From owner-freebsd-questions@FreeBSD.ORG Sat Jan 7 20:17:45 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9A0AD16A41F for ; Sat, 7 Jan 2006 20:17:45 +0000 (GMT) (envelope-from sandy@krvarr.bc.ca) Received: from szamoca.krvarr.bc.ca (szamoca.krvarr.bc.ca [142.179.111.232]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1907843D45 for ; Sat, 7 Jan 2006 20:17:42 +0000 (GMT) (envelope-from sandy@krvarr.bc.ca) Received: from szamoca.krvarr.bc.ca (localhost [127.0.0.1]) by szamoca.krvarr.bc.ca (8.13.1/8.12.11) with ESMTP id k07KGKRw020107; Sat, 7 Jan 2006 12:16:20 -0800 (PST) (envelope-from sandy@szamoca.krvarr.bc.ca) Received: (from sandy@localhost) by szamoca.krvarr.bc.ca (8.13.1/8.12.11/Submit) id k07KGHwp020104; Sat, 7 Jan 2006 12:16:17 -0800 (PST) (envelope-from sandy) From: Sandy Rutherford MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <17344.8362.264379.177151@szamoca.krvarr.bc.ca> Date: Sat, 7 Jan 2006 12:12:26 -0800 To: Matthew Seaman In-Reply-To: <43B26213.5060504@infracaninophile.co.uk> References: <200512280736.jBS7aLRH079056@darkstar.thelakecity.com.pk> <43B26213.5060504@infracaninophile.co.uk> X-Mailer: VM 7.19 under Emacs 21.3.1 X-krvarr.bc.ca-MailScanner-Information: Please contact postmaster@krvarr.bc.ca for more information. X-krvarr.bc.ca-MailScanner: Not scanned: please contact postmaster@krvarr.bc.ca for details. X-krvarr.bc.ca-MailScanner-From: sandy@szamoca.krvarr.bc.ca Cc: freebsd-questions@freebsd.org, Imran Imtiaz Subject: Re: ftp nologin problem X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Jan 2006 20:17:45 -0000 >>>>> On Wed, 28 Dec 2005 09:59:47 +0000, >>>>> Matthew Seaman said: > Imran Imtiaz wrote: >> I am running ProFTPD 1.2.10 on my bsd server but the problem is that if a user don't have a shell and I've defined his shell as nologin then the ftp server does not logon and give the following error >> C:\Documents and Settings\Asif>ftp 192.168.0.3 >> Connected to 192.168.0.3. >> 220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [192.168.0.3] >> User (192.168.0.3:(none)): db.backup >> 331 Password required for db.backup. >> Password: >> 530 Login incorrect. >> Login failed. ftp> >> >> tell me how can I correct this problem cause I don't want to give user a shell. > Yes -- in order for a user to log in successfully via FTP they need: > ... > If you're trying to setup a highly secure mechanism for copying files over > the net for backup, then I'd counsel against using FTP at all -- it's one of > those archaic 'dawn of the internet' type protocols that does nasty things > like transmitting passwords over networks in plain text. Two much better > alternatives are: FTP is actually a very well designed protocol. Jon Postel was no idiot. It is highly reliable and the RFC 959 return codes make it ideal for unattended file transfers. You are right about its security problems. However, ProFTPD, the server that he is using, supports SSL/TLS, which does not transmit passwords in clear text. To talk to ProFTPD using SSL/TLS, you will need to use OpenBSD's ftp-tls client, which is in the ports. Sandy