Date: Thu, 3 Jun 2004 10:21:54 +0200 From: Geert Hendrickx <geert.hendrickx@ua.ac.be> To: Noah <admin2@enabled.com> Cc: freebsd-questions@freebsd.org Subject: Re: pure-ftpd with SFTP and PureDB Authentication (fwd) Message-ID: <20040603082154.GA3099@lori.mine.nu> In-Reply-To: <20040602213746.M25352@enabled.com> References: <Pine.LNX.4.33.0405291449030.29026-100000@alpaca.sniff.com> <20040529213942.M22256@enabled.com> <20040529232528.GA16140@lori.mine.nu> <20040602213746.M25352@enabled.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 02, 2004 at 01:42:57PM -0800, Noah wrote: > On Sun, 30 May 2004 01:25:28 +0200, Geert Hendrickx wrote > > On Sat, May 29, 2004 at 01:40:06PM -0800, Noah wrote: > > > > > > > > > FreeBSD 4.9-STABLE > > > pure-ftpd version 1.0.18 > > > > > > I am unable to login via SFTP using accounts that exist in the PureDB. > > > The password is denied according to the client and there are no log > > > messages collected in the server's log files. > > > > > > When I set the server's TLS option to disable SSL/TLS encryption layer > > > ( TLS 0 ) - I am able to log in with clear text passwords to accounts > > > located in the PureDB. > > > > > > I have PureDB authentication method uncommented in the pure-ftpd.conf > > > configuration file - attached below. > > > > > > so what am I doing wrong. how can I have SSL/TLS forced logins and allow > > > those with PureDB accounts to get authenticated please? > > > > > > cheers, > > > > > > noah > > > > sftp connects to sshd, not ftpd. So use ssh-login/pw for encrypted > > logins and sessions. > > > > > Okay thanks for letting me know. I am trying to allow only secure FTP logins > but dont want general accounts for each user. it would be nice to have > accounts that only have FTP access and access to specific directories. can > you suggest a way that I can do this while still only allowing SFTP connections? > > cheers, > > Noah > > > > GH SFTP is for giving secure-ftp-access to users who also have secure- shell-access (SSH), so I don't think it's appropriate for your case. FTP-logins can be totally separated from shell-logins (with a separate passwords-database or even virtual users on some ftp-servers), so I think you better go on with your FTP-configuration, but then use a SSL- aware FTP-client to make secured connections to your server, not SFTP. GH
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040603082154.GA3099>