[vox-tech] Re: vox-tech digest, Vol 1 #630 - 12 msgs

[Thomas Wieglenda]

> Yeah, don't waste any more time configuring/learning Wu-Ftpd.  If at all
> possible, you should be using scp or sftp.  If you *must* run an ftpd,
> don't use wu-ftpd.  It has a history of nasties (exploits) and many
> knowledgeable people seem to think there are more waiting.
> Read this:
> http://linuxmafia.com/pub/linux/security/ftp-daemons
>
> I'm not sure if Rick keeps it up to date, but at one time it was a nice
> appraisal of the various ftpd's.
>
> To try and answer your question:
> 1) Do you need to tell ftpd to re-read its config files?  The easiest
>    way is to restart the service.
> 2) Check the log files.
> 3) You should be getting a generic login failure which should not give
>    you enough info to determine whether the "password is wrong" or the
>    "user is wrong" (that would let bad people guess valid usernames)
>    So, rather than a bad password, your failed login probably indicates
>    that ftpd does not know about your new user.  Does your new user need
>    a valid shell?  Is her shell listed in /etc/shells?
>
> I probably should have waited for someone with more wu-ftpd experience
> to answer, but I'm avoiding work. :)
>
> -troy
>
>


Well, you're right, I am getting a generic login error.  You see the problem
in using another service is that I need a FTP service that will allow
multiple guest account logins and that will Chroot each guest user into
his/her directory. So far the only FTP service that I've found that will do
this properly is WU-FTPD.  VSFTPD does allow virtual users but it sticks
them all into one directory, which isn't what I want.  I don't know if
ProFTPD works very well, because each time I've used it, it's been a bad
experience.

I have do have the proper shell listed in the /etc/shells file also and of
course I've started WU-FTPD many times :)

Thomas