[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FTP system using PAM



You should have read more documentation, but I'm not doing anything right
now and I'm in a pretty good mood. :)

> Here's the short version of what I'm trying to do:
> setup a secure (encrypted) ftp system that will allow clients to access
> their sites (some directory) but not allow any other system access.

IMHO, using wu on a "secure" ftp system is a contradiction in terms :)  I
don't want to start a holy war, but vsftpd is doing very nicely.  It even
supports pam (in fact, that is what is recommended).


> 1.  How do I setup the two stage authentication in the
> /etc/pam.d/wu-ftpd file?  It would have to be an either-or operation.
> Either they are in /etc/passwd or they are in /etc/ftppasswd (but not
> both), but only fail if they aren't in either.

auth sufficient /lib/security/pam_bleh_for_ftppasswd.so
auth required /lib/security/pam_unix.so

With this it will try the ftppasswd file and if it works authenticate the
user, but if it doesn't it will try pam_unix.  If both fail the user is
denyed.

> 2.  Using pam_pwdfile, how do I create a file with the format
> username:enc_password?  Every adduser utility I've found only puts the
> usernames/passwords in /etc/passwd.

Don't know any way of doing this easily at the moment.  You obviously need
an "adduser utilitity" that uses pam, not sure if one exists.

> 3.  What user would WU-FTPD run under?

Like I said, don't use wu if security is a concern.  As far as the
uid/gid/permissions go, I didn't quite follow what you were saying.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []