Proftpd setup

Dear all
I've read (not well enough I fear) the http://www.proftp.org docs +
did some google and could not find the answer so as a last resort I
come here to post my questions...


when I log in as anoymous and enter some email adress as password, I
get :

530-Unable to set anonymous privileges.
530 Login incorrect.

but I have a /home/ftp dir owner and group is ftp
and my proftpd.conf is :
tried <Anonymous ~ftp> as well
<Anonymous /home/ftp>
User ftp
Group ftp

# We want clients to be able to login with "anonymous" as well as
"ftp"
UserAlias anonymous ftp

# Limit the maximum number of anonymous logins
MaxClients 10
RequireValidShell no

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>

So where is my mistake ?

Second question :
I tried to chroot my users by writing the following directive :

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~


but if I log with my user's account and cd /
I go up to the root and can even go in the subdirs (I did not try to
upload files there since I am scared enough to be able to go in the
filesystem that far )

One last question :
When I connect then give my password -> ok
I issue a "DIR" command -> it is really long but the logs show
nothing.
Configured my iptables to allow 20 and 21 ports in of course
-> I've in some Ng that it is normal but hell, When I log in any other
ftp it isn't that long
any ideas ?

My Box is RedHat 9.0
Ftp server is proftpd 1.2.9

Many thx for the one who can help me setup my ftp server

On Mon, 17 Nov 2003 07:25:13 -0800, acey wrote:

> when I log in as anoymous and enter some email adress as password, I
> get :
>
> 530-Unable to set anonymous privileges.
> 530 Login incorrect.

Did you remove 'ftp' from the file /etc/ftpusers ?

Jim wrote:
> On Mon, 17 Nov 2003 07:25:13 -0800, acey wrote:
>
>
>>when I log in as anoymous and enter some email adress as password, I
>>get :
>>
>>530-Unable to set anonymous privileges.
>>530 Login incorrect.
>
>
> Did you remove 'ftp' from the file /etc/ftpusers ?
>
Didn't had to since it wasn't there ...

Am Mon, 17 Nov 2003 07:25:13 -0800 schrieb acey:

> Dear all
> I've read (not well enough I fear) the http://www.proftp.org docs +
> did some google and could not find the answer so as a last resort I
> come here to post my questions...
>
>
> when I log in as anoymous and enter some email adress as password, I
> get :
>
> 530-Unable to set anonymous privileges.
> 530 Login incorrect.
>
> but I have a /home/ftp dir owner and group is ftp
> and my proftpd.conf is :
> tried <Anonymous ~ftp> as well
> <Anonymous /home/ftp>
> User ftp
> Group ftp
>
> # We want clients to be able to login with "anonymous" as well as
> "ftp"
> UserAlias anonymous ftp
>
> # Limit the maximum number of anonymous logins
> MaxClients 10
> RequireValidShell no
>
> # We want 'welcome.msg' displayed at login, and '.message' displayed
> # in each newly chdired directory.
> DisplayLogin welcome.msg
> DisplayFirstChdir .message
>
> # Limit WRITE everywhere in the anonymous chroot
> <Limit WRITE>
> DenyAll
> </Limit>
> </Anonymous>
>
> So where is my mistake ?
>
> Second question :
> I tried to chroot my users by writing the following directive :
>
> # To cause every FTP user to be "jailed" (chrooted) into their home
> # directory, uncomment this line.
> DefaultRoot ~
>
>
> but if I log with my user's account and cd /
> I go up to the root and can even go in the subdirs (I did not try to
> upload files there since I am scared enough to be able to go in the
> filesystem that far )
>
> One last question :
> When I connect then give my password -> ok
> I issue a "DIR" command -> it is really long but the logs show
> nothing.
> Configured my iptables to allow 20 and 21 ports in of course
> -> I've in some Ng that it is normal but hell, When I log in any other
> ftp it isn't that long
> any ideas ?
>
> My Box is RedHat 9.0
> Ftp server is proftpd 1.2.9
>
> Many thx for the one who can help me setup my ftp server

Is there a "<LIMIT Login>" Section in Your proftpd.conf ??
If so, make sure ftp is granted access there.

also, if You want anonymous access, You should add

AuthUsingAlias On
AnonRequiePassword Off

to Your <Anonymous> Section.


Hope it helps

alex