g711 DD-WRT Novice
Joined: 20 Feb 2018 Posts: 7
|
Posted: Wed Feb 21, 2018 20:17 Post subject: ProFTPD NAS option not allowing logins |
|
Hi all,
I am attempting to set up FTP sharing to a USB drive attached to my router and mounted as /opt (which works fine). I want to use the simple username/passsword list option instead of a radius server to allow multiple different users to log in to different access points, but so far I have not been able to get it to work. Under the NAS tab I enabled ProFTPD, left the server port at 21, disabled anonymous, and set authentication to "use password list". I then made a new share on /opt with subdir /backup and name backup. (I've tried flipping the 'public' switch on and off). I then added a new user called 'testuser' with password 'password' and gave it access to the 'backup' share and checked the 'ftp' option. The resulting proftpd.conf looks like:
Code: | ServerName DD-WRT
DefaultAddress 10.100.100.1
ServerType standalone
DefaultServer on
ScoreboardFile /tmp/proftpd/etc/proftpd.scoreboard
Port 21
Umask 022
MaxInstances 10
MaxLoginAttempts 3
User root
Group root
UseReverseDNS off
IdentLookups off
RootLogin on
AllowOverwrite on
AllowRetrieveRestart on
AllowStoreRestart on
<Limit WRITE>
DenyAll
</Limit>
<Limit SITE_CHMOD>
DenyAll
</Limit>
DelayEngine off
WtmpLog off
DefaultRoot ~
<Directory "~/backup">
<Limit WRITE>
AllowAll
</Limit>
</Directory>
AuthUserFile /tmp/proftpd/etc/passwd
|
It also makes a fakey /etc/passwd file that looks like:
Code: | root@r8000:/etc# cat /tmp/proftpd/etc/passwd
testuser:$1$LB.idcJ9$xkvL1VOX0MzPu7BvaktsS1:0:0:Ftp User,,,:/tmp/proftpd/users/testuser:/bin/sh
|
However, when I attempt to log in (using ncftp from a linux box), I'm always met with "login incorrect":
Code: | me@my-w550s:~$ ncftp 10.111.1.1 -utestuser -ppassword
NcFTP 3.2.5 (Feb 02, 2011) by Mike Gleason (http://www.NcFTP.com/contact/).
Connecting to 10.100.100.1...
ProFTPD Server (DD-WRT) [10.100.100.1]
Login incorrect.
Sleeping 20 seconds...
|
I've attempted to reach 10.100.100.1, 10.100.100.1/backup, 10.100.100.1/opt/backup but it's always the same error. However, if I enable anonymous logins, I'm able to reach it, so I imagine the problem has something either to do with my user setup or the specific URI for the share?
Any advice would be appreciated!
Description: |
|
Filesize: |
56.5 KB |
Viewed: |
3401 Time(s) |
|
|
|
g711 DD-WRT Novice
Joined: 20 Feb 2018 Posts: 7
|
Posted: Thu Feb 22, 2018 4:35 Post subject: |
|
As a bit of an update, I found that if I manually edited /tmp/proftpd/etc/proftpd.conf and changed the auto-generated
RootLogin on
to
RootLogin off
I was then able to log in. So apparently even though I'm using the user/password list, it thinks all users are root users (which may or may not be correct, I have no idea).
Unfortunately I don't know how to make that change persist across reboots yet -- and of course the proper thing to do would be to figure out how to make those NAS users not appear to be root users to proftpd in the first place.
|
|