How can I replicate this tricky password hashing scheme with ProFTPD authentication?

Question

I have an installation of ProFTPd and I'm trying to link authentication to that of a remote database. I have everything configured correctly except for the password hashing. The password hashes are constructed by prepending the text md5 in front of the result of the md5 hash of the password concatenated with the username. So in SQL we can replicate an example of this hashing scheme:

SELECT 'md5' || MD5('stimpy' || 'ren')

gives

md5995dab9d6bdcd572f6b4caaf5399417f

That's pretty easy. What's not been easy thus far is to replicate this hashing in the proftpd.conf file using the options available in mod_sql and mod_sql_passwd

I'm at the point now where I'm digging through the source code to see if I can implement something that way. I'm hoping someone has a better idea!

Bad idea! Don't re-invent the wheel! There is already crypto libs that does this job. — F. Hauri - Give Up GitHub, Jul 17 '13 at 20:08

score 0 · Answer 1 · answered Jul 17 '13 at 20:26

0

You can use LDAP or Radius to authenticate 1 or 100 machines, and it'll make administration a hell of a lot easier.

Link to ProFTPD's MOD_LDAP module

Link to ProFTPD's MOD_RADIUS module

answered Jul 17 '13 at 20:26

Satanicpuppy

5,946
1
17
18

score 0 · Answer 2 · answered Jul 17 '13 at 20:53

After some really deep digging, I see that I'll probably need to code my own SQLAuthType, but it won't be so bad since there are provisions within the program for adding on custom authentication schemes, which means I won't have to modify the codebase (whew!):

http://bugs.proftpd.org/show_bug.cgi?id=2368

How can I replicate this tricky password hashing scheme with ProFTPD authentication?

2 Answers2