www.ProFTPD.de
13. März 2007, 19:52:50 *
Willkommen Gast. Bitte einloggen oder registrieren.
Haben Sie Ihre Aktivierungs E-Mail übersehen?

Einloggen mit Benutzername, Passwort und Sitzungslänge
News: SMF - Neu installiert!
 
  Übersicht Hilfe Suche Login Registrieren  
  Zeige Beiträge
Seiten: [1]
1  ProFTPD / ProFTPD - Deutsch / Re: 530 Login incorrect. am: 28. Oktober 2006, 16:20:30
Nochmals besten Dank!

Die Links haben mir sehr weitergeholfen.
Hab jetzt alles so hinbekommen wie ich es mir vorgestellt hab. Lächelnd
2  ProFTPD / ProFTPD - Deutsch / Re: 530 Login incorrect. am: 28. Oktober 2006, 01:51:30
Hallo VolGas,

Danke für die Antwort.
Hab das jetzt mal versucht.

Ergebnis:
- Kann mich mit ringwraith anmelden.
- Bei cdvmatura kommt weiterhin "login incorrect"

Was kann ich da sonst noch prüfen?

Weitere Fragen:
- Wie kann ich nun - wenn ich diese anonymous-Blöcke nicht mehr habe - für einen User das Root-Verzeichnis angeben?
- Wie kann ich für einen User die Rechte auf bestimmte Verzeichnisse einschränken (zB. Löschen von Verzeichnissen und Dateien)?
- Wie kann ich einem User verbieten sich von bestimmten IPs zu verbinden?
   Im Anonymous-Block hätte ich das ungefähr so versucht:
Code:
<Limit LOGIN>
  Order  allow,deny
  Allow from IP1
  Allow from IP2
  Deny from all
</Limit>
3  ProFTPD / ProFTPD - Deutsch / 530 Login incorrect. am: 26. Oktober 2006, 15:10:10
Hallo alle zusammen.

Möchte mit ProFtpd folgendes machen:
- User 'anonymous' (/home/ftp/anonymous); kein Passwort
- User 'cdvmatura' (/home/ftp/cdvmatura);
         Passwort des Systemusers soll eingegeben werden müssen;
         User existiert auf dem System;
         User ist Mitglied der Gruppe 'ftpuser'
- User 'ringwraith' (/home/ftp);
         Passwort des Systemusers soll eingegeben werden müssen;
         User existiert auf dem System;
         User ist Mitglied der Gruppe 'ftpuser'

Aktueller Stand:
- Anonymous funktioniert
- cdvmatura + ringwraith ==> 530 login incorrect
- ringwraith passwort stimmt ganz bestimmt. Man kann sich in der konsole anmelden
- cdvmatura passwort stimmt auch.

Aktuelle Config:
Code:
#
# /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#

ServerName                      "Bamboocha"
ServerType                      standalone

DeferWelcome                    on
ServerIdent                     on "FTP server ready"
DisplayConnect                  /home/ftp/welcome.msg
AllowForeignAddress             on

MultilineRFC2228                on
DefaultServer                   on
ShowSymlinks                    on

TimeoutNoTransfer               600
TimeoutStalled                  600
TimeoutIdle                     1200

ListOptions                     "-l"

#DenyFilter                     \*.*/
AllowOverride                   off

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
#PersistentPasswd               off

# Uncomment this if you would use TLS module:
#TLSEngine                      on

# Uncomment this if you would use quota module:
#Quotas                         on

# Uncomment this if you would use ratio module:
#Ratios                         on

# Port 21 is the standard FTP port.
Port                            21

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    30
MaxClients                      8 "Sorry, max %m users -- try again later"
MaxClientsPerHost               2 "Sorry, max %m connections"

#Allow Restart
AllowStoreRestart               on
AllowRetrieveRestart            on

#Jail all users into their virtual home dir
DefaultRoot                     ~

UseFtpUsers                     off
RequireValidShell               off

# Set the user and group that the server normally runs at.
User                            nobody
Group                           nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask                           022  022
# Normally, we want files to be overwriteable.
AllowOverwrite                  on

# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
#DelayEngine                    off

#Root-Login verbieten
RootLogin                       off

<Limit LOGIN>
  DenyGroup !ftpuser
</Limit>


#Speed erh<C3><B6>hen
UseReverseDNS                   off
IdentLookups                    off


#
# Logging options
#
TransferLog                     /var/log/proftpd.xferlog

# Some logging formats
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth  "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"

# Log file/dir access
ExtendedLog /var/log/proftpd.access_log WRITE,READ write

# Record all logins
ExtendedLog /var/log/proftpd.auth_log AUTH auth

# Paranoia logging level....
ExtendedLog /var/log/proftpd.paranoid_log ALL default
<IfModule mod_auth_pam.c>
  AuthPAM off
</IfModule>

<IfModule !mod_sql.c>
  AuthOrder mod_auth_unix.c
</IfModule>

# Our "basic" anonymous configuration, including a single
# upload directory ("uploads")
<Anonymous ~ftp/anonymous>

  # Allow logins if they are disabled above.
  <Limit LOGIN>
    AllowAll
  </Limit>

  # Maximum clients with message
  MaxClients                    5 "Sorry, max %m users -- try again later"

  User                          ftp
  Group                         ftp
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias                     anonymous ftp

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>

  # An upload directory that allows storing files but not retrieving
  # or creating directories.
  <Directory *>
    <Limit WRITE>
      DenyAll
    </Limit>
    <Limit MKD STOR RETR>
      AllowAll
    </Limit>
  </Directory>
</Anonymous>

<Anonymous ~ftp/cdvmatura>
  User                          ftp
  Group                         ftp
  UserAlias                     cdvmatura ftp
  AnonRequirePassword           on

  # Permit uploading and creation of new directories in
  <Limit WRITE>
    DenyAll
  </Limit>

  # An upload directory that allows storing files but not retrieving
  # or creating directories.
  <Directory *>
    <Limit MKD STOR RETR>
      AllowAll
    </Limit>
  </Directory>
</Anonymous>

<Anonymous ~ftp>
  User                          ftp
  Group                         ftp
  UserAlias                     ringwraith ftp
  AnonRequirePassword           on

  <Limit ALL>
    AllowAll
  </Limit>
</Anonymous>

Log von Proftpd:
Code:
- mod_tls/2.0.7: using OpenSSL 0.9.8a 11 Oct 2005
 - parsing '/etc/proftpd.conf' configuration
 - <IfModule>: found 'mod_auth_pam.c' module
 - <IfModule>: found 'mod_sql.c' module
 - <Directory *>: adding section for resolved path '*'
 - <Directory *>: adding section for resolved path '*'
Bamboocha.lan -
Bamboocha.lan - Config for Bamboocha:
Bamboocha.lan - ~ftp/
Bamboocha.lan -  Limit
Bamboocha.lan -   AllowAll
Bamboocha.lan -  UserName
Bamboocha.lan -  GroupName
Bamboocha.lan -  UserAlias
Bamboocha.lan -  AnonRequirePassword
Bamboocha.lan -  AllowForeignAddress
Bamboocha.lan -  ShowSymlinks
Bamboocha.lan -  ListOptions
Bamboocha.lan -  AllowOverride
Bamboocha.lan -  MaxClients
Bamboocha.lan -  MaxClientsPerHost
Bamboocha.lan -  AllowStoreRestart
Bamboocha.lan -  AllowRetrieveRestart
Bamboocha.lan -  UseFtpUsers
Bamboocha.lan -  RequireValidShell
Bamboocha.lan -  Umask
Bamboocha.lan -  DirUmask
Bamboocha.lan -  AllowOverwrite
Bamboocha.lan -  RootLogin
Bamboocha.lan -  TransferLog
Bamboocha.lan - ~ftp/cdvmatura/
Bamboocha.lan -  Limit
Bamboocha.lan -   AllowAll
Bamboocha.lan -  Limit
Bamboocha.lan -   DenyAll
Bamboocha.lan -  UserName
Bamboocha.lan -  GroupName
Bamboocha.lan -  UserAlias
Bamboocha.lan -  AnonRequirePassword
Bamboocha.lan -  AllowForeignAddress
Bamboocha.lan -  ShowSymlinks
Bamboocha.lan -  ListOptions
Bamboocha.lan -  AllowOverride
Bamboocha.lan -  MaxClients
Bamboocha.lan -  MaxClientsPerHost
Bamboocha.lan -  AllowStoreRestart
Bamboocha.lan -  AllowRetrieveRestart
Bamboocha.lan -  UseFtpUsers
Bamboocha.lan -  RequireValidShell
Bamboocha.lan -  Umask
Bamboocha.lan -  DirUmask
Bamboocha.lan -  AllowOverwrite
Bamboocha.lan -  RootLogin
Bamboocha.lan -  TransferLog
Bamboocha.lan - ~ftp/anonymous/
Bamboocha.lan -  Limit
Bamboocha.lan -   DenyAll
Bamboocha.lan -  Limit
Bamboocha.lan -   AllowAll
Bamboocha.lan -  Limit
Bamboocha.lan -   DenyAll
Bamboocha.lan -  Limit
Bamboocha.lan -   AllowAll
Bamboocha.lan -  MaxClients
Bamboocha.lan -  UserName
Bamboocha.lan -  GroupName
Bamboocha.lan -  UserAlias
Bamboocha.lan -  AllowForeignAddress
Bamboocha.lan -  ShowSymlinks
Bamboocha.lan -  ListOptions
Bamboocha.lan -  AllowOverride
Bamboocha.lan -  MaxClientsPerHost
Bamboocha.lan -  AllowStoreRestart
Bamboocha.lan -  AllowRetrieveRestart
Bamboocha.lan -  UseFtpUsers
Bamboocha.lan -  RequireValidShell
Bamboocha.lan -  Umask
Bamboocha.lan -  DirUmask
Bamboocha.lan -  AllowOverwrite
Bamboocha.lan -  RootLogin
Bamboocha.lan -  TransferLog
Bamboocha.lan - Limit
Bamboocha.lan -  DenyGroup
Bamboocha.lan - DeferWelcome
Bamboocha.lan - ServerIdent
Bamboocha.lan - DisplayConnect
Bamboocha.lan - AllowForeignAddress
Bamboocha.lan - DefaultServer
Bamboocha.lan - ShowSymlinks
Bamboocha.lan - TimeoutNoTransfer
Bamboocha.lan - TimeoutStalled
Bamboocha.lan - TimeoutIdle
Bamboocha.lan - ListOptions
Bamboocha.lan - AllowOverride
Bamboocha.lan - MaxClients
Bamboocha.lan - MaxClientsPerHost
Bamboocha.lan - AllowStoreRestart
Bamboocha.lan - AllowRetrieveRestart
Bamboocha.lan - DefaultRoot
Bamboocha.lan - UseFtpUsers
Bamboocha.lan - RequireValidShell
Bamboocha.lan - UserID
Bamboocha.lan - UserName
Bamboocha.lan - GroupID
Bamboocha.lan - GroupName
Bamboocha.lan - Umask
Bamboocha.lan - DirUmask
Bamboocha.lan - AllowOverwrite
Bamboocha.lan - RootLogin
Bamboocha.lan - IdentLookups
Bamboocha.lan - TransferLog
Bamboocha.lan - ExtendedLog
Bamboocha.lan - ExtendedLog
Bamboocha.lan - ExtendedLog
Bamboocha.lan - AuthPAM
Bamboocha.lan - AuthOrder
Bamboocha.lan - ProFTPD 1.2.10 (stable) (built do mrt 22 18:28:32 CET 2001) standalone mode STARTUP
Bamboocha.lan (192.168.1.101[192.168.1.101]) - FTP session requested from unknown class
Bamboocha.lan (192.168.1.101[192.168.1.101]) - AuthOrder in effect, resetting auth module order
Bamboocha.lan (192.168.1.101[192.168.1.101]) - connected - local  : 192.168.1.120:21
Bamboocha.lan (192.168.1.101[192.168.1.101]) - connected - remote : 192.168.1.101:1892
Bamboocha.lan (192.168.1.101[192.168.1.101]) - FTP session opened.
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'USER ringwraith' to mod_rewrite
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'USER ringwraith' to mod_tls
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'USER ringwraith' to mod_core
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'USER ringwraith' to mod_core
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'USER ringwraith' to mod_delay
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'USER ringwraith' to mod_auth
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching CMD command 'USER ringwraith' to mod_ratio
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching CMD command 'USER ringwraith' to mod_auth
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching POST_CMD command 'USER ringwraith' to mod_delay
Bamboocha.lan (192.168.1.101[192.168.1.101]) - mod_delay/0.4: delaying for 393 usecs
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching LOG_CMD command 'USER ringwraith' to mod_log
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_rewrite
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_radius
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching CMD command 'PASS (hidden)' to mod_auth
Bamboocha.lan (192.168.1.101[192.168.1.101]) - USER ringwraith (Login failed): Incorrect password.
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_delay
Bamboocha.lan (192.168.1.101[192.168.1.101]) - mod_delay/0.4: delaying for 1929 usecs
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log
Bamboocha.lan (192.168.1.101[192.168.1.101]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth
Bamboocha.lan (192.168.1.101[192.168.1.101]) - FTP session closed.

Kann mir hier jemand weiterhelfen? Weinen

BTW: bin Linux-Newbie
Seiten: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC Prüfe XHTML 1.0 Prüfe CSS
Seite erstellt in 0.069 Sekunden mit 16 Zugriffen.