Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 7 Jan 2006 12:12:26 -0800
From:      Sandy Rutherford <sandy@krvarr.bc.ca>
To:        Matthew Seaman <m.seaman@infracaninophile.co.uk>
Cc:        freebsd-questions@freebsd.org, Imran Imtiaz <imran@darkstar.thelakecity.com.pk>
Subject:   Re: ftp nologin problem
Message-ID:  <17344.8362.264379.177151@szamoca.krvarr.bc.ca>
In-Reply-To: <43B26213.5060504@infracaninophile.co.uk>
References:  <200512280736.jBS7aLRH079056@darkstar.thelakecity.com.pk> <43B26213.5060504@infracaninophile.co.uk>

next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> On Wed, 28 Dec 2005 09:59:47 +0000, 
>>>>> Matthew Seaman <m.seaman@infracaninophile.co.uk> said:

 > Imran Imtiaz wrote:
 >> I am running ProFTPD 1.2.10 on my bsd server but the problem is that if a user don't have a shell and I've defined his shell as nologin then the ftp server does not logon and give the following error
 >> C:\Documents and Settings\Asif>ftp 192.168.0.3
 >> Connected to 192.168.0.3.
 >> 220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [192.168.0.3]
 >> User (192.168.0.3:(none)): db.backup
 >> 331 Password required for db.backup.
 >> Password:
 >> 530 Login incorrect.
 >> Login failed.
 ftp> 
 >> 
 >> tell me how can I correct this problem cause I don't want to give user a shell.

 > Yes -- in order for a user to log in successfully via FTP they need:

 > ...

 > If you're trying to setup a highly secure mechanism for copying files over
 > the net for backup, then I'd counsel against using FTP at all -- it's one of
 > those archaic 'dawn of the internet' type protocols that does nasty things
 > like transmitting passwords over networks in plain text.  Two much better
 > alternatives are:

FTP is actually a very well designed protocol. Jon Postel was no
idiot. It is highly reliable and the RFC 959 return codes make it
ideal for unattended file transfers.  You are right about its security
problems.  However, ProFTPD, the server that he is using, supports
SSL/TLS, which does not transmit passwords in clear text.  To talk to
ProFTPD using SSL/TLS, you will need to use OpenBSD's ftp-tls client,
which is in the ports.

Sandy



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17344.8362.264379.177151>