Date: Mon, 6 Aug 2001 04:52:14 +0300 From: Peter Pentchev <roam@ringlet.net> To: Mike <wacky@blinx.net> Cc: FreeBSD-SECURITY <freebsd-security@freebsd.org> Subject: Re: Ftpd problem Message-ID: <20010806045214.D586@ringworld.oblivion.bg> In-Reply-To: <003d01c11e14$0b90c220$0700a8c0@com.home.com>; from wacky@blinx.net on Sun, Aug 05, 2001 at 09:06:37PM -0400 References: <20010730192031.M59043-100000@epsilon.lucida.ca> <003d01c11e14$0b90c220$0700a8c0@com.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 05, 2001 at 09:06:37PM -0400, Mike wrote: > Hi, I'm running FreeBSD 4.3-STABLE as a web server. Recently we have been > having a problem with ftpd. The user trys to login and when it asks for a > password it says login incorrect. The /etc/shells are correct with his > account and he is not listed in /etc/ftpusers. But he can also login via > ssh2. But if root changes his password then it will work. It's only after > the user changes his password after a certain amount of days. I do not see > anything in /etc/login.conf that could be causing this problem. Does anybody > know what might be?. I am e-mailing this because I believe its security > related. Try adding a line saying 'crypt_default = des' to the /etc/auth.conf file. You might then need to rebuild libcrypt, I'm still not sure why this is so, but from a little non-authoritative experience on 3-4 machines it seems that libcrypt understands that crypt_default=des only after it is *built* while /etc/auth.conf has a crypt_default=des line. This makes next to no sense to me, but this is the way I got it to work on three machines here. So.. # echo 'crypt_default = des' >> /etc/auth.conf # cd /usr/src/lib/libcrypt # make cleandir # make depend # make all install # make cleandir Another workaround would be to have all your users tell you their passwords, so you can convert them to MD5.. but that would be kind of stupid :) G'luck, Peter -- If this sentence didn't exist, somebody would have invented it. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010806045214.D586>