1

I am trying to configure proftpd 1.3.5b. What I would like to achieve is simple: only one VirtualHost, users will log in based on AuthUserFile and not based on /etc/passwd.

The problem is that all the authentication related configuration inside a VirtualHost is being ignored (although the VirtualHost is being loaded successfully).

Here is my config:

<VirtualHost 10.11.12.162>
......
        DefaultRoot             /disk/ftp/
        AuthOrder mod_auth_file.c
        AuthUserFile                    /etc/proftpd/misc/ftp.users
        AuthGroupFile                   /etc/proftpd/misc/ftp.group
....
</VirtualHost>

Users can successfully login based on /etc/passwd and ftp.users is being ignored. DefaultRoot is also ignored.

If I place everything in proftpd.conf, outside the virtualhost, is working. According to documentation, AuthOrder & AuthUserFile is supported inside VirtualHost directive: http://www.proftpd.org/docs/directives/linked/config_ref_AuthUserFile.html

Any idea what is causing this problem? Best Regards

amprantino
  • 121
  • 6
  • What IP address/DNS name are your clients using to connect to your FTP server? – Castaglia Dec 10 '18 at 17:42
  • They are using a hostname, ftp.mydomain.com, that resolves to IP 10.11.12.162 – amprantino Dec 10 '18 at 21:54
  • Hmm. What happens if you use `SocketBindTight on`? The behavior you describe usually happens when the client connects to an IP/port different from your ``, _or_ when the default "server config" server is already listening on that IP/port. – Castaglia Dec 11 '18 at 22:08
  • Yes, probably this is the case. is totally ignored. Even ServerName is displayed from the proftpd.conf instead of the VirtualHost! – amprantino Dec 12 '18 at 13:14
  • proftpd is behind a NAT. The public IP is resolving to a DNS name and receiving connections from public IPs. is not working. And ServerAlias is not implemented: fatal: ServerAlias: not yet implemented – amprantino Dec 12 '18 at 13:21

1 Answers1

0

Reviving this necro post to mention that we had the same issue when we tried to do the exact same thing.

Adding AuthPAM off inside the VirtualHost fixed our problem.