of directories.

  <Limit MKD XMKD>
 
    AllowAll

  </Limit>

</Directory>

Thanks,
Mike
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Matus UHLAR - fantomas | 27 Apr 09:35 2015
Picon

Re: [Proftpd-user] TLS Connections

On 25.04.15 22:57, Jorge Bastos wrote:
>I have ProFTPD with normal FTP and TLS, but for TLS connections, most of the
>times directory listing isn't possible and my question is:
>
>Is it need any special port for this to work, or any configuration that I'm
>missing?

when using TLS without CCC commnand (that not supported by all clients), the
intermediate firewalls and NAT appliances are unable to know how data
connection will be made. That means, that

- in PORT mode, the connection won't be allowed/translated by firewall/NAT
   on client side
- in PASV mods, the connection won't be allowed/translated by firewall/NAT
   on server side

You can work around the latter case by statically allowing/translating range
of ports on firewall/NAT on server side by its admin, and configuring those
ports to directive PassivePorts, and in case of NAT also by configuring the
NAT IP to directive MasqueradeAddress.

--

-- 
Matus UHLAR - fantomas, uhlar <at> fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam is for losers who can't get business any other way.

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html


Gmane